Lucene search
K

4 matches found

OSV
OSV
added 2026/04/10 8:18 p.m.5 views

GHSA-FW9Q-39R9-C252 LangSmith Client SDKs has Prototype Pollution in langsmith-sdk via Incomplete `__proto__` Guard in Internal lodash `set()`

GHSA-fw9q-39r9-c252: Prototype Pollution via Incomplete Lodash set Guard in langsmith-sdk Severity: Medium CVSS 5.6 Status: Fixed in 0.5.18 --- Summary The LangSmith JavaScript/TypeScript SDK langsmith contains an incomplete prototype pollution fix in its internally vendored lodash set utility. T...

5.6CVSS5.8AI score0.00233EPSS
Exploits1References5
OSV
OSV
added 2026/02/10 7:16 p.m.7 views

AZL-77451 CVE-2026-25506 affecting package munge for versions less than 0.5.18-1

MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged the MUNGE authentication daemon to leak cryptographic key material from process memory. With the leaked key material, the...

7.8CVSS6.2AI score0.00302EPSS
Exploits0References1
OSV
OSV
added 2026/02/10 7:16 p.m.9 views

UBUNTU-CVE-2026-25506

MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged the MUNGE authentication daemon to leak cryptographic key material from process memory. With the leaked key material, the...

7.8CVSS6.2AI score0.00302EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2026/02/10 12:0 a.m.5 views

munge -- CWE-787: Out-of-bounds Write

https://github.com/dun/munge/security/advisories/GHSA-r9cr-jf4v-75gh reports: MUNGE is an authentication service for creating and validating user credentials. From 0.5 to 0.5.17, local attacker can exploit a buffer overflow vulnerability in munged the MUNGE authentication daemon to leak...

7.8CVSS6.1AI score0.00302EPSS
Exploits0References1
Rows per page
Query Builder