Lucene search
+L

119 matches found

EUVD
EUVD
added 2026/07/04 11:30 a.m.8 views

EUVD-2026-41664

A security flaw has been discovered in NousResearch hermes-agent up to 0.15.2. The affected element is the function shell.exec of the file tuigateway/server.py. The manipulation results in protection mechanism failure. It is possible to launch the attack remotely. The exploit has been released to...

6.5CVSS6.2AI score0.00224EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/30 12:41 p.m.7 views

EUVD-2026-40307

Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a Gateway SSL VPN, ICA Proxy, CVPN, RDP Proxy or AAA virtual server...

8.8CVSS5.8AI score0.00486EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.34 views

PT-2026-49468

Name of the Vulnerable Software and Affected Versions Spring Cloud Gateway versions prior to 3.1.13 Spring Cloud Gateway versions prior to 4.1.13 Spring Cloud Gateway versions prior to 4.2.9 Spring Cloud Gateway versions prior to 4.3.5 Spring Cloud Gateway versions prior to 5.0.2 Description Spri...

8.6CVSS5.8AI score0.00139EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.12 views

CVE-2026-11815

An attacker who intercepts and tampers with traffic between the client application and the API Gateway server could potentially deserialize arbitrary objects. This vulnerability could lead to broken security expectations or remote code execution...

5.3CVSS6AI score0.00317EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/27 9:45 a.m.6 views

EUVD-2026-25812

A vulnerability has been found in NousResearch hermes-agent 0.8.0. Affected by this vulnerability is the function checkauth of the file gateway/platforms/apiserver.py of the component APISERVERKEY Handler. The manipulation leads to improper authentication. The attack can be initiated remotely. Th...

6.3CVSS5.1AI score0.0036EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/04/17 10:32 p.m.19 views

OpenClaw: Gateway HTTP endpoints re-resolve bearer auth after SecretRef rotation

Summary Gateway HTTP and WebSocket handlers captured the resolved bearer-auth configuration when the server started. After a SecretRef rotation, the already-running gateway could continue accepting the old bearer token until restart. Impact A bearer token that should have been revoked by SecretRe...

9.8CVSS5.7AI score0.0054EPSS
Exploits1References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/06 10:57 a.m.4 views

CVE-2026-34952

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and the...

9.1CVSS5.9AI score0.00444EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/03 10:53 p.m.10 views

EUVD-2026-18923

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and the...

9.1CVSS5.9AI score0.00444EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/02/17 9:31 p.m.9 views

OpenClaw log poisoning (indirect prompt injection) via WebSocket headers

Summary In openclaw versions prior to 2026.2.13, OpenClaw logged certain WebSocket request headers including Origin and User-Agent without neutralization or length limits on the "closed before connect" path. If an unauthenticated client can reach the gateway and send crafted header values, those...

5.5AI score
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/15 2:41 p.m.5 views

CVE-2025-34179 NetSupport Manager < 14.12.0001 Unauthenticated SQLi Local File Disclosure

NetSupport Manager 14.12.0001 contains an unauthenticated SQL injection vulnerability in its Connectivity Server/Gateway HTTPS request handling. The server evaluates request URIs using an unsanitized SQLite query against the FileLinks table in gateway.db. By injecting SQL through the LinkName/URI...

8.7CVSS7.5AI score0.00353EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/10/16 3:30 p.m.7 views

ch.nexsol-tech.gateway:sample-gateway (>=0.0.1 <=1.1.0), ch.nexsol-tech.gateway:spring-cloud-gateway-database (>=0.0.1 <=1.1.0) +45 more potentially affected by CVE-2025-41253 via org.springframework.cloud:spring-cloud-gateway-server (>=4.2.0 <=4.2.5)

org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.2.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =15.13-RELEASE, =2.0.0, =1.0.0, =0.11.1, =0.11.1, =1.6.0, =3.4.5, =3.4.6 and more Source cves: CVE-2025-41253 Source advisory: OSV:GHSA-FWXX-WV44-7QFG...

7.5CVSS7.2AI score0.00446EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/16 3:30 p.m.9 views

ch.nexsol-tech.gateway:sample-gateway (>=1.2.0 <=1.3.1), ch.nexsol-tech.gateway:spring-cloud-gateway-database (>=1.2.0 <=1.3.1) +37 more potentially affected by CVE-2025-41253 via org.springframework.cloud:spring-cloud-gateway-server (>=4.3.0 <=4.3.1)

org.springframework.cloud:spring-cloud-gateway-server MAVEN version =4.3.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =3.0.0, =1.8.9, =0.12.1, =0.12.1, =0.12.10, =3.10.0, =3.11.0 and more Source cves: CVE-2025-41253 Source advisory: OSV:GHSA-FWXX-WV44-7QFG...

7.5CVSS7.4AI score0.00446EPSS
Exploits0
Snyk
Snyk
added 2025/10/15 12:0 a.m.4 views

Expression Language Injection

Overview Affected versions of this package are vulnerable to Expression Language Injection in route definitions. An attacker with permission to define routes can expose the server's file structure or other sensitive environment variables by crafting a SpEL expression to access sensitive system...

8.2CVSS6.8AI score0.00446EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2012-4632

Malware in sbrugna...

10CVSS6.4AI score0.03562EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-4631

Malware in sbrugna...

7.8CVSS6.4AI score0.01606EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-6425

Malware in sbrugna...

5CVSS6.4AI score0.02066EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-0829

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00644EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-53192

Malicious code in bioql PyPI...

5.3CVSS5.9AI score0.01033EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-30953

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00337EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-53193

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.01034EPSS
Exploits0References1
Rows per page
Query Builder