Lucene search
+L

29 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.8 views

CVE-2026-7215

A security flaw has been discovered in egtai gmx-vmd-mcp up to 0.1.0. This issue affects the function launchvmdguitool of the file mcpserver.py of the component VMD Launch Handler. The manipulation of the argument structurefile/trajectoryfile results in command injection. The attack may be launch...

7.5CVSS6.8AI score0.01338EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/28 2:0 a.m.4 views

CVE-2026-7215

A security flaw has been discovered in egtai gmx-vmd-mcp up to 0.1.0. This issue affects the function launchvmdguitool of the file mcpserver.py of the component VMD Launch Handler. The manipulation of the argument structurefile/trajectoryfile results in command injection. The attack may be launch...

7.5CVSS7.1AI score0.01338EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/04/28 2:0 a.m.38 views

CVE-2026-7215 egtai gmx-vmd-mcp VMD Launch mcp_server.py launch_vmd_gui_tool command injection

A security flaw has been discovered in egtai gmx-vmd-mcp up to 0.1.0. This issue affects the function launchvmdguitool of the file mcpserver.py of the component VMD Launch Handler. The manipulation of the argument structurefile/trajectoryfile results in command injection. The attack may be launch...

7.5CVSS0.01338EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.9 views

MCP-GMX-VMD 注入漏洞

MCP-GMX-VMD is an integrated tool for molecular dynamics simulation and visualization developed by EgT’s individual developers. Versions of MCP-GMX-VMD 0.1.0 and earlier contained a injection vulnerability. This vulnerability stemmed from incorrect handling of parameters such as structurefile and...

7.5CVSS7.1AI score0.01338EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in gmx-share (npm)

The package gmx-share was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.5 views

MAL-2025-21613 Malicious code in gmx-synthetics (npm)

The package gmx-synthetics was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-21611 Malicious code in gmx-share (npm)

The package gmx-share was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.5 views

Malicious code in gmx-subgraph (npm)

The package gmx-subgraph was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.7 views

Malicious code in gmx-synthetics (npm)

The package gmx-synthetics was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-21612 Malicious code in gmx-subgraph (npm)

The package gmx-subgraph was found to contain malicious code...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/03 10:42 a.m.61 views

SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof Emails

A new exploitation technique called Simple Mail Transfer Protocol SMTP smuggling can be weaponized by threat actors to send spoofed emails with fake sender addresses while bypassing security measures. "Threat actors could abuse vulnerable SMTP servers worldwide to send malicious emails from...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2023/08/04 12:0 a.m.13 views

No slippage control while minting GLP

Lines of code Vulnerability details Impact glpRewardRouter.mintAndStakeGlpaddressweth, wethAmount, 0, 0; Here, minUSDG = 0 and minGlp = 0 means no slippage checks. This can be sandwitched in certain conditions in which delta between min and max glp price is higher due to following factors: delta...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2022/11/28 12:0 a.m.11 views

Rewards calculation does not consider GMX reward rate fluctuation

Lines of code Vulnerability details Impact The current time based px rewards calculation system is not accurate, and not fair for users. Due to GMX protocol reward rate fluctuation, px users stake and claim at different time could get less or more rewards they deserve. Some users could abuse the...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/11/28 12:0 a.m.5 views

The compound() function is used with a fixed amountOutMinimum value

Lines of code Vulnerability details Impact The compound function helps to swap the gmxBaseReward ether for GMX tokens then the GMX tokens are deposited for pxGMX. In the swap function the amountOutMinimum helps to put the minimum value that is expected for the swap. The fixed amountOutMInimum...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/11/28 12:0 a.m.9 views

First depositor who is a whale account can deny later depositors who are smaller accounts from using AutoPxGmx contract, such as for depositing GMX for apxGMX

Lines of code Vulnerability details Impact A whale account that owns a lot of GMX can call the following PirexGmx.depositGmx function to deposit much GMX for pxGMX. As the first depositor for the AutoPxGmx contract, this account can then call the AutoPxGmx.depositGmx function to deposit 1 wei GMX...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/11/28 12:0 a.m.9 views

Unlimited minting of pxGmx in PirexGmx.sol which may break protocol

Lines of code Vulnerability details Impact Unlimited minting of pxGmx which may break protocol. Proof of Concept A user can call depositGmx on PirexGmx.sol and mint some pxGmx after staking some Gmx via gmxRewardRouterV2.stakeGmxamount and transferring GMX into the contract. // Transfer the...

6.9AI score
Exploits0
Snyk
Snyk
added 2022/09/20 8:12 a.m.2 views

Malicious Package

Overview gmx-arbitrum-referrals-staging is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if...

9.8CVSS7.1AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/06/23 2:39 p.m.40 views

Hakbit Ransomware Attack Uses GuLoader, Malicious Microsoft Excel Attachments

A ransomware campaign, dubbed Hakbit, is targeting mid-level employees across Austria, Switzerland and Germany with malicious Excel attachments delivered via the popular email provider GMX. The spear-phishing based campaign is low volume and so far targeted the pharmaceutical, legal, financial,...

7.1AI score
Exploits0References11
hackapp
hackapp
added 2016/04/01 9:37 a.m.25 views

GMX Mail - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application GMX Mail published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:30 a.m.14 views

GMX MediaCenter - Certificates or keys found, External URLs, Native code usage vulnerabilities

HackApp vulnerability scanner discovered that application GMX MediaCenter published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
Rows per page
Query Builder