14 matches found
EUVD-2026-18798
A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6cc288bb897b35cf2/ca613b736ab787bc926932f59cddc69457185a83. This issue affects the function extractContent of the file src/services/content-extractor.service.ts of the component Model Context Protoc...
CVE-2026-5470
Consolidated details from connected sources confirm CVE-2026-5470 affects mixelpixx Google-Research-MCP; specifically the function extractContent in src/services/content-extractor.service.ts of the Model Context Protocol Handler. The vulnerability is a server-side request forgery (SSRF) caused by...
Google Research MCP Server 代码问题漏洞
The Google Research MCP Server is an AI assistant server developed by mixelpixx for providing web search and content extraction functions. There are code vulnerabilities in the Google Research MCP Server, which stem from improper handling of parameter URLs. These vulnerabilities may lead to...
security-research
Security Research This project hosts security advisories and...
security-research
Security Research This project hosts security advisories and...
Malicious code in @google-research/retvecjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f7a64d316c75e0e53a3a525a50d591725648d0064b5f1d5c622b3c94ef5aaf30 The OpenSSF Package Analysis project identified '@google-research/retvecjs' @ 100.999.99 npm as malicious. It is considered malicious because: -...
MAL-2024-8708 Malicious code in @google-research/retvecjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f7a64d316c75e0e53a3a525a50d591725648d0064b5f1d5c622b3c94ef5aaf30 The OpenSSF Package Analysis project identified '@google-research/retvecjs' @ 100.999.99 npm as malicious. It is considered malicious because: -...
security-research
Security Research This project hosts security advisories and...
Exploit for Out-of-bounds Write in Linux Linux_Kernel
This is a PoC exploit for CVE-2022-0995, a heap out-of-bounds write in the watchqueue Linux kernel component. The exploit targets Ubuntu 21.10 with kernel 5.13.0-37. It uses the same technique described in a Google Security Research writeup for CVE-2021-22555. The exploit is not 100% reliable and...
Another RCE Vulnerability Patched in Microsoft Malware Protection Engine
Google Project Zero continues to scrape away at the ubiquitous Microsoft Malware Protection Engine at the core of many security products embedded in Windows, and it continues to discover new critical vulnerabilities. The latest, another remote code execution flaw, was patched on Friday after it w...
Adobe Flash TextField.text Setter - Use-After-Free
Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=576 There is a use-after-free in the TextField.text setter. If the text the field is set to is an object with toString defined, the toString function can free the field's...
Microsoft Office 2007 OGL.dll DpOutputSpanStretch::OutputSpan Out of Bounds Write Exploit
Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=420&can=1 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and...
Security Questions Not So Secure
The Internet knows a lot about you, including your mother’s maiden name, your favorite food, and what street your first pet grew up on. And, according to some new research from Google, attackers have a good chance of figuring those things out pretty easily, too. The security questions that Google...
Exploits Circulating for Remote Code Execution Flaws in NTP Protocol
Researchers at Google have uncovered several serious vulnerabilities in the Network Time Protocol and experts warn that there are exploits publicly available for some of the bugs. The vulnerabilities are present in all versions of NTP prior to 4.2.8 and include several buffer overflows that are...