Lucene search
K

151 matches found

EUVD
EUVD
added 2026/05/29 4:58 p.m.12 views

EUVD-2026-33368

The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT characteristics without enforcing pairing authentication or authorization. This allows attackers within BLE range to perform unauthorized control of device functions, including starting/stopping activities,...

8.8CVSS5.8AI score0.0028EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:16 p.m.3 views

CVE-2026-31863

Anytype Heart is the middleware library for Anytype. The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. This vulnerability is fixed in anytype-heart 0.48.4, anytype-cli 0.1.11, and Anytype Desktop 0.54.5...

4.4CVSS5.8AI score0.00107EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/03/25 12:24 a.m.5 views

SUSE CVE-2026-31863

Anytype Heart is the middleware library for Anytype. The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. This vulnerability is fixed in anytype-heart 0.48.4, anytype-cli 0.1.11, and Anytype Desktop 0.54.5...

4.4CVSS5.9AI score0.00107EPSS
Exploits0References3
OSV
OSV
added 2026/03/12 8:57 p.m.6 views

GO-2026-4680 Anytype Heart's gRPC API client challenge verification can be bypassed on localhost in github.com/anyproto/anytype-cli

Anytype Heart's gRPC API client challenge verification can be bypassed on localhost in github.com/anyproto/anytype-cli...

4.4CVSS5.8AI score0.00107EPSS
Exploits0References4
NVD
NVD
added 2026/03/11 6:16 p.m.4 views

CVE-2026-31863

Anytype Heart is the middleware library for Anytype. The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. This vulnerability is fixed in anytype-heart 0.48.4, anytype-cli 0.1.11, and Anytype Desktop 0.54.5...

4.4CVSS0.00107EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/11 5:43 p.m.27 views

CVE-2026-31863 Improper Restriction of Excessive Authentication Attempts in github.com/anyproto/anytype-heart

Anytype Heart is the middleware library for Anytype. The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. This vulnerability is fixed in anytype-heart 0.48.4, anytype-cli 0.1.11, and Anytype Desktop 0.54.5...

3.6CVSS0.00107EPSS
Exploits0References1
OSV
OSV
added 2026/03/11 5:43 p.m.13 views

CVE-2026-31863 Improper Restriction of Excessive Authentication Attempts in github.com/anyproto/anytype-heart

Anytype Heart is the middleware library for Anytype. The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. This vulnerability is fixed in anytype-heart 0.48.4, anytype-cli 0.1.11, and Anytype Desktop 0.54.5...

3.6CVSS5.8AI score0.00107EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/11 5:43 p.m.1 views

CVE-2026-31863 Improper Restriction of Excessive Authentication Attempts in github.com/anyproto/anytype-heart

Anytype Heart is the middleware library for Anytype. The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. This vulnerability is fixed in anytype-heart 0.48.4, anytype-cli 0.1.11, and Anytype Desktop 0.54.5...

3.6CVSS5.8AI score0.00107EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/11 5:43 p.m.3 views

CVE-2026-31863

Anytype Heart is the middleware library for Anytype. The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain access without the 4-digit code. This vulnerability is fixed in anytype-heart 0.48.4, anytype-cli 0.1.11, and Anytype Desktop 0.54.5...

3.6CVSS5.8AI score0.00107EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2026/03/11 5:43 p.m.19 views

CVE-2026-31863

CVE-2026-31863 (Anytype Heart) : The vulnerability affects Anytype Heart, its local gRPC client API, where the challenge-based authentication can be bypassed, permitting access without the 4-digit code. Red Hat and SUSE entries corroborate the issue and reference the same CVE. The flaw arises in ...

4.4CVSS5.8AI score0.00107EPSS
Exploits0References1Affected Software3
EUVD
EUVD
added 2026/03/11 3:33 p.m.4 views

EUVD-2026-11267

Anytype Heart's gRPC API client challenge verification can be bypassed on localhost...

3.6CVSS5.8AI score0.00107EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/11 12:0 a.m.7 views

Anytype Heart 安全漏洞

Anytype Heart is a distributed client middleware library open source by Any Association. Anytype Heart has a security vulnerability, which can be exploited through challenge-based authentication bypassing, potentially allowing unauthorized access...

4.4CVSS7.2AI score0.00107EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.6 views

PT-2026-24757

Name of the Vulnerable Software and Affected Versions Anytype Heart versions prior to 0.48.4 Anytype-CLI versions prior to 0.1.11 Anytype Desktop versions prior to 0.54.5 Description The challenge-based authentication for the local gRPC client API can be bypassed, allowing an attacker to gain...

9.9CVSS7AI score0.22162EPSS
Exploits70References137
RedhatCVE
RedhatCVE
added 2025/12/19 7:33 a.m.3 views

CVE-2025-58928

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Heart heart allows PHP Local File Inclusion.This issue affects Heart: from n/a through = 1.8...

8.1CVSS7.1AI score0.00445EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/18 9:30 a.m.3 views

EUVD-2025-204167

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Heart heart allows PHP Local File Inclusion.This issue affects Heart: from n/a through = 1.8...

8.1CVSS6.6AI score0.00445EPSS
Exploits0References2
OSV
OSV
added 2025/12/18 8:16 a.m.4 views

CVE-2025-58928

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Heart heart allows PHP Local File Inclusion.This issue affects Heart: from n/a through = 1.8...

8.1CVSS5.8AI score0.00445EPSS
Exploits0References1
NVD
NVD
added 2025/12/18 8:16 a.m.4 views

CVE-2025-58928

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Heart heart allows PHP Local File Inclusion.This issue affects Heart: from n/a through = 1.8...

8.1CVSS0.00445EPSS
Exploits0References1
CVE
CVE
added 2025/12/18 7:21 a.m.13 views

CVE-2025-58928

CVE-2025-58928 affects the WordPress Heart theme (versions

8.1CVSS6.7AI score0.00445EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/18 7:21 a.m.3 views

CVE-2025-58928 WordPress Heart theme <= 1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Heart heart allows PHP Local File Inclusion.This issue affects Heart: from n/a through = 1.8...

6.7AI score0.00445EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/18 7:21 a.m.24 views

CVE-2025-58928 WordPress Heart theme <= 1.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Heart heart allows PHP Local File Inclusion.This issue affects Heart: from n/a through = 1.8...

8.1CVSS0.00445EPSS
Exploits0References1
Rows per page
Query Builder