CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1342 matches found

CVE-2026-10803

A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digestutils of the file mlflow/data/digestutils.py of the component Dataset Digest Computation. This manipulation causes use of weak hash. It is possible to launch the attack on the local host. The attack is...

3.6CVSS

Exploits0References7

ATTACKERKB•added 4 hours ago•1 views

CVE-2026-10801

A security vulnerability has been detected in modelscope ms-swift up to 4.2.0. This affects the function Template.savepilimage of the file swift/template/base.py of the component PIL Image Cache Key Handler. The manipulation leads to use of weak hash. An attack has to be approached locally. A hig...

3.6CVSS4.9AI score

Exploits0References8Affected Software1

ATTACKERKB•added yesterday•4 views

CVE-2026-10783

A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function saveaudiotocache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is considered to have high...

2.5CVSS5.2AI score

Exploits0References7Affected Software1

Positive Technologies•added yesterday•5 views

PT-2026-46072

A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save audio to cache of the component Audio Cache Key Handler. Performing a manipulation results in use of weak hash. The attack must be initiated from a local position. The attack is considered to have high...

2.5CVSS5.2AI score

Exploits0References8

ATTACKERKB•added 2 days ago•6 views

CVE-2026-10565

A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function gmmstatesecuritymode of the file src/amf/gmm-sm.c of the component NGAP Handover. Performing a manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack...

3.1CVSS5AI score0.00041EPSS

Exploits0References8

CVE•added 3 days ago•15 views

CVE-2026-10300

SGLang 0.5.10.post1 contains a vulnerability in the Inference HTTP Endpoint, specifically in python/sglang/srt/lora/lora_manager.py where manipulation of the lora_path argument can trigger a reachable assertion. The issue is exposed over the network with high attack complexity and no authenticati...

6.3CVSS5.2AI score0.00047EPSS

Exploits0References6

Vulnrichment•added 3 days ago•3 views

CVE-2026-10300 SGLang Inference HTTP Endpoint lora_manager.py assertion

A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/srt/lora/loramanager.py of the component Inference HTTP Endpoint. Such manipulation of the argument lorapath leads to reachable assertion. The attack can be launched...

6.3CVSS5.2AI score0.00047EPSS

Exploits0References6

Cvelist•added 3 days ago•32 views

CVE-2026-10216 unitedbyai droidclaw claim Endpoint pairing.ts excessive authentication

A vulnerability was detected in unitedbyai droidclaw up to 0.5.3. The affected element is an unknown function of the file server/src/routes/pairing.ts of the component claim Endpoint. The manipulation results in improper restriction of excessive authentication attempts. The attack may be launched...

6.3CVSS0.00056EPSS

Exploits0References7

Positive Technologies•added 3 days ago•7 views

PT-2026-45663

A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/srt/lora/lora manager.py of the component Inference HTTP Endpoint. Such manipulation of the argument lora path leads to reachable assertion. The attack can be launched...

6.3CVSS5.2AI score0.00047EPSS

Exploits0References7

Positive Technologies•added 4 days ago•8 views

PT-2026-45172

A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajax forgot password of the file application/controllers/Login.php of the component Forgot Password Endpoint. Th...

6.3CVSS5.1AI score0.00028EPSS

Exploits0References5

RedhatCVE•added 2026/05/27 8:14 p.m.•9 views

CVE-2026-9394

A vulnerability was determined in Besen BS20 EV Charging Station up to 20260426. This impacts an unknown function of the component Bluetooth Low Energy Handler. Executing a manipulation can lead to weak password requirements. The attack needs to be done within the local network. This attack is...

3.1CVSS5.2AI score0.00016EPSS

Exploits0References1

RedhatCVE•added 2026/05/26 8:14 p.m.•12 views

CVE-2026-9396

A security flaw has been discovered in Besen BS20 EV Charging Station up to 20260426. Affected by this vulnerability is an unknown functionality of the component Firmware Version Check. The manipulation results in improper restriction of rendered ui layers. The attack can be executed remotely. A...

6.3CVSS5.1AI score0.00037EPSS

Exploits0References1

RedhatCVE•added 2026/05/26 8:14 p.m.•9 views

CVE-2026-9397

A weakness has been identified in Besen BS20 EV Charging Station up to 20260426. Affected by this issue is some unknown functionality of the component OTA Update Installation Handler. This manipulation causes improper authorization. The attack is possible to be carried out remotely. A high degree...

9.2CVSS6.5AI score0.00053EPSS

Exploits0References1

NVD•added 2026/05/24 9:16 p.m.•8 views

CVE-2026-9397

9.2CVSS0.00053EPSS

Exploits0References4

NVD•added 2026/05/24 9:16 p.m.•11 views

CVE-2026-9396

6.3CVSS0.00037EPSS

Exploits0References4

ATTACKERKB•added 2026/05/24 8:30 p.m.•7 views

CVE-2026-9397