Lucene search
K

1440 matches found

NVD
NVD
added 2 days ago6 views

CVE-2026-15605

A security vulnerability has been detected in wandb 0.25.2.dev1. Affected is the function ArtifactManifestEntry.download in the library wandb/sdk/lib/hashutil.py of the component Artifact Integrity Validation. The manipulation leads to use of weak hash. The attack may be initiated remotely. A hig...

3.1CVSS0.00151EPSS
Exploits0References7
CVE
CVE
added 2 days ago12 views

CVE-2026-15605

The vulnerability CVE-2026-15605 affects wandb 0.25.2.dev1, specifically the ArtifactManifestEntry.download path in wandb/sdk/lib/hashutil.py under Artifact Integrity Validation. The issue is described as the use of a weak hash due to manipulating the ArtifactManifestEntry.download, with the atta...

3.1CVSS5.5AI score0.00151EPSS
Exploits0References7
CVE
CVE
added 2 days ago8 views

CVE-2026-15594

CVE-2026-15594 affects waooAI waoowaoo up to 0.4.1, specifically the function stablePublicIdFromStorageKey in the Media Handler’s src/lib/media/hash.ts. The vulnerability arises from manipulating the storageKey, resulting in improper authorization. Reportedly exploitable from remote and requires ...

6.3CVSS5.5AI score0.00298EPSS
Exploits0References6
OSV
OSV
added 2 days ago3 views

CVE-2026-15516 MacCMS Pro Installation Index.php step5 authorization

A vulnerability was detected in MacCMS Pro up to 2022.1000.3005. Impacted is the function step5 of the file application/install/controller/Index.php of the component Installation Module. The manipulation results in authorization bypass. The attack may be launched remotely. The attack requires a...

6.3CVSS5.8AI score0.00274EPSS
Exploits0References8
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-15515 Tencent PC Manager QMUDisk Driver qmudisk64.sys uncontrolled search path

A security vulnerability has been detected in Tencent PC Manager 18.1.30242.301. This issue affects some unknown processing in the library qmudisk64.sys of the component QMUDisk Driver. The manipulation leads to uncontrolled search path. The attack must be carried out locally. The attack is...

7.3CVSS0.00116EPSS
Exploits0References5
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-42725

A security vulnerability has been detected in TOTOLINK A3000RU, A3100R, A950RG, AC1200T10, CP450, CS185RT10 and EX200 up to 20260906. Affected by this issue is some unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. The manipulation leads to least privilege...

7.7CVSS6.3AI score0.00407EPSS
Exploits0References13
Cvelist
Cvelist
added 6 days ago29 views

CVE-2026-15271 TOTOLINK EX200 Web boa.conf least privilege violation

A security vulnerability has been detected in TOTOLINK A3000RU, A3100R, A950RG, AC1200T10, CP450, CS185RT10 and EX200 up to 20260906. Affected by this issue is some unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. The manipulation leads to least privilege...

7.7CVSS0.00407EPSS
Exploits0References12
CVE
CVE
added 6 days ago9 views

CVE-2026-15271

CVE-2026-15271 affects TOTOLINK models A3000RU, A3100R, A950RG, AC1200T10, CP450, CS185R_T10 and EX200. The issue concerns an unspecified functionality in the Web Interface component, specifically the file /etc/boa/boa.conf, where manipulation can lead to a least privilege violation . The attack ...

7.7CVSS6.3AI score0.00407EPSS
Exploits0References12
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-42692

A weakness has been identified in D-link DIR-823G 1.0.2B0520181207. Affected by this vulnerability is an unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. Executing a manipulation can lead to least privilege violation. The attack can be launched remotely. The...

7.7CVSS6.4AI score0.00443EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/05 10:15 a.m.29 views

CVE-2026-14738 exo-explore exo Vision Feature Cache vision.py _image_cache_key weak hash

A security flaw has been discovered in exo-explore exo up to 1.0.71. Affected is the function imagecachekey of the file src/exo/worker/engines/mlx/vision.py of the component Vision Feature Cache. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high...

6.3CVSS0.00208EPSS
Exploits0References7
CVE
CVE
added 2026/07/05 10:15 a.m.14 views

CVE-2026-14738

Technical details are not publicly available in the provided documents; monitor for updates.

6.3CVSS5.2AI score0.00208EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/04 12:31 a.m.11 views

EUVD-2026-41654

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer.filterandaccumulate of the file gateway/streamconsumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case...

3.1CVSS5.1AI score0.00237EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/07/03 9:45 p.m.40 views

CVE-2026-14617 NousResearch hermes-agent Streaming Reasoning Tag Filter stream_consumer.py GatewayStreamConsumer._filter_and_accumulate case sensitivity

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer.filterandaccumulate of the file gateway/streamconsumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case...

3.1CVSS0.00237EPSS
Exploits0References8
OSV
OSV
added 2026/07/03 9:45 p.m.4 views

CVE-2026-14617 NousResearch hermes-agent Streaming Reasoning Tag Filter stream_consumer.py GatewayStreamConsumer._filter_and_accumulate case sensitivity

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer.filterandaccumulate of the file gateway/streamconsumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case...

2.3CVSS5AI score0.00237EPSS
Exploits0References10
CVE
CVE
added 2026/07/03 9:45 p.m.17 views

CVE-2026-14617

CVE-2026-14617 affects NousResearch hermes-agent (up to 2026.4.30). The issue resides in GatewayStreamConsumer._filter_and_accumulate (gateway/stream_consumer.py) within the Streaming Reasoning Tag Filter, where improper handling of case sensitivity is reported as the underlying root cause. The v...

3.1CVSS5.1AI score0.00237EPSS
Exploits0References8
NVD
NVD
added 2026/07/03 9:16 p.m.6 views

CVE-2026-14609

A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This issue affects some unknown processing. The manipulation results in session fixiation. The attack can be executed remotely. The attack requires a high level of complexity. The...

6.3CVSS0.00321EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.11 views

PT-2026-55660

Name of the Vulnerable Software and Affected Versions NousResearch hermes-agent versions prior to 2026.4.31 Description An issue exists in the Streaming Reasoning Tag Filter component within the GatewayStreamConsumer. filter and accumulate function located in the gateway/stream consumer.py file...

3.1CVSS5.8AI score0.00237EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2026/07/01 4:12 a.m.7 views

CVE-2026-13484

A flaw was found in MLflow. This vulnerability, located in the Experiment-scoped Label Schema CRUD API, allows a remote attacker to exploit missing authorization. This could lead to unauthorized access or manipulation of data within the affected component. The attack has a high complexity, making...

8.8CVSS5.8AI score0.00263EPSS
Exploits1References10
NVD
NVD
added 2026/06/29 5:16 p.m.11 views

CVE-2026-13590

A security flaw has been discovered in seladb PcapPlusPlus 25.05. This impacts the function pcpp::ModbusLayer::getLength in the library Packet++/header/ModbusLayer.h of the component Modbus Protocol Handler. The manipulation of the argument length results in heap-based buffer overflow. The attack...

6.3CVSS0.00394EPSS
Exploits0References9
CVE
CVE
added 2026/06/29 4:15 p.m.17 views

CVE-2026-13588

The CVE concerns seladb PcapPlusPlus 25.05, specifically TLS Hello Handler’s pcpp::SSLClientHelloMessage::getHandshakeVersion in Packet++/src/SSLHandshake.cpp. Manipulating handshakeVersion may cause a heap-based buffer overflow, with remote execution possible. Exploitation is described as high c...

6.3CVSS6.1AI score0.0038EPSS
Exploits0References9
Rows per page
Query Builder