Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/04/03 4:59 p.m.4 views

CVE-2026-5346

A vulnerability was determined in huimeicloud hmeditor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attac...

7.5CVSS6.7AI score0.00278EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/02 3:31 p.m.5 views

EUVD-2026-18348

A vulnerability was determined in huimeicloud hmeditor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attac...

7.5CVSS5.5AI score0.00278EPSS
Exploits0References5
NVD
NVD
added 2026/04/02 3:16 p.m.7 views

CVE-2026-5346

A vulnerability was determined in huimeicloud hmeditor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attac...

7.5CVSS0.00278EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/02 3:0 p.m.5 views

CVE-2026-5346

A vulnerability was determined in huimeicloud hmeditor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attac...

7.5CVSS6.7AI score0.00278EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/02 3:0 p.m.24 views

CVE-2026-5346 huimeicloud hm_editor image-to-base64 Endpoint mcp-server.js client.get server-side request forgery

A vulnerability was determined in huimeicloud hmeditor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attac...

7.5CVSS0.00278EPSS
Exploits0References4
CVE
CVE
added 2026/04/02 3:0 p.m.6 views

CVE-2026-5346

The CVE-2026-5346 entry affects huimeicloud hm_editor version up to 2.2.3. The vulnerability is in the image-to-base64 Endpoint, specifically the file src/mcp-server.js, in the function client.get. By manipulating the url argument, an attacker can trigger a server-side request forgery remotely. P...

7.5CVSS6.7AI score0.00278EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.5 views

PT-2026-29787

A vulnerability was determined in huimeicloud hm editor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the atta...

7.5CVSS6.7AI score0.00278EPSS
Exploits0References5
Rows per page
Query Builder