Lucene search
K

4 matches found

Cvelist
Cvelist
added 2026/04/02 3:0 p.m.25 views

CVE-2026-5346 huimeicloud hm_editor image-to-base64 Endpoint mcp-server.js client.get server-side request forgery

A vulnerability was determined in huimeicloud hmeditor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attac...

7.5CVSS0.00278EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/02 3:0 p.m.6 views

CVE-2026-5346

A vulnerability was determined in huimeicloud hmeditor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attac...

7.5CVSS6.7AI score0.00278EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/02 3:0 p.m.9 views

CVE-2026-5346

The CVE-2026-5346 entry affects huimeicloud hm_editor version up to 2.2.3. The vulnerability is in the image-to-base64 Endpoint, specifically the file src/mcp-server.js, in the function client.get. By manipulating the url argument, an attacker can trigger a server-side request forgery remotely. P...

7.5CVSS6.7AI score0.00278EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.6 views

PT-2026-29787

A vulnerability was determined in huimeicloud hm editor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the atta...

7.5CVSS6.7AI score0.00278EPSS
Exploits0References5
Rows per page
Query Builder