CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

97 matches found

ATTACKERKB•added 2026/05/24 9:0 a.m.•7 views

CVE-2026-9369

A security flaw has been discovered in NousResearch hermes-agent 2026.4.23. Affected is the function discoverdashboardplugins of the file hermescli/webserver.py of the component CLI web-dashboard Interface. Performing a manipulation of the argument HERMESENABLEPROJECTPLUGINS results in incorrect...

5.3CVSS5.7AI score0.00019EPSS

Exploits0References4Affected Software1

Snyk•added 2026/04/07 5:10 p.m.•3 views

Incorrect Comparison

Overview Affected versions of this package are vulnerable to Incorrect Comparison in the FunctionCall.Decode function. An attacker can cause a crash on 64-bit machine by sending a null argument in a FunctionCall response from PostgreSQL server since the intermediate int32 cast is absent in Decode...

9.8CVSS5.9AI score0.00022EPSS

Exploits0References3

Snyk•added 2026/04/07 5:10 p.m.•2 views

Incorrect Comparison

Overview github.com/jackc/pgx/v5/pgproto3 is a low-level PostgreSQL database driver Affected versions of this package are vulnerable to Incorrect Comparison in the FunctionCall.Decode function. An attacker can cause a crash on 64-bit machine by sending a null argument in a FunctionCall response...

9.8CVSS5.9AI score0.00022EPSS

Exploits0References3

Github Security Blog•added 2026/04/03 6:31 a.m.•5 views

Roundcube Webmail: Incorrect password comparison in the password plugin

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Incorrect password comparison in the password plugin could lead to type confusion that allows a password change without knowing the old password...

4.2CVSS5.9AI score0.00013EPSS

Exploits0References9Affected Software1

Snyk•added 2026/04/01 10:9 p.m.•3 views

Incorrect Comparison Logic Granularity

Overview ci4-cms-erp/ci4ms is a composer create-project ci4-cms-erp/ci4ms Affected versions of this package are vulnerable to Incorrect Comparison Logic Granularity in the session management process. An attacker can retain full access to protected resources and perform privileged actions by...

8.8CVSS5.9AI score0.00035EPSS

Exploits1References4

Snyk•added 2026/04/01 10:8 p.m.•3 views

Incorrect Comparison Logic Granularity

Overview ci4-cms-erp/ci4ms is a composer create-project ci4-cms-erp/ci4ms Affected versions of this package are vulnerable to Incorrect Comparison Logic Granularity due to improper session invalidation in the account deletion process. An attacker can maintain persistent access to protected...

8.8CVSS5.8AI score0.00035EPSS

Exploits1References4

Snyk•added 2026/04/01 12:3 a.m.•0 views

Incorrect Comparison

Overview parse-server is a version of the Parse backend that can be deployed to any infrastructure that can run Node.js. Affected versions of this package are vulnerable to Incorrect Comparison via the session update process. An attacker can extend the validity of a session indefinitely by sendin...

5.4CVSS5.9AI score0.00035EPSS

Exploits0References2

Snyk•added 2026/02/18 10:44 p.m.•2 views

Incorrect Comparison Logic Granularity

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Comparison Logic Granularity due to the normalizeForHash function. An attacker can cause stale sandbox containers to be reused by modifying the order of primitive values in...

4.8CVSS5.6AI score0.00006EPSS

Exploits0References2

Snyk•added 2025/11/03 5:7 p.m.•3 views

Incorrect Comparison

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Incorrect Comparison via the authenticationapi.php process. An attacker can gain unauthorized access to user accounts by exploiting PHP type juggling in the authentication logic, allowing login...

9.1CVSS7.3AI score0.00098EPSS

Exploits0References3