Lucene search
+L

320199 matches found

GithubExploit
GithubExploit
added 27 minutes ago3 views

Exploit for Use After Free in Linux Linux_Kernel

CVE-2026-43499 — Galaxy S25 Ultra Port This repository contai...

7.8CVSS6.1AI score0.00125EPSS
Exploits20
OSV
OSV
added 2 hours ago2 views

DEBIAN-CVE-2026-61862

ImageMagick before 7.1.2-26 and 6.9.13-51 contains an information disclosure vulnerability: when a profile is displayed with the identify command and the profile value is not printable, a single byte at the end of the profile can be printed read past the profile boundary. This behavior occurs whe...

2.9CVSS6.1AI score
Exploits0References1
GithubExploit
GithubExploit
added 4 hours ago9 views

POC-RCE-LPE

POC — RCE - LPE to SYSTEM - Local Posture Takeover Cibl...

6.2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 6 hours ago4 views

Unpacking the AsyncAPI npm supply chain compromise and import-time payload delivery

In this article 1. Attack chain overview 2. How the attack started: GitHub Actions pwn request 3. Mitigation and protection guidance 4. Learn more On July 14, 2026, Microsoft Threat Intelligence identified a coordinated supply chain compromise of the @asyncapi npm organization, a widely used set ...

6.3AI score
Exploits0
EUVD
EUVD
added 7 hours ago3 views

EUVD-2026-44846

LiteLLM 1.18.10 contains a remote code execution vulnerability in its MCP server creation functionality. The application allows users to add MCP servers via a JSON configuration specifying arbitrary command and args values. LiteLLM executes these values on the host without validation, enabling...

6.6AI score
Exploits0References4
EUVD
EUVD
added 7 hours ago4 views

EUVD-2026-44845

xszyou Fay 4.3.1 contains a remote code execution vulnerability in its MCP STDIO server management and command execution handling. A remote attacker can access the publicly exposed MCP management interface and configure an MCP STDIO server with attacker-controlled commands and parameters, resulti...

6.6AI score
Exploits0References3
OSV
OSV
added yesterday2 views

GHSA-PR64-JMMF-JP54 ToolHive: SSRF in remote MCP server authentication discovery (host-side, bypasses container isolation)

Security Advisory: SSRF in remote MCP server authentication discovery Severity: High. CWE: CWE-918. Affected: ToolHive through the latest release v0.29.3 and current main HEAD b672d82f, 2026-06-12; re-verified 2026-06-14. FetchResourceMetadata and the discovery clients remain unguarded; no commit...

6.3CVSS6.2AI score
Exploits0References2
Github Security Blog
Github Security Blog
added yesterday4 views

ToolHive: SSRF in remote MCP server authentication discovery (host-side, bypasses container isolation)

Security Advisory: SSRF in remote MCP server authentication discovery Severity: High. CWE: CWE-918. Affected: ToolHive through the latest release v0.29.3 and current main HEAD b672d82f, 2026-06-12; re-verified 2026-06-14. FetchResourceMetadata and the discovery clients remain unguarded; no commit...

6.2AI score
Exploits0References2Affected Software1
OSV
OSV
added yesterday3 views

GHSA-6F5R-5672-72J7 @andrea9293/mcp-documentation-server: Web UI API binds to all interfaces without authentication by default

Summary @andrea9293/mcp-documentation-server v1.13.0 documents that a Web UI starts automatically on port 3080. However, the Web UI/API appears to bind to all network interfaces by default :3080 / 0.0.0.0:3080 instead of localhost-only, and its document-management API endpoints do not require...

8.8CVSS6.3AI score
Exploits0References4
Github Security Blog
Github Security Blog
added yesterday7 views

@andrea9293/mcp-documentation-server: Web UI API binds to all interfaces without authentication by default

Summary @andrea9293/mcp-documentation-server v1.13.0 documents that a Web UI starts automatically on port 3080. However, the Web UI/API appears to bind to all network interfaces by default :3080 / 0.0.0.0:3080 instead of localhost-only, and its document-management API endpoints do not require...

6.3AI score
Exploits0References4Affected Software1
Patchstack
Patchstack
added yesterday5 views

NPM: systeminformation: OS command injection in networkInterfaces() via interfaces(5) source-directive path on Linux

NPM: systeminformation: OS command injection in networkInterfaces via interfaces5 source-directive path on Linux vulnerability discovered by ? in WordPress Npm systeminformation versions = 5.31.6...

6.1AI score
Exploits0References4Affected Software1
OSV
OSV
added yesterday2 views

GHSA-5XPP-75JX-M839 systeminformation: OS command injection in networkInterfaces() via interfaces(5) source-directive path on Linux

Summary On Linux, systeminformation's networkInterfaces is vulnerable to OS command injection through the Debian/Ubuntu interfaces5 source directive. While collecting per-interface DHCP state, the library reads /etc/network/interfaces and, for every source line it encounters, extracts the path...

8.7CVSS6.3AI score
Exploits0References4
Github Security Blog
Github Security Blog
added yesterday7 views

systeminformation: OS command injection in networkInterfaces() via interfaces(5) source-directive path on Linux

Summary On Linux, systeminformation's networkInterfaces is vulnerable to OS command injection through the Debian/Ubuntu interfaces5 source directive. While collecting per-interface DHCP state, the library reads /etc/network/interfaces and, for every source line it encounters, extracts the path...

6.3AI score
Exploits0References4Affected Software1
OSV
OSV
added yesterday2 views

GHSA-GGW3-5987-RX77 Pomerium Pre-Auth Memory Exhaustion via Unbounded zstd Decompression in HPKE Callback

Summary The HPKE V2 URL decode path in pkg/hpke/url.go decompresses attacker-controlled zstd data without any size limit. On Pomerium deployments using the stateless authentication flow Pomerium Zero / hosted authenticate, the proxy's /.pomerium/callback endpoint is reachable without credentials...

7.5CVSS6.1AI score
Exploits0References4
Github Security Blog
Github Security Blog
added yesterday7 views

Pomerium Pre-Auth Memory Exhaustion via Unbounded zstd Decompression in HPKE Callback

Summary The HPKE V2 URL decode path in pkg/hpke/url.go decompresses attacker-controlled zstd data without any size limit. On Pomerium deployments using the stateless authentication flow Pomerium Zero / hosted authenticate, the proxy's /.pomerium/callback endpoint is reachable without credentials...

6.1AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added yesterday7 views

django-haystack: Remote Code Execution via `eval()` in Elasticsearch Result Deserialization

Remote Code Execution via eval in Elasticsearch Result Deserialization Summary The Elasticsearch backend in django-haystack calls eval on raw field values returned from Elasticsearch when a SearchField is declared with an indexfieldname alias that differs from the logical field name. During resul...

6.6AI score
Exploits0References4Affected Software1
OSV
OSV
added yesterday6 views

GHSA-R3HX-X5RH-P9VV django-haystack: Remote Code Execution via `eval()` in Elasticsearch Result Deserialization

Remote Code Execution via eval in Elasticsearch Result Deserialization Summary The Elasticsearch backend in django-haystack calls eval on raw field values returned from Elasticsearch when a SearchField is declared with an indexfieldname alias that differs from the logical field name. During resul...

8.7CVSS6.6AI score
Exploits0References4
NVD
NVD
added yesterday7 views

CVE-2026-55576

MaaAssistantArknights is a one-click tool for daily Arknights tasks. In the current dev-v2 workflow, .github/workflows/release-preparation.yml inlined attacker-controlled github.event.pullrequest.title into a run: shell command during the pullrequest opened, reopened, and readyforreview events, s...

8.8CVSS
Exploits0References2
NVD
NVD
added yesterday5 views

CVE-2026-52891

Wekan is open source kanban built with Meteor. Prior to 9.07, Wekan avatar upload functionality embeds user-supplied filenames into paths later passed to childprocess.exec for MIME-type detection. Because models/avatars.js and models/fileValidation.js used a shell command with the avatar filename...

9.9CVSS0.00257EPSS
Exploits0References3
NVD
NVD
added yesterday6 views

CVE-2026-30618

xszyou Fay 4.3.1 contains a remote code execution vulnerability in its MCP STDIO server management and command execution handling. A remote attacker can access the publicly exposed MCP management interface and configure an MCP STDIO server with attacker-controlled commands and parameters, resulti...

Exploits0References2
Rows per page
Query Builder