CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

CVE-2026-41497

PraisonAI is a multi-agent teams system. Prior to version 4.6.9, the fix for PraisonAI's MCP command handling does not add a command allowlist or argument validation to parsemcpcommand, allowing arbitrary executables like bash, python, or /bin/sh with inline code execution flags to pass through t...

9.8CVSS6AI score0.00104EPSS

Exploits1References1

EUVD•added 2026/05/08 1:23 p.m.•7 views

EUVD-2026-28595

9.8CVSS6.3AI score0.00104EPSS

Exploits1References2

NVD•added 2025/12/19 2:16 a.m.•5 views

CVE-2025-67843

A Server-Side Template Injection SSTI vulnerability in the MDX Rendering Engine in Mintlify Platform before 2025-11-15 allows remote attackers to execute arbitrary code via inline JSX expressions in an MDX file...

9.8CVSS0.00819EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-0966

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00367EPSS

Exploits1References4

OSV•added 2025/05/07 5:6 p.m.•1 views

DRUPAL-CONTRIB-2025-049

The COOKIES module protects users from executing JavaScript code provided by third parties, e.g., to display ads or track user data without consent. The cookies\asset\injector module a sub-module of the COOKiES module also allows inline JavaScript to be included in consent management. However, th...

6.1CVSS6.7AI score0.00182EPSS

Exploits0References1

Github Security Blog•added 2022/02/10 8:19 p.m.•38 views

Cross-site Scripting in markdown-it-highlightjs

This affects the package markdown-it-highlightjs before 3.3.1. It is possible insert malicious JavaScript as a value of lang in the markdown-it-highlightjs Inline code highlighting feature. js const markdownItHighlightjs = require"markdown-it-highlightjs"; const md = require'markdown-it'; const...

6.5CVSS6.2AI score0.00367EPSS

Exploits1References5Affected Software1

OSV•added 2022/02/10 8:19 p.m.•0 views

GHSA-F246-XRRJ-G8J6 Cross-site Scripting in markdown-it-highlightjs

6.1CVSS6.4AI score0.00367EPSS

Exploits1References4

CNVD•added 2020/11/17 12:0 a.m.•2 views

Valeriangalliat Markdown It Highlightjs Cross-Site Scripting Vulnerability

Valeriangalliat Markdown It Highlightjs is Valeriangalliat individual developers of a Js code base for Web page Markdown highlighting . A cross-site scripting vulnerability exists in markdown-it-highlightjs versions prior to 3.3.1, which stems from the ability to insert malicious JavaScript as th...

6.5CVSS6.3AI score0.00367EPSS

Exploits1References1

OSV•added 2020/11/16 12:15 p.m.•16 views

CVE-2020-7773

This affects the package markdown-it-highlightjs before 3.3.1. It is possible insert malicious JavaScript as a value of lang in the markdown-it-highlightjs Inline code highlighting feature. const markdownItHighlightjs = require"markdown-it-highlightjs"; const md = require'markdown-it'; const...

6.1CVSS7.2AI score

Exploits0References3

Cvelist•added 2020/11/16 12:0 p.m.•11 views

CVE-2020-7773 Cross-site Scripting (XSS)

This affects the package markdown-it-highlightjs before 3.3.1. It is possible insert malicious JavaScript as a value of lang in the markdown-it-highlightjs Inline code highlighting feature. const markdownItHighlightjs = require"markdown-it-highlightjs"; const md = require'markdown-it'; const...

6.5CVSS6.5AI score0.00367EPSS

Exploits1References3

Snyk•added 2020/11/16 11:33 a.m.•2 views

Cross-site Scripting (XSS)

Overview markdown-it-highlightjs is a Preset to use highlight.js with markdown-it. Affected versions of this package are vulnerable to Cross-site Scripting XSS. It is possible insert malicious JavaScript as a value of lang in the markdown-it-highlightjs Inline code highlighting feature. const...

6.5CVSS5.3AI score0.00367EPSS

Exploits1References2

CNNVD•added 2020/11/16 12:0 a.m.•3 views

Valeriangalliat Markdown It Highlightjs 跨站脚本漏洞

6.5CVSS6.3AI score0.00367EPSS

Exploits1References4

OSV•added 2017/08/07 9:29 p.m.•1 views

DEBIAN-CVE-2017-12666

ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteINLINEImage in coders/inline.c...

8.8CVSS6.8AI score0.00383EPSS

Exploits0References1

securityvulns•added 2010/10/11 12:0 a.m.•79 views

OverLook Cross-site Scripting Vulnerability

ANATOLIA SECURITY ADVISORY --------------------------- ADVISORY INFO + Title: OverLook Cross-site Scripting + Advisory URL: http://anatoliasecurity.com/Blog/Detay.aspx?bId=2 + Advisory ID: 2010-002 + Version: v5.0 + Date: 06/10/2010 + Impact: Execute Malicious Javascript Codes + CWE-ID: 79 +...

6.7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by