Lucene search
+L

191478 matches found

euvd
euvd
added yesterday6 views

EUVD-2026-44795

MCP Python SDK: HTTP transports serve session requests without verifying the authenticated principal...

7.1CVSS6.1AI score0.00251EPSS
Exploits0References7
osv
osv
added yesterday3 views

CGA-5R9W-M4GR-GXC3

Bulletin has no description...

6.1AI score0.00106EPSS
Exploits0
attackerkb
attackerkb
added yesterday6 views

CVE-2026-46336

Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. From 0.96.0 until 0.140.0, authenticated users can rename uploaded files with path traversal sequences because app/models/modelfile.rb uses the user-controlled...

7.1CVSS6.1AI score0.00051EPSS
Exploits0References5Affected Software1
euvd
euvd
added yesterday4 views

EUVD-2026-44968

rz-libdemangle is a Rizin library for demangling symbols. Prior to 6bf56d3, the Rust demangler in src/rust/rustv0.c can perform an out-of-bounds read when the demangler structure is not yet initialized. This issue is fixed in commit 6bf56d3...

5.5CVSS6.1AI score
Exploits0References3
attackerkb
attackerkb
added yesterday5 views

CVE-2026-45612

rz-libdemangle is a Rizin library for demangling symbols. Prior to 6bf56d3, the Rust demangler in src/rust/rustv0.c can perform an out-of-bounds read when the demangler structure is not yet initialized. This issue is fixed in commit 6bf56d3...

5.5CVSS6.1AI score
Exploits0References4
euvd
euvd
added yesterday5 views

EUVD-2026-44967

Image::EPEG versions through 0.15 for Perl embeds an unsupported version of the Epeg library. Image::EPEG includes Epeg 0.9.0 that was last updated in 2004. Epeg is a fast JPEG thumbnail library that was once part of the Englightenment Project...

6.1AI score
Exploits0References3
osv
osv
added yesterday3 views

CGA-M44M-PGC7-Q48C

Bulletin has no description...

6.1AI score
Exploits0
osv
osv
added yesterday9 views

ROOT-OS-DEBIAN-11-CVE-2026-35177 CVE-2026-35177 in rootio-vim - Patched by Root

Root has patched CVE-2026-35177 in the rootio-vim package for Root:Debian:11. Multiple fixed versions available...

7.1CVSS5.4AI score0.00126EPSS
Exploits0
redhat
redhat
added yesterday6 views

golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses

A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak p...

9.1CVSS6.4AI score0.00533EPSS
Exploits0References9
redhat
redhat
added yesterday5 views

github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability

A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability...

9.8CVSS6AI score0.00605EPSS
Exploits0References5
redhat
redhat
added yesterday5 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS6.7AI score0.00292EPSS
Exploits0References8
redhat
redhat
added yesterday6 views

crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

7.5CVSS6.9AI score0.00615EPSS
Exploits0References8
redhat
redhat
added yesterday5 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.1AI score0.00728EPSS
Exploits0References8
osv
osv
added yesterday7 views

ROOT-OS-DEBIAN-12-CVE-2026-33412 CVE-2026-33412 in rootio-vim - Patched by Root

Root has patched CVE-2026-33412 in the rootio-vim package for Root:Debian:12. Multiple fixed versions available...

7.3CVSS6.6AI score0.00834EPSS
Exploits0
osv
osv
added yesterday7 views

ROOT-APP-MAVEN-CVE-2026-40046 CVE-2026-40046 in io.root.org.apache.activemq:activemq-all - Patched by Root

Root has patched CVE-2026-40046 in the io.root.org.apache.activemq:activemq-all package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00375EPSS
Exploits0
osv
osv
added yesterday16 views

ROOT-APP-NPM-CVE-2026-44002 CVE-2026-44002 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-44002 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

5.8CVSS5.8AI score0.00241EPSS
Exploits1
osv
osv
added yesterday2 views

ROOT-APP-NPM-AIKIDO-2026-10843 AIKIDO-2026-10843 in @rootio/vm2 - Patched by Root

Root has patched AIKIDO-2026-10843 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

6.1AI score
Exploits0
osv
osv
added yesterday66 views

ROOT-APP-NPM-CVE-2026-43997 CVE-2026-43997 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-43997 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

10CVSS6AI score0.00976EPSS
Exploits1
osv
osv
added yesterday3 views

ROOT-APP-NPM-AIKIDO-2026-10839 AIKIDO-2026-10839 in @rootio/vm2 - Patched by Root

Root has patched AIKIDO-2026-10839 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

6.1AI score
Exploits0
osv
osv
added yesterday52 views

ROOT-APP-NPM-CVE-2026-44004 CVE-2026-44004 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-44004 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

7.5CVSS5.8AI score0.00424EPSS
Exploits1
Rows per page
Query Builder