Lucene search
K

148 matches found

EUVD
EUVD
added yesterday7 views

EUVD-2026-43275

A vulnerability was detected in yzhao062 pyod 3.5.0/3.5.1/3.5.2. Affected is the function pyod.utils.persistence.load of the file pyod/utils/persistence.py. Performing a manipulation of the argument path results in deserialization. The attack can be initiated remotely. The pull request to fix thi...

6.5CVSS6.5AI score0.00252EPSS
Exploits0References7
OSV
OSV
added 2026/07/06 1:45 a.m.6 views

CVE-2026-14788 radareorg radare2 cfile.c r_core_bin_load use after free

A security vulnerability has been detected in radareorg radare2 up to 6.1.6. Affected by this vulnerability is the function rcorebinload of the file libr/core/cfile.c. Such manipulation leads to use after free. The attack needs to be performed locally. The exploit has been disclosed publicly and...

4.8CVSS5.1AI score0.00135EPSS
Exploits1References9
OSV
OSV
added 2026/06/26 10:21 p.m.3 views

GHSA-WP3C-266W-4QFQ js-toml vulnerable to CPU exhaustion via O(n^2) BigInt construction on radix-prefixed integer literals

Summary js-toml versions up to and including 1.1.0 parse hexadecimal / octal / binary integer literals via a hand-written parseBigInt loop that multiplies a BigInt accumulator by the radix once per input digit. Each iteration performs a BigInt BigInt operation on an accumulator that grows linearl...

7.5CVSS6AI score0.00415EPSS
Exploits1References5
Snyk
Snyk
added 2026/06/16 2:34 p.m.13 views

Directory Traversal

Overview nltk is a Natural Language Toolkit NLTK is a Python package for natural language processing. Affected versions of this package are vulnerable to Directory Traversal via the nltk.data.load function. An attacker can access arbitrary files on the local filesystem by supplying specially...

8.7CVSS6.5AI score0.00378EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.9 views

CVE-2026-8766

A flaw has been found in Kilo-Org kilocode up to 7.0.47. This issue affects the function Load of the file packages/opencode/src/config/config.ts of the component Environment Variable Handler. Executing a manipulation of the argument KILOCONFIGCONTENT can lead to information disclosure. It is...

6.5CVSS5AI score0.00316EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

ThorVG 代码问题漏洞

ThorVG is a high-performance, lightweight vector graphics engine developed under open source. Versions of ThorVG prior to 1.0.5 contained code vulnerabilities. These vulnerabilities stemmed from null pointer dereferencing in the SvgLoader::run function, which could cause the process to crash for...

4.3CVSS5.4AI score0.00235EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in htmldoc

A buffer under-reading issue based on stacks in the htmldoc before version 1.9.12 allows attackers to cause a denial of service by using a crafted BMP image with the imageloadbmp function...

5.5CVSS5.7AI score0.00871EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/18 2:51 p.m.12 views

CVE-2026-8261

A flaw was found in Squirrel. A local attacker could exploit a heap-based buffer overflow vulnerability, which occurs when a program writes more data to a memory buffer than it can hold. This flaw, specifically affecting the SQFunctionProto::Load function within squirrel/sqobject.cpp, could lead ...

6.1CVSS5.8AI score0.00154EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/05/17 10:15 p.m.13 views

CVE-2026-8766 Kilo-Org kilocode Environment Variable config.ts load information disclosure

A flaw has been found in Kilo-Org kilocode up to 7.0.47. This issue affects the function Load of the file packages/opencode/src/config/config.ts of the component Environment Variable Handler. Executing a manipulation of the argument KILOCONFIGCONTENT can lead to information disclosure. It is...

5.3CVSS5.4AI score0.00316EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/17 12:0 a.m.12 views

Kilo Code 信息泄露漏洞

Kilo Code is an open-source AI coding assistant developed by Kilo Code. Versions of Kilo Code 7.0.47 and earlier contained a vulnerability known as information leakage. This vulnerability stemmed from improper handling of the parameter KILOCONFIGCONTENT in the Load function of the Environment...

6.5CVSS5.8AI score0.00316EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/05/17 12:0 a.m.21 views

PT-2026-41586

Name of the Vulnerable Software and Affected Versions Kilo-Org kilocode versions prior to 7.0.48 Description A flaw in the Environment Variable Handler component allows remote information disclosure. The issue exists within the Load function located in the packages/opencode/src/config/config.ts...

5.3CVSS5.8AI score0.00316EPSS
Exploits1References7
EUVD
EUVD
added 2026/05/11 3:31 a.m.8 views

EUVD-2026-29017

A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. T...

5.9CVSS5.9AI score0.00154EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/05 7:22 p.m.11 views

CVE-2026-34084

PhpSpreadsheet is a library for reading and writing spreadsheet files. In versions 1.30.2 and earlier, 2.0.0 through 2.1.14, 2.2.0 through 2.4.3, 3.3.0 through 3.10.3, and 4.0.0 through 5.5.0, when the filename argument to IOFactory::load is user-controlled, an attacker can supply a PHP stream...

9.2CVSS6.4AI score0.00712EPSS
Exploits1References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/04/04 11:26 p.m.8 views

SUSE CVE-2026-5313

A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and ma...

5.3CVSS5.3AI score0.00286EPSS
Exploits0References3
Snyk
Snyk
added 2026/04/02 4:30 p.m.5 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the nikonloadpaddedpackedraw function of the TIFF/NEF decoder when processing the loadflags or rawwidth arguments. An attacker can cause a denial of service by supplying specially crafted input files that trigger a...

6.9CVSS6.1AI score0.00735EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/02 12:31 a.m.4 views

EUVD-2026-18091

A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and ma...

5.3CVSS5.4AI score0.00286EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/01 9:30 p.m.25 views

CVE-2026-5313 Nothings stb GIF Decoder stb_image.h stbi__gif_load_next denial of service

A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and ma...

5.3CVSS0.00286EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/01 9:30 p.m.2 views

CVE-2026-5313 Nothings stb GIF Decoder stb_image.h stbi__gif_load_next denial of service

A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and ma...

5.3CVSS5.3AI score0.00286EPSS
Exploits0References3
CVE
CVE
added 2026/04/01 5:37 p.m.18 views

CVE-2026-34446

CVE-2026-34446 affects Open Neural Network Exchange (ONNX). The vulnerability is in onnx.load where hardlinks can bypass the path-traversal check, allowing an arbitrary file read. The issue is fixed in ONNX 1.21.0. Impact is described as arbitrary file read with LOCAL attack vector and MEDIUM bas...

5.5CVSS5.8AI score0.00176EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/03/31 2:16 p.m.5 views

CVE-2026-3308

An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an attacker to maliciously craft a PDF that can trigger an integer overflow within the 'pdfloadimageimp' function. This allows a heap out-of-bounds write that could be exploited for arbitrary code executio...

7.8CVSS0.00213EPSS
Exploits0References5
Rows per page
Query Builder