Lucene search
+L

24 matches found

nvd
nvd
added yesterday6 views

CVE-2026-61613

Cursor is a code editor built for programming with AI. Prior to the Cloud Agent fix on 03/31/2026, browser-enabled Cursor Cloud Agent sessions allowed attacker-controlled web content to connect from inside the agent container to an unauthenticated local agent endpoint, enabling code execution...

7.7CVSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/06/10 8:16 p.m.10 views

CVE-2026-46673 Russh: Unchecked CryptoVec allocation and growth handling is reachable from local agent inputs in current russh releases and from remote SSH traffic in historical pre-0.58.0 releases

Russh is a Rust SSH client & server library. Prior to version 0.60.3, CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths. In current russh releases, local SSH agent peers could still feed attacker-controlled frame lengths into buffer growth...

7.5CVSS5.6AI score0.00263EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/10 8:16 p.m.32 views

CVE-2026-46673 Russh: Unchecked CryptoVec allocation and growth handling is reachable from local agent inputs in current russh releases and from remote SSH traffic in historical pre-0.58.0 releases

Russh is a Rust SSH client & server library. Prior to version 0.60.3, CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths. In current russh releases, local SSH agent peers could still feed attacker-controlled frame lengths into buffer growth...

7.5CVSS0.00263EPSS
Exploits0References1
osv
osv
added 2026/06/10 8:16 p.m.3 views

CVE-2026-46673 Russh: Unchecked CryptoVec allocation and growth handling is reachable from local agent inputs in current russh releases and from remote SSH traffic in historical pre-0.58.0 releases

Russh is a Rust SSH client & server library. Prior to version 0.60.3, CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths. In current russh releases, local SSH agent peers could still feed attacker-controlled frame lengths into buffer growth...

7.5CVSS6.1AI score0.00263EPSS
Exploits0References3
cve
cve
added 2026/06/10 8:16 p.m.24 views

CVE-2026-46673

Summary of the vulnerability (CVE-2026-46673) : In Russh (Rust SSH client/server), CryptoVec allocations and growth were unchecked in vulnerable releases. Prior to 0.60.3, local agent inputs could feed attacker-controlled frame lengths into buffer growth before validation; in historical releases ...

7.5CVSS5.6AI score0.00263EPSS
Exploits0References1
osv
osv
added 2026/05/21 8:49 p.m.10 views

GHSA-G9F8-WQJ9-FJW5 Russh: Unchecked CryptoVec allocation and growth handling is reachable

Title Unchecked CryptoVec allocation and growth handling was reachable from local agent inputs in current russh releases and from remote SSH traffic in historical pre-0.58.0 releases Summary CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths...

7.5CVSS5.9AI score0.00263EPSS
Exploits0References5
github
github
added 2026/05/21 8:49 p.m.19 views

Russh: Unchecked CryptoVec allocation and growth handling is reachable

Title Unchecked CryptoVec allocation and growth handling was reachable from local agent inputs in current russh releases and from remote SSH traffic in historical pre-0.58.0 releases Summary CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths...

7.5CVSS5.9AI score0.00263EPSS
Exploits0References5Affected Software2
attackerkb
attackerkb
added 2026/05/11 4:46 p.m.15 views

CVE-2026-44998

OpenClaw before 2026.4.20 contains a tool policy bypass vulnerability allowing bundled MCP and LSP tools to circumvent configured tool restrictions. Attackers with local agent access can append restricted tools to the effective tool set after policy filtering, bypassing profile policies, allow/de...

5.4CVSS5.8AI score0.00706EPSS
Exploits0References4
cve
cve
added 2026/05/11 4:46 p.m.21 views

CVE-2026-44998

OpenClaw prior to version 2026.4.20 contains a tool policy bypass vulnerability in which bundled MCP and LSP tools can be appended to the effective tool set after policy filtering. This allows attackers with local agent access to bypass profile policies, allow/deny lists, owner-only restrictions,...

5.4CVSS5.8AI score0.00706EPSS
Exploits0References3Affected Software1
osv
osv
added 2026/05/11 4:46 p.m.4 views

CVE-2026-44998 OpenClaw < 2026.4.20 - Tool Policy Bypass via Bundled MCP/LSP Tools

OpenClaw before 2026.4.20 contains a tool policy bypass vulnerability allowing bundled MCP and LSP tools to circumvent configured tool restrictions. Attackers with local agent access can append restricted tools to the effective tool set after policy filtering, bypassing profile policies, allow/de...

2.3CVSS5.9AI score0.00706EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/05/11 12:0 a.m.16 views

PT-2026-39687

OpenClaw before 2026.4.20 contains a tool policy bypass vulnerability allowing bundled MCP and LSP tools to circumvent configured tool restrictions. Attackers with local agent access can append restricted tools to the effective tool set after policy filtering, bypassing profile policies, allow/de...

5.4CVSS5.8AI score0.00706EPSS
Exploits0References4
osv
osv
added 2026/05/04 1:12 p.m.7 views

JLSEC-2026-431 When doing SSH-based transfers using either SCP or SFTP, and asked to do public key...

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent...

3.1CVSS6.4AI score0.00413EPSS
Exploits1References6
redhatcve
redhatcve
added 2026/01/18 11:20 a.m.6 views

CVE-2025-15224

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent...

3.1CVSS6.8AI score0.00413EPSS
Exploits1References1
osv
osv
added 2026/01/07 8:0 a.m.7 views

CURL-CVE-2025-15224 libssh key passphrase bypass without agent set

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent...

3.1CVSS6.8AI score0.00413EPSS
Exploits1
curl
curl
added 2026/01/07 8:0 a.m.9 views

libssh key passphrase bypass without agent set

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent...

3.1CVSS5.8AI score0.00413EPSS
Exploits1References1Affected Software2
nessus
nessus
added 2026/01/07 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-15224

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locall...

3.1CVSS6AI score0.00413EPSS
Exploits1References3
cve
cve
added 2025/11/18 12:0 a.m.12 views

CVE-2025-63408

CVE-2025-63408 affects Local Agent DVR up to version 6.6.1.0. The vulnerability is a directory traversal that enables an unauthenticated local attacker to: (1) access sensitive information, (2) trigger a server-side forgery request (SSRF), and (3) execute operating system commands. The available ...

7.8CVSS6.8AI score0.00353EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2025/11/18 12:0 a.m.8 views

CVE-2025-63408

Local Agent DVR versions thru 6.6.1.0 are vulnerable to directory traversal that allows an unauthenticated local attacker to gain access to sensitive information, cause a server-side forgery request SSRF, or execute OS commands...

0.00353EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2025/11/18 12:0 a.m.4 views

CVE-2025-63408

Local Agent DVR versions thru 6.6.1.0 are vulnerable to directory traversal that allows an unauthenticated local attacker to gain access to sensitive information, cause a server-side forgery request SSRF, or execute OS commands...

6.8AI score0.00353EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2025/11/18 12:0 a.m.5 views

PT-2025-47326

Name of the Vulnerable Software and Affected Versions Local Agent DVR versions through 6.6.1.0 Description Local Agent DVR is affected by a directory traversal issue. An unauthenticated local attacker can exploit this to access sensitive information, conduct a server-side forgery request SSRF, or...

7.8CVSS6.9AI score0.00353EPSS
Exploits1References6
Rows per page
Query Builder