CVE-2026-5037 mxml mxmlIndexNew mxml-index.c index_sort stack-based overflow

A vulnerability was determined in mxml up to 4.0.4. This issue affects the function indexsort of the file mxml-index.c of the component mxmlIndexNew. Executing a manipulation of the argument tempr can lead to stack-based buffer overflow. The attack is restricted to local execution. The exploit ha...

CVE-2026-5037 mxml mxmlIndexNew mxml-index.c index_sort stack-based overflow

A vulnerability was determined in mxml up to 4.0.4. This issue affects the function indexsort of the file mxml-index.c of the component mxmlIndexNew. Executing a manipulation of the argument tempr can lead to stack-based buffer overflow. The attack is restricted to local execution. The exploit ha...

CVE-2026-5023

A vulnerability has been found in DeDeveloper23 codebase-mcp up to 3ec749d237dd8eabbeef48657cf917275792fde6. This vulnerability affects the function getCodebase/getRemoteCodebase/saveCodebase of the file src/tools/codebase.ts of the component RepoMix Command Handler. Such manipulation leads to os...

CVE-2026-5023

CVE-2026-5023 affects the DeDeveloper23 codebase-mcp, specifically the RepoMix Command Handler’s file src/tools/codebase.ts, with functions getCodebase, getRemoteCodebase, and saveCodebase. The underlying issue is a manipulation that enables OS command injection from local access. The description...

CVE-2026-4962

A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by...

CVE-2026-5007

Affects kazuph mcp-docs-rag up to 0.5.0. The vulnerable component is the cloneRepository function in src/index.ts (add_git_repository/add_text_file). The issue is OS command injection, exploitable locally. An exploit is publicly available, and the project was informed via an issue report but has ...

CVE-2018-25222

SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 1052 bytes to overwrite the instruction pointer and execute...

CVE-2026-4993

Wandb OpenUI (up to 0.0.0.0/1.0) is affected by a vulnerability in backend/openui/config.py where manipulation of LITELLM_MASTER_KEY leads to hard-coded credentials. The issue enables a local attacker and the exploit has been disclosed publicly; vendor response was not provided. No further techni...

CVE-2026-1679

The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversized sends overflow eswifi-buf, corrupting kernel memory CWE-120. Exploit requires local code that can call the socket send API; no remote attacker can reach it directly...

PT-2026-28228

HNB Organizer 1.9.18-10 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -rc command-line parameter. Attackers can craft a malicious input string exceeding 108 bytes containing shellcode and a return...

PT-2026-28711

Name of the Vulnerable Software and Affected Versions wandb OpenUI versions up to 0.0.0.0/1.0 Description A security issue exists in wandb OpenUI related to hard-coded credentials. The manipulation of the LITELLM MASTER KEY argument within the file backend/openui/config.py can lead to exposure of...

EUVD-2026-16903

The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversized sends overflow eswifi-buf, corrupting kernel memory CWE-120. Exploit requires local code that can call the socket send API; no remote attacker can reach it directly...

CVE-2026-1679

The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversized sends overflow eswifi-buf, corrupting kernel memory CWE-120. Exploit requires local code that can call the socket send API; no remote attacker can reach it directly...

CVE-2026-1679 net: eswifi socket send payload length not bounded

The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversized sends overflow eswifi-buf, corrupting kernel memory CWE-120. Exploit requires local code that can call the socket send API; no remote attacker can reach it directly...

CVE-2026-1679

The CVE-2026-1679 issue affects the eswifi socket offload driver, where the driver copies user-provided payloads into a fixed-size buffer without validating available space. This can cause a buffer overflow of eswifi->buf when oversized sends occur, leading to kernel memory corruption (CWE-120...

EUVD-2026-16725

A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by...

CVE-2026-4962

CVE-2026-4962 affects UltraVNC up to 1.6.4.0, specifically the library component Service.dll within version.dll, where an attacker can manipulate an uncontrolled search path. The issue enables a local attack with high complexity and is reportedly difficult to exploit, and an exploit has been rele...

PT-2026-28688

A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by...

CVE-2026-3959

A vulnerability was found in 0xKoda WireMCP up to 7f45f8b2b4adeb76be8c6227eefb38533fdd6b1e. Impacted is the function server.tool of the file index.js of the component Tshark CLI Command Handler. The manipulation results in os command injection. The attack needs to be approached locally. The explo...

CVE-2026-4010

A vulnerability was found in ThakeeNathees pocketlang up to cc73ca61b113d48ee130d837a7a8b145e41de5ce. The affected element is the function pkByteBufferAddString. The manipulation of the argument length with the input 4294967290 results in memory corruption. The attack requires a local approach. T...