Lucene search
+L

2079 matches found

EUVD
EUVD
added yesterday7 views

EUVD-2026-45358

A vulnerability was identified in Sipeed PicoClaw up to 0.2.9. The impacted element is the function ExecTool.executeRun of the file pkg/agent/pipelineexecute.go. The manipulation of the argument cwe leads to time-of-check time-of-use. The attack must be carried out locally. The exploit is publicl...

5.3CVSS5.4AI score0.00091EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-15749 mastergo-design mastergo-magic-mcp mcp__C2d get-c2d.ts execute path traversal

A security flaw has been discovered in mastergo-design mastergo-magic-mcp up to 0.2.0. This issue affects the function execute of the file src/tools/get-c2d.ts of the component mcpC2d. Performing a manipulation of the argument filePath results in path traversal. The attack requires a local...

5.3CVSS0.0014EPSS
Exploits0References6
Microsoft CVE
Microsoft CVE
added 5 days ago6 views

Microsoft Office Remote Code Execution Vulnerability

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

7.8CVSS6.2AI score0.0034EPSS
Exploits0
OSV
OSV
added 5 days ago4 views

CVE-2026-15621 mosaxiv clawlet File Tools fs_ops.go edit_file link following

A vulnerability was detected in mosaxiv clawlet up to 0.2.10. This impacts the function readfile/writefile/editfile of the file tools/fsops.go of the component File Tools. Performing a manipulation results in link following. The attack needs to be approached locally. The reported GitHub issue was...

4.8CVSS5.9AI score0.0014EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 5 days ago4 views

PT-2026-58545

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel affected versions not specified Description A heap-based buffer overflow exists in Microsoft Office Excel, which could allow an unauthorized attacker to execute arbitrary code locally on the system. This occurs when a us...

7.8CVSS6.5AI score0.00303EPSS
Exploits0References4
NVD
NVD
added 6 days ago9 views

CVE-2026-15526

A flaw has been found in augmnt augments-mcp-server 7.1.0. This issue affects the function scanProjectDeps of the file src/tools/v4/scan-project-deps.ts of the component scanprojectdeps. Executing a manipulation of the argument packageJsonPath can lead to path traversal. The attack can only be...

4.8CVSS0.00137EPSS
Exploits0References6
NVD
NVD
added 6 days ago7 views

CVE-2026-15522

A security flaw has been discovered in tugcantopaloglu godot-mcp 2.0.0. Affected by this vulnerability is the function validatePath of the file build/index.js of the component runproject. The manipulation of the argument projectPath results in path traversal. Attacking locally is a requirement. T...

5.3CVSS0.00137EPSS
Exploits0References8
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-15528 lamaalrajih kicad-mcp path_validator.py protection mechanism

A vulnerability was found in lamaalrajih kicad-mcp up to 3.3.1. This issue affects some unknown processing of the file kicadmcp/utils/pathvalidator.py. Performing a manipulation of the argument projectpath/schematicpath results in protection mechanism failure. Attacking locally is a requirement...

4.8CVSS0.00113EPSS
Exploits0References6
OSV
OSV
added 6 days ago5 views

CVE-2026-15521 makafeli n8n-workflow-builder update_node_from_file server.cjs path traversal

A vulnerability was identified in makafeli n8n-workflow-builder up to 0.11.0. Affected is an unknown function of the file build/server.cjs of the component updatenodefromfile. The manipulation of the argument filePath leads to path traversal. An attack has to be approached locally. The exploit is...

4.8CVSS5.6AI score0.00137EPSS
Exploits0References8
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-43256

A security vulnerability has been detected in Tencent PC Manager 18.1.30242.301. This issue affects some unknown processing in the library qmudisk64.sys of the component QMUDisk Driver. The manipulation leads to uncontrolled search path. The attack must be carried out locally. The attack is...

7.3CVSS6.3AI score0.00116EPSS
Exploits0References5
CVE
CVE
added 6 days ago40 views

CVE-2026-15515

The CVE-2026-15515 entry concerns Tencent PC Manager (version 18.1.30242.301) and its QMUDisk Driver component, specifically the qmudisk64.sys library. The vulnerability is described as an uncontrolled search path issue in the QMUDisk Driver, exploitable only via a local attack. The description n...

7.3CVSS6.3AI score0.00116EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/07/11 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-15276

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in pdeljanov Symphonia up to 0.6.0. This vulnerability affects unknown code of the component Metadata Handler. This manipulation causes...

4.8CVSS5.6AI score0.0012EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/08 6:13 a.m.4 views

kernel: eventpoll: fix ep_remove struct eventpoll / struct file UAF

A flaw was found in the Linux kernel's eventpoll mechanism. A Use-After-Free UAF vulnerability, where the system attempts to access memory after it has been freed, can occur during the removal of a file. A local attacker could exploit this race condition to corrupt memory, potentially leading to...

7.8CVSS6.3AI score0.00125EPSS
Exploits3References5
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.6 views

PT-2026-56417

Name of the Vulnerable Software and Affected Versions bentoml OpenLLM version 0.6.30 Description Command injection is possible within the Model Repository Directory Name Handler component. This occurs when the cmd argument is manipulated in the async run command function located in the...

7.8CVSS6.2AI score0.01338EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2026/07/07 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-14789

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in radareorg radare2 up to 6.1.6. Affected by this issue is some unknown functionality of the file libr/bin/format/mdmp/mdmp.c of t...

7.8CVSS6.1AI score0.00153EPSS
Exploits1References2
NVD
NVD
added 2026/07/06 12:16 p.m.9 views

CVE-2025-15667

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS0.00112EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/07/06 11:15 a.m.40 views

CVE-2025-15667 GPAC MP4Box avc_ext.c gf_isom_nalu_sample_rewrite double free

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS0.00112EPSS
Exploits0References8
OSV
OSV
added 2026/07/06 8:16 a.m.2 views

DEBIAN-CVE-2026-14801

A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g80071f700-master. The impacted element is the function txtinprobeduration of the file src/filters/loadtext.c of the component TeXML File Handler. Such manipulation of the argument txmltimescale leads to divide by zero. An attack...

4.8CVSS5.7AI score0.00112EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 1:30 a.m.14 views

CVE-2026-14787

Radare2 (radare2) up to version 6.1.6 is affected. The issue is a vulnerability in the cmd_print function (libr/core/cmd_print.inc) of the PB Print Command Handler that allows an integer overflow when triggered by local input. An attacker with local access could exploit this; public PoC/exploit m...

7.8CVSS5.5AI score0.00136EPSS
Exploits1References7Affected Software1
EUVD
EUVD
added 2026/07/05 3:45 p.m.12 views

EUVD-2026-41771

A security vulnerability has been detected in radareorg radare2 up to 6.1.6. The affected element is the function rstrndup/rstrappend of the file libr/util/str.c. The manipulation leads to integer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be...

4.8CVSS5.2AI score0.00131EPSS
Exploits1References7
Rows per page
Query Builder