22 matches found
CVE-2026-49471
Serena is a powerful MCP toolkit for coding that provides semantic retrieval and editing capabilities. Prior to v1.5.2, Serena's built-in web dashboard exposes an unauthenticated Flask API on a fixed, predictable port, with no authentication, no CSRF protection, and no Host header validation. A D...
CVE-2026-49471
Serena is a powerful MCP toolkit for coding that provides semantic retrieval and editing capabilities. Prior to v1.5.2, Serena's built-in web dashboard exposes an unauthenticated Flask API on a fixed, predictable port, with no authentication, no CSRF protection, and no Host header validation. A D...
EUVD-2026-40354
Vibe-Trading before 0.1.10 contains a path traversal vulnerability that allows attackers to write files outside the intended memory root directory by supplying a malicious memorytype value containing path traversal sequences through the remember tool. Attackers can manipulate the memorytype...
PT-2026-53924
Name of the Vulnerable Software and Affected Versions Vibe-Trading versions prior to 0.1.10 Description A path traversal issue exists in the remember tool, allowing attackers to write arbitrary Markdown files to unintended locations on the filesystem. This is achieved by supplying a malicious...
EUVD-2026-38058
mcp-memory-service: OAuth read-only clients can write and delete memories through MCP tools/call...
[SECURITY] Fedora 43 Update: valkey-8.1.7-1.fc43
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
[SECURITY] Fedora 44 Update: valkey-9.0.4-1.fc44
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
vantix
Vantix Vantix is a Codex-native offensive-security control pl...
K000160730: Microsoft semantic kernel Python SDK vulnerability CVE-2026-26030
Security Advisory Description Semantic Kernel, Microsoft's semantic kernel Python SDK, has a remote code execution vulnerability in versions prior to 1.39.4, specifically within the InMemoryVectorStore filter functionality. The problem has been fixed in version python-1.39.4. Users should upgrade...
CVE-2026-23417
CVE-2026-23417 affects the Linux kernel BPF component where PROBE_MEM32 immediate stores (BPF_ST|BPF_PROBE_MEM32) were not blinded by the JIT constant-blinding path. The root cause is that convert_ctx_accesses() rewrites BPF_ST|BPF_MEM to BPF_ST|BPF_PROBE_MEM32 during verification, but the blindi...
[SECURITY] Fedora 43 Update: valkey-8.1.6-1.fc43
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
ALSA-2026:3507 Important: valkey security update
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
RLSA-2026:3443 Important: valkey security update
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
ALSA-2026:3443 Important: valkey security update
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
NiceGUI 安全漏洞
NiceGUI is an easy-to-use, Python-based UI framework open-sourced by NiceGUI. A security vulnerability exists in NiceGUI versions v2.10.0 through 3.4.1, which originates from an unauthenticated attacker who can exhaust Redis connections, potentially resulting in a service degradation...
[SECURITY] Fedora 43 Update: valkey-8.1.4-2.fc43
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
RLSA-2025:11401 Important: valkey security update
Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...
CVE-2025-57816
Fides is an open-source privacy engineering platform. Prior to version 2.69.1, the Fides Webserver API's built-in IP-based rate limiting is ineffective in environments with CDNs, proxies or load balancers. The system incorrectly applies rate limits based on directly connected infrastructure IPs...
DEBIAN-CVE-2025-38627
In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix UAF of f2fsinodeinfo in f2fsfreedic The decompressioctx may be released asynchronously after I/O completion. If this file is deleted immediately after read, and the kworker of processing postreadwq has not bee...
Redis: Multiple Vulnerabilities
Background Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache and message broker. Description Multiple vulnerabilities have been discovered in Redis. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CV...