17 matches found
CVE-2026-58168
Vulnerability overview: DeepTutor prior to v1.4.10 contains an authorization bypass in which the allowed_mcp_tools function returns None instead of denying access when mcp_tools is omitted from a userโs grant in deeptutor/multi_user/tool_access.py. This enables low-privilege users, including thos...
EUVD-2026-40375
DeepTutor before version 1.4.10 contains an authorization bypass vulnerability that allows low-privilege users to invoke unrestricted MCP tools due to the allowedmcptools function returning None instead of a denied result when mcptools is omitted from a user's grant in...
ISPB
๐ก๏ธ AI-powered Security Scanner Platform A next-generation...
ChainFuzzer: Greybox Fuzzing for Workflow-Level Multi-Tool Vulnerabilities in LLM Agents
Tool-augmented LLM agents increasingly rely on multi-step, multi-tool workflows to complete real tasks. This design expands the attack surface, because data produced by one tool can be persisted and later reused as input to another tool, enabling exploitable source-to-sink dataflows that only...
A Large Scale Study of AI-Based Binary Function Similarity Detection Techniques for Security Researchers and Practitioners
Binary Function Similarity Detection BFSD is a foundational technique in software security, underpinning a wide range of applications including vulnerability detection, malware analysis. Recent advances in AI-based BFSD tools have led to significant performance improvements. However, existing...
EUVD-2025-9093
Malicious code in bioql PyPI...
CVE-2025-30797
Missing Authorization vulnerability in bigdrop.gr Greek Multi Tool โ Fix peralinks, accents, auto create menus and more greek-multi-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Greek Multi Tool โ Fix peralinks, accents, auto create menus and more...
CVE-2025-30797
Missing Authorization vulnerability in bigdrop.gr Greek Multi Tool โ Fix peralinks, accents, auto create menus and more greek-multi-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Greek Multi Tool โ Fix peralinks, accents, auto create menus and more...
CVE-2025-30797
CVE-2025-30797: Missing Authorization in Greek Multi Tool (WordPress plugin) โ affects Greek Multi Tool โ Ultimate Greek Language Toolkit up to version 2.3.1. Root cause is Incorrectly Configured Access Control, enabling unauthorized actions via network access with no privileges required; CVSS v3...
CVE-2025-30797 WordPress Greek Multi Tool โ Fix peralinks, accents, auto create menus and more plugin <= 2.3.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in bigdrop.gr Greek Multi Tool โ Fix peralinks, accents, auto create menus and more greek-multi-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Greek Multi Tool โ Fix peralinks, accents, auto create menus and more...
CVE-2025-30797 WordPress Greek Multi Tool โ Fix peralinks, accents, auto create menus and more plugin <= 2.3.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in bigdrop.gr Greek Multi Tool โ Fix peralinks, accents, auto create menus and more greek-multi-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Greek Multi Tool โ Fix peralinks, accents, auto create menus and more...
WordPress plugin Greek Multi Tool ๅฎๅ จๆผๆด
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-14048 ยท Unknown ยท Greek Multi Tool
Name of the Vulnerable Software and Affected Versions: Greek Multi Tool โ Fix peralinks, accents, auto create menus and more versions prior to 2.3.1 Description: The issue is related to Missing Authorization, allowing exploitation of incorrectly configured access control security levels...
WordPress Greek Multi Tool plugin <= 2.3.1 - Unauthenticated Stored Cross-Site Scripting vulnerability
Unauthenticated Stored Cross-Site Scripting vulnerability discovered by WordFence in WordPress Plugin Greek Multi Tool โ Fix peralinks, accents, auto create menus and more versions = 2.3.1...
FalconHound - A Blue Team Multi-Tool. It Allows You To Utilize And Enhance The Power Of Blo odHound In A More Automated Fashion
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool. One of the challenging aspects of BloodHound is that it is a snapshot in time...
SOC-Multitool - A Powerful And User-Friendly Browser Extension That Streamlines Investigations For Security Professionals
Introducing SOC Multi-tool, a free and open-source browser extension that makes investigations faster and more efficient. Now available on the Chrome Web Store and compatible with all Chromium-based browsers such as Microsoft Edge, Chrome, Brave, and Opera. Now available on Chrome Web Store!...
GHSA-GFF3-739C-GXFQ Duplicate Advisory: Reflected cross-site scripting issue in Datasette
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xw7c-jx9m-xh5g. This link is maintained to preserve external references. Original Description Datasette is an open source multi-tool for exploring and publishing data. The ?trace=1 debugging feature in Datasette...