Lucene search
K

12878 matches found

Snyk
Snyk
added 2026/05/31 9:0 p.m.14 views

Malicious Package

Overview @cloudplatform-single-spa/profile is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/31 9:0 p.m.8 views

Malicious Package

Overview @car-loans/close-flow-module is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/05/31 9:0 p.m.9 views

Malicious Package

Overview @cloudplatform-single-spa/billing is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

9.8CVSS5.9AI score
Exploits0References2
EUVD
EUVD
added 2026/05/31 6:45 a.m.12 views

EUVD-2026-33492

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricte...

6.5CVSS6.3AI score0.00206EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/31 6:45 a.m.10 views

CVE-2026-10172 Bdtask Multi-Store Inventory Management System Component Module.php upload unrestricted upload

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricte...

6.5CVSS5.5AI score0.00206EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/31 6:45 a.m.38 views

CVE-2026-10172 Bdtask Multi-Store Inventory Management System Component Module.php upload unrestricted upload

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricte...

6.5CVSS0.00206EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/31 12:31 a.m.12 views

EUVD-2026-33475

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accountsreportsearch of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument dtpToDat...

5.8CVSS5.7AI score0.00206EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/31 12:0 a.m.13 views

PT-2026-45176

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php of the component Component Module. The manipulation of the argument module results in unrestricte...

6.5CVSS5.5AI score0.00206EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/31 12:0 a.m.8 views

Bdtask Multi-Store Inventory Management System 代码问题漏洞

Bdtask Multi-Store Inventory Management System is an inventory management system for multiple stores developed by the Bangladeshi company Bdtask. Version 1.0 of the Bdtask Multi-Store Inventory Management System has code vulnerabilities. These vulnerabilities stem from the parameter module in the...

6.5CVSS6.7AI score0.00206EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/30 11:30 p.m.10 views

CVE-2026-10155 Bdtask Multi-Store Inventory Management System Accounts Report Accounts.php accounts_report_search sql injection

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accountsreportsearch of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument dtpToDat...

5.8CVSS5.6AI score0.00206EPSS
Exploits0References4
CVE
CVE
added 2026/05/30 11:30 p.m.19 views

CVE-2026-10155

The CVE-2026-10155 describes a SQL injection in Bdtask Multi-Store Inventory Management System 1.0, specifically in accounts_report_search (application/modules/accounts/controllers/Accounts.php of Accounts Report Handler). The vulnerability is triggered by manipulating the argument dtpToDate, ena...

5.8CVSS5.7AI score0.00206EPSS
Exploits0References4
Fedora
Fedora
added 2026/05/30 1:8 a.m.18 views

[SECURITY] Fedora 43 Update: docker-compose-5.1.4-1.fc43

Define and run multi-container applications with Docker...

9.8CVSS7.1AI score0.00498EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/30 12:0 a.m.12 views

PT-2026-45141

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accounts report search of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument...

5.8CVSS5.7AI score0.00206EPSS
Exploits0References5
Packet Storm News
Packet Storm News
added 2026/05/30 12:0 a.m.18 views

Quality-Diversity Evolution for Discovering Diverse Vulnerabilities in LLM Safety

Current approaches to LLM adversarial testing suffer from coverage gaps: manual red-teaming does not scale, LLM-as-attacker methods exhibit mode collapse, and gradient-based approaches produce uninterpretable gibberish. We introduce a quality-diversity evolutionary framework that operates at the...

5.8AI score
Exploits0
Github Security Blog
Github Security Blog
added 2026/05/29 10:34 p.m.31 views

praisonai-platform: list_issue_activity returns activity log for any issue regardless of workspace ownership

Summary Type: Insecure Direct Object Reference. The GET /workspaces/workspaceid/issues/issueid/activity endpoint is gated by requireworkspacememberworkspaceid and dispatches to ActivityService.listforissueissueid, which executes SELECT FROM activity WHERE issueid = :issueid with no workspace...

5.8AI score0.00032EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/29 8:13 p.m.12 views

CVE-2026-9091

Casdoor versions 2.362.0 and earlier contain a logic flaw in the social‑login binding flow that allows users to bypass configured MFA requirements. The binding‑rule code path in controllers/auth.go calls HandleLoggedIn directly without invoking checkMfaEnable. Any user authenticating via this pat...

5.3CVSS5.9AI score0.00322EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/29 5:14 p.m.38 views

CVE-2026-44697 Klever-Go MultiDataInterceptor: remote OOM via crafted compressed P2P payload

Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Batch.Decompress data/batch/batch.go allows any peer that participates in a topic served by MultiDataInterceptor to allocate multi-gigabyte heaps on...

8.6CVSS0.0038EPSS
Exploits0References1
NVD
NVD
added 2026/05/29 2:16 p.m.12 views

CVE-2026-45707

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLEMULTITENANT=true, the HTTP transport documents that the target n8n instance is selected per-request from x-n8n-url / x-n8n-key headers. Requests that...

8.1CVSS0.00235EPSS
Exploits0References3
CVE
CVE
added 2026/05/29 1:35 p.m.28 views

CVE-2026-45707

n8n-MCP vulnerability CVE-2026-45707 affects HTTP-mode multi-tenant deployments. Before v2.51.2, when ENABLE_MULTI_TENANT=true, per-request target n8n instance is chosen via x-n8n-url/x-n8n-key headers; omitting or partially omitting these headers caused requests to fall back to the operator’s pr...

8.1CVSS5.9AI score0.00235EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/29 1:35 p.m.11 views

CVE-2026-45707 n8n-MCP: Multi-tenant MCP requests fall back to process-level n8n credentials when tenant headers are absent or incomplete

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLEMULTITENANT=true, the HTTP transport documents that the target n8n instance is selected per-request from x-n8n-url / x-n8n-key headers. Requests that...

8.1CVSS5.9AI score0.00235EPSS
Exploits0References3
Rows per page
Query Builder