2030 matches found
Vtiger CRM v7.2.0 - Directory Listing
Vtiger CRM v7.2.0 contains a directory traversal vulnerability caused by improper access controls in /libraries and /layout directories, letting attackers display hidden files and list directories, exploit requires no authentication. id: CVE-2020-19363 info: name: Vtiger CRM v7.2.0 - Directory...
Langflow < 1.3.0 - Remote Code Execution via validate_code() exec()
Langflow contains a remote code execution caused by inclusion of functionality from untrusted control sphere in the execglobals parameter at the validate endpoint, letting remote attackers execute arbitrary code as root, exploit requires no authentication. id: CVE-2026-0770 info: name: Langflow...
CVE-2024-34268
EQ-3 Eqiva CC-RT-BLE Bluetooth Smart Radiator Thermostat Firmware up to the latest version 1.46 was discovered to allow unsecured bluetooth connections. This vulnerability allows attackers to gain full access to the device without authentication...
CVE-2026-46562 Yamcs: Remote Code Execution via Mission Database algorithm override
Yamcs is a mission control framework. Prior to 5.12.7, the Nashorn ScriptEngine used to evaluate user-supplied JavaScript algorithm text in yamcs-core/src/main/java/org/yamcs/algorithms/ScriptAlgorithmExecutorFactory.java was constructed without a ClassFilter, so a user with the...
CVE-2026-35148
HCL DFXServer is affected by a Missing Access Control vulnerability (CVE-2026-35148). The issue allows certain endpoints to be accessed without authentication in another browser, enabling any network user to invoke APIs without verification of identity or authorization. CVSS v3.1 base score: 6.3 ...
CVE-2024-34268
CVE-2024-34268 affects the EQ-3 Eqiva CC-RT-BLE Bluetooth Smart Radiator Thermostat. The issue is that firmware up to 1.46 allows unsecured Bluetooth connections, enabling attackers to gain full access to the device without authentication. The CVSS v3.1 metrics from the entry indicate: AV Adjacen...
CVE-2024-34268
EQ-3 Eqiva CC-RT-BLE Bluetooth Smart Radiator Thermostat Firmware up to the latest version 1.46 was discovered to allow unsecured bluetooth connections. This vulnerability allows attackers to gain full access to the device without authentication...
@andrea9293/mcp-documentation-server: Web UI API binds to all interfaces without authentication by default
Summary @andrea9293/mcp-documentation-server v1.13.0 documents that a Web UI starts automatically on port 3080. However, the Web UI/API appears to bind to all network interfaces by default :3080 / 0.0.0.0:3080 instead of localhost-only, and its document-management API endpoints do not require...
CVE-2026-61427
PraisonAI before 4.6.78 has an authentication bypass in the MCP HTTP-stream transport: running with --transport http-stream and no API key allows unauthenticated clients to initialize sessions, enumerate tools (tools/list), and invoke tools (tools/call). The dispatcher forwards tool-call argument...
CVE-2026-13230
The CVE-2026-13230 entry concerns TP-Link Kasa EC70 v4 and EC71 v4. The issue lies in the local discovery mechanism, where geolocation-related data can be retrieved without authentication. Affects confidentiality only; no evidence of integrity or availability impact is reported. Exploitation cont...
CVE-2026-13230 Information Disclosure Vulnerability in Local Discovery Response in TP-Link Kasa EC70 and EC71
An information disclosure vulnerability was identified in TP-Link Kasa EC70 v4 and EC71 v4 in the local discovery mechanism, which exposes sensitive geolocation information without requiring authentication. This issue allows an attacker on the same local network to retrieve geolocation-related da...
PT-2026-58866
Name of the Vulnerable Software and Affected Versions TP-Link Kasa EC70 v4 TP-Link Kasa EC71 v4 Description An information disclosure issue exists in the local discovery mechanism. This flaw allows an unauthenticated attacker on the same local network to retrieve sensitive geolocation information...
CVE-2025-56361
A reachable assertion vulnerability exists in the Matter SDK connectedhomeip 1.3 thru 1.4, specifically within the Level Control cluster's server tick logic emberAfLevelControlClusterServerTickCallback. When a MoveToLevel command is executed and followed by a conflicting write to the OperationMod...
EUVD-2026-43603
EIPStackGroup OpENer 2.3.0 commit 76b95cf has an out-of-bounds read issue in Connection Manager handling of ForwardOpen requests when processing short malformed packets. An attacker can send a valid ENIP outer frame carrying a malformed CIP ForwardOpen/LargeForwardOpen request, causing the parser...
CVE-2025-56361
Summary: A reachable assertion vulnerability exists in the Matter SDK (connectedhomeip) 1.3–1.4 within the Level Control cluster server tick logic (emberAfLevelControlClusterServerTickCallback). If a MoveToLevel command is followed by a conflicting write to the OperationMode attribute in the Pump...
SIP Sustainable Irrigation Platform 5.x (nr-url) Blind SSRF
Summary SIP is a free Raspberry Pi based Python program for controlling irrigation systems sprinkler, drip, hydroponic, etc. It uses web technology to provide an intuitive user interface UI in several languages. The UI can be accessed in your favorite browser on desktop, laptop, and mobile device...
CVE-2026-15680
Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit th...
CVE-2026-15680
CVE-2026-15680 affects Lorex 2K Indoor Wi‑Fi Security Camera. The vulnerability is in the sonia binary’s JSON request parsing, where lack of validation of a user‑supplied string used as a format specifier can allow a network‑adjacent attacker to execute arbitrary code with root privileges. Authen...
CVE-2026-15680 Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability
Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit th...
CVE-2026-15685
CVE-2026-15685 affects Ollama, with the vulnerability located in the downloadBlob function where user-supplied data is not properly validated, allowing an out-of-bounds memory access and resulting in a denial-of-service condition. The issue, linked to ZDI-CAN-27277, can be triggered remotely with...