Lucene search
K

11837 matches found

Cvelist
Cvelist
added 4 days ago37 views

CVE-2026-14617 NousResearch hermes-agent Streaming Reasoning Tag Filter stream_consumer.py GatewayStreamConsumer._filter_and_accumulate case sensitivity

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer.filterandaccumulate of the file gateway/streamconsumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case...

3.1CVSS0.00237EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 4 days ago10 views

CVE-2026-14617

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer.filterandaccumulate of the file gateway/streamconsumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case...

3.1CVSS5.1AI score0.00237EPSS
Exploits0References8Affected Software1
CVE
CVE
added 4 days ago13 views

CVE-2026-14617

CVE-2026-14617 affects NousResearch hermes-agent (up to 2026.4.30). The issue resides in GatewayStreamConsumer._filter_and_accumulate (gateway/stream_consumer.py) within the Streaming Reasoning Tag Filter, where improper handling of case sensitivity is reported as the underlying root cause. The v...

3.1CVSS5.1AI score0.00237EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 5 days ago2 views

Linux Distros Unpatched Vulnerability : CVE-2026-35505

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the...

8.7CVSS6.1AI score0.00379EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 6 days ago4 views

PT-2026-54770

Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description Improper output neutralization for logs allows for log injection. An attacker can provide specially crafted input that is written to log files without being properly neutralized. If these log...

8CVSS5.8AI score0.00201EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-53866

Name of the Vulnerable Software and Affected Versions NetScaler ADC affected versions not specified NetScaler Gateway affected versions not specified Description An unauthenticated arbitrary file read issue exists when access to the NSIP NetScaler IP, Cluster Management IP, or SNIP Subnet IP with...

7.5CVSS5.9AI score0.00415EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-53294

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mailbox: mailbox-test: don't free the reused channel The RX channel can be aliased to the TX channel if it has a different MMIO. This special case needs to be...

6AI score0.00177EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-8927

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy authentication state...

9.1CVSS6AI score0.0025EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-52143

Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description An authentication bypass issue exists within the 'viewclient' webpage due to improper validation of user-supplied data. This allows remote attackers to inject arbitrary scripts,...

8.8CVSS7.5AI score0.0067EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-52149

Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description A flaw in the processing of NVBULibraryPort JSON-RPC messages allows remote attackers to execute arbitrary code in the context of NETWORK SERVICE. The issue stems from...

8.8CVSS7.7AI score0.00689EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52144

Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description A flaw in the processing of NVBUDashboard JSON-RPC messages allows remote attackers to execute arbitrary code in the context of NETWORK SERVICE. The issue stems from improper...

8.8CVSS6.3AI score0.00689EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.10 views

PT-2026-52148

Name of the Vulnerable Software and Affected Versions Quest NetVault Backup affected versions not specified Description A flaw in the processing of NVBURemovableMedia JSON-RPC messages allows remote attackers to execute arbitrary code in the context of NETWORK SERVICE. The issue stems from...

8.8CVSS7.7AI score0.00689EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.6 views

PT-2026-51651

Name of the Vulnerable Software and Affected Versions Hubbell Aclara Metrum affected versions not specified Description The Cellular Web Interface contains a flaw where missing authentication allows unauthenticated attackers to manipulate critical device settings and disrupt operations. This issu...

8.7CVSS5.8AI score0.00726EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/17 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-12311

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure, sandbox escape in the Security: Process Sandboxing component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbi...

4.7CVSS6AI score0.00185EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/15 12:0 a.m.8 views

Arista Networks EOS Tunnel Decapsulation Improper Validation (SA0137)

On affected platforms running Arista EOS where a tunnel decapsulation configuration - such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface - is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packets wit...

6.9CVSS6.1AI score0.00836EPSS
Exploits1References2
Snyk
Snyk
added 2026/06/10 2:38 p.m.12 views

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop in the extractPartialStreams and corresponding extraction functions for HEIF, JP2, and JXL. An attacker supplying an image whose requested box declares a size of zero can hang the parser indefinitely. Note: This is a bypas...

8.7CVSS5.4AI score0.00625EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-47973

Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting XSS, a condition where malicious scripts are injected into trusted websites...

6.5CVSS5.1AI score0.00308EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.20 views

PT-2026-47283

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description An improper access control flaw exists where a limited administrator can bypass Fine-Grained Admin Permissions FGAP, which are detailed permissions that restrict administrative actions to...

7.2CVSS5.5AI score0.00329EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.11 views

CVE-2026-41873

UNSUPPORTED WHEN ASSIGNED Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Pony Mail leading to admin account takeover. This issue affects all versions of the Lua implementation of Pony Mail. There is a Python implementation under development under t...

9.8CVSS5.4AI score0.00444EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.11 views

CVE-2026-10062

A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSetRoute of the file /goform/formSetRoute. This manipulation of the argument ip/mask/gateway causes stack-based buffer overflow. The attack is possible to be carried out remotely. The...

9.8CVSS8.3AI score0.00835EPSS
Exploits1References1
Rows per page
Query Builder