151 matches found
CVE-2026-11330
A weakness has been identified in thedotmack claude-mem up to 11.0.1. The affected element is the function computeObservationContentHash of the file src/services/sqlite/observations/store.ts of the component Observation Content Hash Handler. This manipulation causes use of weak hash. The attack c...
CVE-2026-11330
The vulnerability CVE-2026-11330 affects thedotmack claude-mem up to 11.0.1, specifically the computeObservationContentHash function in src/services/sqlite/observations/store.ts of the Observation Content Hash Handler. The issue enables the use of a weak hash due to this component manipulation. T...
CVE-2026-11330 thedotmack claude-mem Observation Content Hash store.ts computeObservationContentHash weak hash
A weakness has been identified in thedotmack claude-mem up to 11.0.1. The affected element is the function computeObservationContentHash of the file src/services/sqlite/observations/store.ts of the component Observation Content Hash Handler. This manipulation causes use of weak hash. The attack c...
SUSE CVE-2026-45680
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI replays BPF probe hits into histogram observations by looping once per recorded run count. On busy systems, the run-count delta can become very large, causing the...
CVE-2026-45680
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI replays BPF probe hits into histogram observations by looping once per recorded run count. On busy systems, the run-count delta can become very large, causing the...
CVE-2026-45680
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI replays BPF probe hits into histogram observations by looping once per recorded run count. On busy systems, the run-count delta can become very large, causing the...
Malicious code in reasonix-plugmem (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f1f950e58a5bfe1df7c6507fe6ae8edd75ececaca6456efe57e24ab143cf7f7 On startup, plugmemmcp.mjs writes /.reasonix/settings.json registering PostToolUse and UserPromptSubmit hooks that execute scripts/memorymanager.py...
OpenMRS 代码注入漏洞
OpenMRS is an open-source electronic health record system developed by OpenMRS Inc. Versions of OpenMRS from 2.7.0 to 2.7.9 and before 2.8.6 have a code injection vulnerability. This vulnerability arises from the ConceptReferenceRangeUtility.evaluateCriteria method, which evaluates condition...
Security-Aware Planning and Control of Multi-Agent Systems with LTL Tasks
This paper presents a secure-by-construction planning and control framework for multi-agent systems subject to linear temporal logic LTL specifications. The framework protects sensitive information from a passive intruder with partial observations of the agents' motion. Security in multi-agent...
CVE-2026-25874
LeRobot through 0.5.1 contains an unsafe deserialization vulnerability in the async inference pipeline where pickle.loads is used to deserialize data received over unauthenticated gRPC channels without TLS in the policy server and robot client components. An unauthenticated network-reachable...
CVE-2026-25874
LeRobot through 0.5.1 contains an unsafe deserialization vulnerability in the async inference pipeline where pickle.loads is used to deserialize data received over unauthenticated gRPC channels without TLS in the policy server and robot client components. An unauthenticated network-reachable...
CVE-2026-25874 LeRobot Unsafe Deserialization Remote Code Execution via gRPC
LeRobot through 0.5.1 contains an unsafe deserialization vulnerability in the async inference pipeline where pickle.loads is used to deserialize data received over unauthenticated gRPC channels without TLS in the policy server and robot client components. An unauthenticated network-reachable...
EUVD-2026-22282
FacturaScripts has Stored Cross-Site Scripting XSS in "Observations" field via History View...
CVE-2025-65115
creationtimestamp| type| source ---|---|--- 2026-04-07 06:17:26+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3miv4ydiw5t2w 2026-04-07 06:25:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miv5gbsvfj27 2026-04-07 07:09:46+00:00| seen|...
CVE-2026-33105
creationtimestamp| type| source ---|---|--- 2026-04-03 01:10:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mikjxjszro25 2026-04-03 01:16:28+00:00| seen| Telegram/iJ-TXq8dDjuzcBmcTa4J1ArjLXeEo9DZvpPvRg0iyulgok 2026-04-03 01:30:27+00:00| seen|...
CVE-2026-4001
creationtimestamp| type| source ---|---|--- 2026-03-24 00:15:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhrc7gcqt52i 2026-03-24 00:19:28+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhrchebxvs2n 2026-03-24 10:35:59+00:00| seen|...
CVE-2026-23997
FacturaScripts is open-source enterprise resource planning and accounting software. In 2025.71 and earlier, a Stored Cross-Site Scripting XSS vulnerability was discovered in the Observations field. The flaw occurs in the History view, where historical data is rendered without proper HTML entity...
CVE-2026-23997
FacturaScripts is open-source enterprise resource planning and accounting software. In 2025.71 and earlier, a Stored Cross-Site Scripting XSS vulnerability was discovered in the Observations field. The flaw occurs in the History view, where historical data is rendered without proper HTML entity...
CVE-2026-23997 FacturaScripts has a Stored Cross-Site Scripting (XSS) in "Observations" field via History View
FacturaScripts is open-source enterprise resource planning and accounting software. In 2025.71 and earlier, a Stored Cross-Site Scripting XSS vulnerability was discovered in the Observations field. The flaw occurs in the History view, where historical data is rendered without proper HTML entity...
CVE-2026-23997
FacturaScripts is open-source enterprise resource planning and accounting software. In 2025.71 and earlier, a Stored Cross-Site Scripting XSS vulnerability was discovered in the Observations field. The flaw occurs in the History view, where historical data is rendered without proper HTML entity...