Lucene search
K

4 matches found

OSV
OSV
added 2026/05/22 11:51 a.m.13 views

SUSE-SU-2026:21827-1 Security update for mcphost

This update for mcphost fixes the following issues - CVE-2025-30153: github.com/getkin/kin-openapi/openapi3filter: Improper Handling of Highly Compressed Data Data Amplification in github.com/getkin/kin-openapi/openapi3filter bsc1264762. - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client...

9.1CVSS6.7AI score0.01557EPSS
Exploits3References13
OSV
OSV
added 2026/05/22 11:51 a.m.11 views

SUSE-SU-2026:21756-1 Security update for mcphost

This update for mcphost fixes the following issues - CVE-2025-30153: github.com/getkin/kin-openapi/openapi3filter: Improper Handling of Highly Compressed Data Data Amplification in github.com/getkin/kin-openapi/openapi3filter bsc1264762. - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client...

9.1CVSS6.7AI score0.01557EPSS
Exploits3References13
OSV
OSV
added 2026/04/14 11:39 p.m.15 views

GHSA-2HX3-VP6R-MG3F Kiota: Code Generation Literal Injection

CVE Advisory CVE-2026-41134: Code Generation Literal Injection in Kiota Summary Kiota versions prior to 1.31.1 are affected by a code-generation literal injection vulnerability in multiple writer sinks for example: serialization/deserialization keys, path/query parameter mappings, URL template...

7.3CVSS5.8AI score0.00421EPSS
Exploits1References3
Veracode
Veracode
added 2026/01/27 10:2 a.m.7 views

Arbitrary Command Injection

@orval/core is vulnerable to Arbitrary Command Injection. The vulnerability is due to improper handling and escaping of untrusted OpenAPI specification data in the x-enumDescriptions field during enum generation, which allows an attacker to inject and execute arbitrary TypeScript or JavaScript co...

9.8CVSS6.1AI score0.0075EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder