Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/05/27 8:13 p.m.5 views

CVE-2026-42335

MaxKB is an open-source AI assistant for enterprise. Prior to 2.8.1, MaxKB v2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch chat/api/oss/geturl endpoint. The vulnerability exists due to inconsistent URL parsing between the urlparse...

6.3CVSS5.8AI score0.00049EPSS
Exploits0References1
NVD
NVDadded 2026/05/26 9:16 p.m.11 views

CVE-2026-42336

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing attackers to access...

5.1CVSS0.00059EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/26 8:22 p.m.29 views

CVE-2026-42336 MaxKB: SSRF Bypass via DNS Rebinding in MaxKB OSS URL Fetch

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing attackers to access...

5.1CVSS0.00059EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/26 8:22 p.m.7 views

CVE-2026-42336 MaxKB: SSRF Bypass via DNS Rebinding in MaxKB OSS URL Fetch

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a server-side request forgery SSRF bypass in the OSS file service URL fetch functionality due to inconsistent DNS resolution between validation and actual request execution, allowing attackers to access...

5.1CVSS5.8AI score0.00059EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/26 8:19 p.m.30 views

CVE-2026-42337 MaxKB: Broken Access Control in MaxKB OSS URL Fetch API

MaxKB is an open-source AI assistant for enterprise. MaxKB 2.8.0 and prior are vulnerable to a broken access control vulnerability in the OSS file service URL fetch API chat/api/oss/geturl. The endpoint uses applicationid from the URL path without validating ownership, allowing attackers to perfo...

5.3CVSS0.00043EPSS
Exploits0References1
Prion
Prionadded 2007/01/09 11:28 p.m.15 views

Buffer overflow

Buffer overflow in the Advanced Search Finder.exe feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches OSS file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability."...

9.3CVSS8AI score0.6293EPSS
Exploits0References12Affected Software2
CVE
CVEadded 2007/01/09 11:0 p.m.48 views

CVE-2007-0034

CVE-2007-0034 is a buffer overflow in Microsoft Outlook’s Advanced Find (Office Saved Searches .oss) parsing for Outlook 2000/2002/2003. The vulnerability arises when Outlook processes a specially crafted .oss file, potentially allowing remote code execution with the permissions of the logged-on ...

9.3CVSS7.5AI score0.6293EPSS
Exploits0References12Affected Software2
Cvelist
Cvelistadded 2007/01/09 11:0 p.m.23 views

CVE-2007-0034

Buffer overflow in the Advanced Search Finder.exe feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches OSS file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability."...

7.6AI score0.6293EPSS
Exploits0References12
Rows per page
Query Builder