997 matches found
CVE-2026-6192 uclouvain openjpeg pi.c opj_pi_initialise_encode integer overflow
A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opjpiinitialiseencode in the library src/lib/openjp2/pi.c. The manipulation leads to integer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. The...
CVE-2026-6042 musl libc GB18030 4-byte Decoder iconv.c iconv algorithmic complexity
A security flaw has been discovered in musl libc up to 1.2.6. Affected is the function iconv of the file src/locale/iconv.c of the component GB18030 4-byte Decoder. Performing a manipulation results in inefficient algorithmic complexity. The attack must be initiated from a local position. To fix...
CVE-2026-5972
A vulnerability has been found in FoundationAgents MetaGPT up to 0.8.1. This issue affects the function Terminal.runcommand in the library metagpt/tools/libs/terminal.py. The manipulation leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed ...
CVE-2026-5663
A security flaw has been discovered in OFFIS DCMTK up to 3.7.0. This impacts the function executeOnReception/executeOnEndOfStudy of the file dcmnet/apps/storescp.cc of the component storescp. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible...
EUVD-2026-17060
A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function processtype2route of the file bgpd/bgpevpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to ha...
UBUNTU-CVE-2026-5107
A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function processtype2route of the file bgpd/bgpevpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to ha...
CVE-2026-5107 FRRouting FRR EVPN Type-2 Route bgp_evpn.c process_type2_route access control
A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function processtype2route of the file bgpd/bgpevpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The attack is considered to ha...
PT-2026-28761
Name of the Vulnerable Software and Affected Versions FRRouting FRR versions up to 10.5.1 Description A security issue exists in FRRouting FRR related to improper access controls within the EVPN Type-2 Route Handler component. The issue is located in the process type2 route function of the bgpd/b...
CVE-2026-4541
A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/cryptosigned25519tinyssh.c of the component Ed25519 Signature Handler. This manipulation causes improper verification of cryptographic signature. The attack is restricted to local...
CVE-2026-4198
A vulnerability was determined in hypermodel-labs mcp-server-auto-commit 1.0.0. Affected by this vulnerability is the function getGitChanges of the file index.ts. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may b...
CVE-2026-3977
A security vulnerability has been detected in projectsend up to r1945. The affected element is an unknown function of the component AJAX Endpoints. The manipulation leads to missing authorization. The attack can be initiated remotely. The identifier of the patch is...
EulerOS Virtualization 2.12.0 : libtiff (EulerOS-SA-2026-1498)
According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability classified as problematic was found in libtiff 4.6.0. This vulnerability affects the function PSLvl2page of the fil...
EUVD-2026-12267
A vulnerability was determined in hypermodel-labs mcp-server-auto-commit 1.0.0. Affected by this vulnerability is the function getGitChanges of the file index.ts. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may b...
CVE-2026-4198
A vulnerability was determined in hypermodel-labs mcp-server-auto-commit 1.0.0. Affected by this vulnerability is the function getGitChanges of the file index.ts. This manipulation causes command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may b...
CVE-2026-4199
The vulnerability CVE-2026-4199 affects bazinga012/mcp_code_executor up to v0.3.0, specifically the installDependencies function in src/index.ts. The issue enables command injection via local exploitation. The exploit is publicly available, and patching is advised. No additional details on affect...
EulerOS 2.0 SP12 : gdb (EulerOS-SA-2026-1358)
According to the versions of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangletype in...
EulerOS 2.0 SP10 : gdb (EulerOS-SA-2026-1333)
According to the versions of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component...
CVE-2026-4016
A security vulnerability has been detected in GPAC 26.03-DEV. Affected by this vulnerability is the function svginprocess of the file src/filters/loadsvg.c of the component SVG Parser. The manipulation leads to out-of-bounds write. Local access is required to approach this attack. The exploit has...
CVE-2026-3979
A flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function jsiteratorconcatreturn of the file quickjs.c. This manipulation causes use after free. The attack requires local access. The exploit has been published and may be used. Patch name:...
EulerOS 2.0 SP13 : gdb (EulerOS-SA-2026-1234)
According to the versions of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw has been found in GNU Binutils 2.45. Impacted is the function bfdelfparseehframe of the file bfd/elf-eh-frame.c of the component Linker...