Lucene search
K

617 matches found

Cvelist
Cvelist
added yesterday13 views

CVE-2026-15522 tugcantopaloglu godot-mcp run_project index.js validatePath path traversal

A security flaw has been discovered in tugcantopaloglu godot-mcp 2.0.0. Affected by this vulnerability is the function validatePath of the file build/index.js of the component runproject. The manipulation of the argument projectPath results in path traversal. Attacking locally is a requirement. T...

5.3CVSS0.00137EPSS
Exploits0References8
OSV
OSV
added 3 days ago3 views

ROOT-APP-PYPI-CVE-2026-27459 CVE-2026-27459 in rootio-pyOpenSSL - Patched by Root

Root has patched CVE-2026-27459 in the rootio-pyOpenSSL package for Root:PyPI. Multiple fixed versions available...

9.8CVSS5.9AI score0.00704EPSS
Exploits0
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-50181 Langroid: Path traversal in the file tools allows read/write outside configured current directory

Langroid is a framework for building large-language-model-powered applications. Prior to version 0.64.0, Langroid's ReadFileTool and WriteFileTool appear to treat currdir as the intended working-directory boundary for file operations. However, the tools only change the process working directory t...

7.1CVSS0.00184EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added last week7 views

CVE-2026-45796

Coder allows organizations to provision remote development environments via Terraform. Versions prior tp 2.24.5, 2.29.13, 2.30.8, 2.31.12, 2.32.2, and 2.33.3 are vulnerable to unauthenticated semi-blind Server-Side Request Forgery SSRF via the Azure instance identity endpoint POST...

6.5CVSS6.1AI score0.00335EPSS
Exploits0References10Affected Software1
OSV
OSV
added last week4 views

PYSEC-2026-1707 JupyterLab vulnerable to SXSS in Markdown Preview

Impact The vulnerability depends on user interaction by opening a malicious notebook with Markdown cells, or Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user...

6.5CVSS6.8AI score0.00568EPSS
Exploits0References8
OSV
OSV
added last week4 views

PYSEC-2026-1034 Segfault in `CompositeTensorVariantToComponents`

Impact An input encoded that is not a valid CompositeTensorVariant tensor will trigger a segfault in tf.rawops.CompositeTensorVariantToComponents. python import tensorflow as tf encode = tf.rawops.EmptyTensorListelementdtype=tf.int32, elementshape=10, 15, maxnumelements=2 meta= ""...

4.8CVSS7.1AI score0.0049EPSS
Exploits1References8
NVD
NVD
added 2026/07/06 10:16 p.m.7 views

CVE-2026-43928

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the PayPalEmail payment adapter accepts PayPal IPN callbacks and credits the IPN-supplied amount mcgross to the client's balance without validating it against the invoice total. Combined with a $0.05...

2.3CVSS0.00274EPSS
Exploits0References1
OSV
OSV
added 2026/07/06 3:50 a.m.7 views

ROOT-OS-DEBIAN-13-CVE-2025-71154 CVE-2025-71154 in rootio-linux - Patched by Root

Root has patched CVE-2025-71154 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

4CVSS5.4AI score0.00114EPSS
Exploits0
OSV
OSV
added 2026/07/06 3:50 a.m.6 views

ROOT-OS-DEBIAN-13-CVE-2026-43299 CVE-2026-43299 in rootio-linux - Patched by Root

Root has patched CVE-2026-43299 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

5.5CVSS5.8AI score0.00117EPSS
Exploits0
OSV
OSV
added 2026/07/06 3:50 a.m.6 views

ROOT-OS-DEBIAN-13-CVE-2025-38662 CVE-2025-38662 in rootio-linux - Patched by Root

Root has patched CVE-2025-38662 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

7.8CVSS7.8AI score0.00151EPSS
Exploits0
OSV
OSV
added 2026/07/06 3:50 a.m.7 views

ROOT-OS-DEBIAN-13-CVE-2025-40279 CVE-2025-40279 in rootio-linux - Patched by Root

Root has patched CVE-2025-40279 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

5.4AI score0.00171EPSS
Exploits0
OSV
OSV
added 2026/07/06 3:50 a.m.6 views

ROOT-OS-DEBIAN-13-CVE-2025-40078 CVE-2025-40078 in rootio-linux - Patched by Root

Root has patched CVE-2025-40078 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

5.4AI score0.00197EPSS
Exploits0
CVE
CVE
added 2026/07/05 11:45 p.m.16 views

CVE-2026-14783

NousResearch hermes-agent 2026.5.29.2 is affected; the vulnerability is in skills_tool.py, function skill_view, where manipulating the Name argument enables path traversal via a remote attack. Public disclosure of the exploit exists. A patch identified as 56f833efa427ccb444c0f9ad1759af1012f2124d ...

5.3CVSS5.6AI score0.00333EPSS
Exploits0References8
OSV
OSV
added 2026/07/05 5:32 p.m.9 views

ROOT-APP-MAVEN-CVE-2026-55471 CVE-2026-55471 in io.root.ca.uhn.hapi.fhir:org.hl7.fhir.utilities - Patched by Root

Root has patched CVE-2026-55471 in the io.root.ca.uhn.hapi.fhir:org.hl7.fhir.utilities package for Root:Maven. Multiple fixed versions available...

8.7CVSS5.8AI score0.00309EPSS
Exploits0
OSV
OSV
added 2026/07/05 3:15 p.m.4 views

CVE-2026-14759 radareorg radare2 RBinJava Line Number Table class.c r_bin_java_inner_classes_attr_calc_size heap-based overflow

A security flaw has been discovered in radareorg radare2 up to 6.1.6. This issue affects the function rbinjavainnerclassesattrcalcsize of the file shlr/java/class.c of the component RBinJava Line Number Table Parser. Performing a manipulation results in heap-based buffer overflow. The attack...

4.8CVSS5.9AI score0.00153EPSS
Exploits1References9
OSV
OSV
added 2026/07/05 7:32 a.m.2 views

ROOT-OS-UBUNTU-2204-CVE-2026-52909 CVE-2026-52909 in rootio-linux - Patched by Root

Root has patched CVE-2026-52909 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

7.8CVSS5.8AI score0.0012EPSS
Exploits0
OSV
OSV
added 2026/07/05 7:32 a.m.6 views

ROOT-OS-UBUNTU-2204-CVE-2025-40362 CVE-2025-40362 in rootio-linux - Patched by Root

Root has patched CVE-2025-40362 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.5CVSS5.4AI score0.00199EPSS
Exploits0
OSV
OSV
added 2026/07/05 7:32 a.m.4 views

ROOT-OS-UBUNTU-2204-CVE-2025-68200 CVE-2025-68200 in rootio-linux - Patched by Root

Root has patched CVE-2025-68200 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.4AI score0.00173EPSS
Exploits0
OSV
OSV
added 2026/07/05 7:32 a.m.7 views

ROOT-OS-UBUNTU-2204-CVE-2025-37854 CVE-2025-37854 in rootio-linux - Patched by Root

Root has patched CVE-2025-37854 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

7.8CVSS7.8AI score0.00242EPSS
Exploits0
OSV
OSV
added 2026/07/05 7:32 a.m.4 views

ROOT-OS-UBUNTU-2204-CVE-2025-38208 CVE-2025-38208 in rootio-linux - Patched by Root

Root has patched CVE-2025-38208 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.5CVSS5.4AI score0.00146EPSS
Exploits0
Rows per page
Query Builder