Lucene search
K

2019 matches found

NVD
NVD
added 2026/05/04 12:16 a.m.8 views

CVE-2026-7711

A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byomhandler/procwrapper.py of the component Engine Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit ha...

7.5CVSS0.00284EPSS
Exploits0References4
Exploit DB
Exploit DB
added 2026/05/04 12:0 a.m.91 views

Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation

Exploit Title: Linux Kernel procreaddirde 6.18-rc5 - Local Privilege Escalation CVE: CVE-2025-40271 Date: 2026-03-19 Exploit Author: Aviral Srivastava Vendor: Linux Kernel kernel.org Affected: 3.14+ through 6.18-rc5 bug predates version tracking Fixed in stable: 5.10.247, 6.1.159, 6.12.73, 6.18-r...

7.8CVSS7AI score0.12966EPSS
Exploits9
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.12 views

MindsDB 访问控制错误漏洞

MindsDB is a joint query engine developed by MindsDB Corporation, designed specifically for AI agents and large language models. It can handle questions related to PB-level enterprise data. MindsDB versions 26.01 and earlier contained a access control vulnerability. This vulnerability stemmed fro...

7.5CVSS7.1AI score0.00284EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/03 11:30 p.m.33 views

CVE-2026-7711 MindsDB Engine proc_wrapper.py exec unrestricted upload

A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byomhandler/procwrapper.py of the component Engine Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit ha...

7.5CVSS0.00284EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/03 11:30 p.m.7 views

EUVD-2026-26852

A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byomhandler/procwrapper.py of the component Engine Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit ha...

7.5CVSS6.7AI score0.00284EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/03 11:30 p.m.5 views

CVE-2026-7711 MindsDB Engine proc_wrapper.py exec unrestricted upload

A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byomhandler/procwrapper.py of the component Engine Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit ha...

7.5CVSS6.7AI score0.00284EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/03 11:30 p.m.3 views

CVE-2026-7711

A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byomhandler/procwrapper.py of the component Engine Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit ha...

7.5CVSS6.7AI score0.00284EPSS
Exploits0References4
CVE
CVE
added 2026/05/03 11:30 p.m.20 views

CVE-2026-7711

Summary: CVE-2026-7711 affects MindsDB Engine up to 26.01, specifically the function exec in mindsdb/integrations/handlers/byom_handler/proc_wrapper.py. The underlying issue enables remote manipulation via the exec path that could allow unrestricted upload. Public exploit code is noted, and the a...

7.5CVSS6.7AI score0.00284EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/03 12:0 a.m.13 views

PT-2026-36728

Name of the Vulnerable Software and Affected Versions MindsDB versions prior to 26.01 Description A weakness in the Engine Handler component allows for unrestricted file upload. This issue occurs within the exec function located in the mindsdb/integrations/handlers/byom handler/proc wrapper.py fi...

7.5CVSS7.1AI score0.00284EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/05/02 12:0 a.m.10 views

RHCOS 4 : OpenShift Container Platform 4.17.47 (RHSA-2026:0701)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0701 advisory. - runc: container escape via 'masked path' abuse due to mount race conditions CVE-2025-31133 - runc: container escape with malicious...

8.4CVSS6.2AI score0.0067EPSS
Exploits4References8
RedHat Linux
RedHat Linux
added 2026/04/27 10:34 a.m.10 views

kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem

A flaw was found in the Linux kernel's Asynchronous Transfer Mode ATM subsystem. An authenticated local attacker could exploit a Use-After-Free UAF vulnerability in the /proc/net/atm/lec handling. This flaw occurs due to improper devput calls without prior devhold calls, leading to an imbalance i...

7.8CVSS5.5AI score0.0017EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/04/26 1:52 a.m.5 views

SUSE CVE-2026-31680

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: flowlabel: defer exclusive option free until RCU teardown ip6flseqshow walks the global flowlabel hash under the seq-file RCU read-side lock and prints fl-opt-optnflen when an option block is present. Exclusive...

4.7CVSS5.4AI score0.00121EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/04/25 1:37 a.m.7 views

SUSE CVE-2026-31642

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...

5.5CVSS5.5AI score0.00123EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/25 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31680

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ipv6: flowlabel: defer exclusive option free until RCU teardown ip6flseqshow walks the global flowlabel hash under the seq-file RCU read-side lock and prin...

7.8CVSS7.1AI score0.00121EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/24 9:34 p.m.7 views

CVE-2026-31642

A flaw was found in the Linux kernel's rxrpc module. This vulnerability occurs due to incorrect handling of call removal, specifically using listdelinit instead of listdelrcu. A local user reading the /proc/net/rxrpc/calls file could potentially trigger an infinite loop, leading to a Denial of...

5.5CVSS5.3AI score0.00123EPSS
Exploits0References4
NVD
NVD
added 2026/04/24 3:16 p.m.7 views

CVE-2026-31642

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...

5.5CVSS0.00123EPSS
Exploits0References8
OSV
OSV
added 2026/04/24 3:16 p.m.5 views

DEBIAN-CVE-2026-31642

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...

5.5CVSS5.3AI score0.00123EPSS
Exploits0References1
NVD
NVD
added 2026/04/24 3:16 p.m.5 views

CVE-2026-31630

In the Linux kernel, the following vulnerability has been resolved: rxrpc: proc: size address buffers for %pISpc output The AFRXRPC procfs helpers format local and remote socket addresses into fixed 50-byte stack buffers with "%pISpc". That is too small for the longest current-tree IPv6-with-port...

7.8CVSS0.00132EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/24 2:44 p.m.4 views

EUVD-2026-25535

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...

5.4AI score0.00123EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:44 p.m.3 views

CVE-2026-31642

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet-calls list to use listdelrcu rather than listdelinit to prevent stuffing up reading /proc/net/rxrpc/calls from potentially getting into an...

5.3AI score0.00123EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder