Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded yesterday4 views

RUSTSEC-2026-0161 `pqcrypto-mlkem` is unmaintained: upstream PQClean project being archived

This crate provides Rust bindings to ML-KEM FIPS 203 via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As a result, this crat...

5.8AI score
Exploits0References3
OSV
OSVadded yesterday3 views

RUSTSEC-2026-0163 `pqcrypto-internals` is unmaintained: upstream PQClean project being archived

This crate provides internal FFI utilities for the pqcrypto- ecosystem, directly wrapping C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream...

5.8AI score
Exploits0References3
CVE
CVEadded 2026/04/27 10:15 p.m.17 views

CVE-2026-7179

CVE-2026-7179 affects OSPG binwalk up to 2.4.3, specifically the WinCE Extraction Plugin’s read_null_terminated_string in src/binwalk/plugins/winceextract.py. The issue allows local path traversal via manipulation of self.file_name. Exploitation is local; the vulnerability is tied to products no ...

5.3CVSS5.4AI score0.0002EPSS
Exploits0References4
OSV
OSVadded 2026/02/09 9:30 a.m.0 views

GHSA-6FGP-M6Q4-J3Q5 MCP Run Python Deno Sandbox Misconfiguration Allows SSRF Attacks via Localhost Access

Impact Server-Side Request Forgery SSRF: A security vulnerability exists in the mcp-run-python tool specifically within the Pydantic-AI integration due to an overly permissive Deno sandbox configuration. The tool configures the Deno runtime—which is intended to isolate the execution of untrusted...

5.8CVSS6.2AI score0.00013EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/02/09 8:51 a.m.4 views

CVE-2026-25904

The Pydantic-AI MCP Run Python tool configures the Deno sandbox with an overly permissive configuration that allows the underlying Python code to access the localhost interface of the host to perform SSRF attacks. Note - the "mcp-run-python" project is archived and unlikely to receive a fix...

5.8CVSS5.6AI score0.00013EPSS
Exploits0References2
RustSec
RustSecadded 2025/11/10 12:0 p.m.4 views

tandem is unmaintained

The tandem crates in https://github.com/sine-fdn are no longer maintained by the SINE Foundation. The repository has been archived. Recommended alternative We are continuing our work on SMPC by implementing our secure multi-party computation engine Polytune...

7AI score
Exploits0
OSV
OSVadded 2025/09/11 12:0 p.m.1 views

RUSTSEC-2025-0067 `libyml::string::yaml_string_extend` is unsound and unmaintained

In version 0.0.4, libyml::string::yamlstringextend was revised resulting in undefined behaviour, which is unsound. The GitHub project for libyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommende...

7.1AI score
Exploits0References3
RustSec
RustSecadded 2024/03/04 12:0 p.m.2 views

gtk-rs GTK3 bindings - no longer maintained

The gtk-rs GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-rs instead...

7.1AI score
Exploits0
Rows per page
Query Builder