Lucene search
+L

29163 matches found

Cvelist
Cvelist
added 5 days ago28 views

CVE-2026-54429

A vulnerability has been identified in SIMATIC S7-PLCSIM Advanced All versions. Affected devices do not properly handle high-volume multicast network traffic, which can exhaust available memory resources in the affected application. This could allow an unauthenticated attacker on the local networ...

7.4CVSS0.00215EPSS
Exploits0References1
NVD
NVD
added 5 days ago9 views

CVE-2026-15668

A vulnerability has been found in louisho5 picobot up to 0.2.0. This vulnerability affects the function WebTool.Execute of the file internal/agent/tools/web.go of the component web Tool. The manipulation of the argument url leads to server-side request forgery. The attack can be initiated remotel...

6.5CVSS0.00228EPSS
Exploits0References6
NVD
NVD
added 5 days ago7 views

CVE-2026-44769

SAP S/4HANA application Project Management PPM-PRO allows an attacker with high privileges to execute crafted database queries, exposing the backend database. This results in low impact on confidentiality, with no impact on integrity and availability of the application...

5.5CVSS0.00197EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-43593

SAP S/4HANA application Project Management PPM-PRO allows an attacker with high privileges to execute crafted database queries, exposing the backend database. This results in low impact on confidentiality, with no impact on integrity and availability of the application...

5.5CVSS6.2AI score0.00197EPSS
Exploits0References2
CVE
CVE
added 5 days ago16 views

CVE-2026-44769

CVE-2026-44769 affects SAP S/4HANA Project Management (PPM-PRO). The connected documents describe a vulnerability where an attacker with high privileges can induce crafted database queries, resulting in exposure of the backend database. The impact is specified as low for confidentiality (C:H) wit...

5.5CVSS6.2AI score0.00197EPSS
Exploits0References2
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-38450

An issue in Aetopia Digital Asset Management DAM v.1.0.0 allows a remote attacker to execute arbitrary code via the name and description parameter of the Add/Update Project function...

0.00785EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 5 days ago8 views

PT-2026-58018

Name of the Vulnerable Software and Affected Versions Apache Kylin versions 4 through 5.0.3 Description Improper authorization occurs during job information retrieval, allowing an attacker to gain access to unauthorized jobs belonging to other projects. Recommendations Upgrade to version 5.0.4...

4.3CVSS5.2AI score0.00463EPSS
Exploits0References4
CVE
CVE
added 5 days ago7 views

CVE-2026-38450

CVE-2026-38450 — Aetopia DAM v1.0.0 has a remote code execution issue exploitable via the name and description parameters of the Add/Update Project function. The provided data lists a high-severity CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and notes a remote attacker with no privilege...

9.8CVSS6.4AI score0.00785EPSS
Exploits0References3
NVD
NVD
added 6 days ago5 views

CVE-2026-15535

A vulnerability was determined in AkariAsai self-rag up to 1fcdc420e48f50a7d7ab1ece5494221b93252e99. Affected by this issue is the function Indexer.deserializefrom of the file retrievallm/src/index.py of the component retrievallm. Executing a manipulation of the argument indexmeta.faiss can lead ...

6.5CVSS0.00247EPSS
Exploits0References7
NVD
NVD
added 6 days ago8 views

CVE-2026-15527

A vulnerability has been found in better-auth better-icons up to 1.0.5. This vulnerability affects unknown code of the component scanprojecticons/syncicon. Such manipulation of the argument iconsfile leads to path traversal. An attack has to be approached locally. The exploit has been disclosed t...

5.3CVSS0.0014EPSS
Exploits0References6
NVD
NVD
added 6 days ago9 views

CVE-2026-15526

A flaw has been found in augmnt augments-mcp-server 7.1.0. This issue affects the function scanProjectDeps of the file src/tools/v4/scan-project-deps.ts of the component scanprojectdeps. Executing a manipulation of the argument packageJsonPath can lead to path traversal. The attack can only be...

4.8CVSS0.00137EPSS
Exploits0References6
NVD
NVD
added 6 days ago7 views

CVE-2026-15524

A security vulnerability has been detected in alioshr memory-bank-mcp up to 0.2.1/3.1. This affects an unknown part of the file list-project-files-validation-factory.ts. Such manipulation of the argument projectName leads to path traversal. Local access is required to approach this attack. The...

4.8CVSS0.00137EPSS
Exploits0References6
CVE
CVE
added 6 days ago14 views

CVE-2026-15528

CVE-2026-15528 affects lamaalrajih/kicad-mcp up to 3.3.1. The vulnerability is in kicad_mcp/utils/path_validator.py where manipulating the arguments project_path or schematic_path causes a protection mechanism failure. Local exploitation is required, and the exploit has been made public. The proj...

4.8CVSS5.8AI score0.00113EPSS
Exploits0References6
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-15527 better-auth better-icons scan_project_icons/sync_icon path traversal

A vulnerability has been found in better-auth better-icons up to 1.0.5. This vulnerability affects unknown code of the component scanprojecticons/syncicon. Such manipulation of the argument iconsfile leads to path traversal. An attack has to be approached locally. The exploit has been disclosed t...

5.3CVSS0.0014EPSS
Exploits0References6
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-43271

A vulnerability has been found in better-auth better-icons up to 1.0.5. This vulnerability affects unknown code of the component scanprojecticons/syncicon. Such manipulation of the argument iconsfile leads to path traversal. An attack has to be approached locally. The exploit has been disclosed t...

5.3CVSS5.6AI score0.0014EPSS
Exploits0References6
Cvelist
Cvelist
added 6 days ago36 views

CVE-2026-15526 augmnt augments-mcp-server scan_project_deps scan-project-deps.ts scanProjectDeps path traversal

A flaw has been found in augmnt augments-mcp-server 7.1.0. This issue affects the function scanProjectDeps of the file src/tools/v4/scan-project-deps.ts of the component scanprojectdeps. Executing a manipulation of the argument packageJsonPath can lead to path traversal. The attack can only be...

4.8CVSS0.00137EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 6 days ago3 views

CVE-2026-15526

A flaw has been found in augmnt augments-mcp-server 7.1.0. This issue affects the function scanProjectDeps of the file src/tools/v4/scan-project-deps.ts of the component scanprojectdeps. Executing a manipulation of the argument packageJsonPath can lead to path traversal. The attack can only be...

4.8CVSS5.6AI score0.00137EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-43269

A flaw has been found in augmnt augments-mcp-server 7.1.0. This issue affects the function scanProjectDeps of the file src/tools/v4/scan-project-deps.ts of the component scanprojectdeps. Executing a manipulation of the argument packageJsonPath can lead to path traversal. The attack can only be...

4.8CVSS5.6AI score0.00137EPSS
Exploits0References6
CVE
CVE
added 6 days ago13 views

CVE-2026-15526

A vulnerability in augmnt augments-mcp-server 7.1.0 affects the function scanProjectDeps (src/tools/v4/scan-project-deps.ts) of the scan_project_deps component. The issue arises from manipulating the argument packageJsonPath, enabling path traversal. The attack is local, and a proof-of-concept/ex...

4.8CVSS5.6AI score0.00137EPSS
Exploits0References6
OSV
OSV
added 6 days ago4 views

CVE-2026-15526 augmnt augments-mcp-server scan_project_deps scan-project-deps.ts scanProjectDeps path traversal

A flaw has been found in augmnt augments-mcp-server 7.1.0. This issue affects the function scanProjectDeps of the file src/tools/v4/scan-project-deps.ts of the component scanprojectdeps. Executing a manipulation of the argument packageJsonPath can lead to path traversal. The attack can only be...

4.8CVSS5.6AI score0.00137EPSS
Exploits0References8
Rows per page
Query Builder