Lucene search
K

1765 matches found

EUVD
EUVD
added 2 hours ago4 views

EUVD-2026-41795

A vulnerability was identified in vxcontrol PentAGI up to 2.1.0. This affects an unknown function of the file backend/pkg/docker/client.go of the component Docker API. The manipulation leads to sandbox issue. The attack may be initiated remotely. The pull request to fix this issue awaits acceptan...

6.5CVSS6.2AI score
Exploits0References8
EUVD
EUVD
added yesterday7 views

EUVD-2026-41747

A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function freeze of the file libs/langgraph/langgraph/internal/cache.py of the component Task Result Cache. This manipulation of the argument defaultcachekey causes use of weak hash. The attack is...

3.1CVSS5AI score
Exploits0References7
ATTACKERKB
ATTACKERKB
added yesterday7 views

CVE-2026-14742

A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function freeze of the file libs/langgraph/langgraph/internal/cache.py of the component Task Result Cache. This manipulation of the argument defaultcachekey causes use of weak hash. The attack is...

3.1CVSS5AI score
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-14687

A vulnerability was determined in 666ghj BettaFish up to 1.2.1. Impacted is the function deduplicateresults of the file InsightEngine/agent.py of the component InsightEngine search-result Deduplication. Executing a manipulation can lead to partial string comparison. The attack can be launched...

6.9CVSS5.8AI score0.00332EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-58424

Permanent Fork PR Workflow Approval Gate Bypass...

8.9CVSS5.9AI score0.00201EPSS
Exploits0References5
CVE
CVE
added 3 days ago18 views

CVE-2026-58424

Technical details about CVE-2026-58424 are not publicly available in the provided documents. No product, vector, or impact specifics are included. Monitor for updates in official advisories.

8.9CVSS5.9AI score0.00201EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-24690

Gitea versions before 1.25.5 have insufficient permission checks for updating or rebasing pull request branches...

6AI score0.00159EPSS
Exploits0References5
EUVD
EUVD
added 3 days ago4 views

EUVD-2026-41620

Gitea versions before 1.25.5 have insufficient permission checks for updating or rebasing pull request branches...

6AI score0.00159EPSS
Exploits0References4
CVE
CVE
added 3 days ago5 views

CVE-2026-24690

CVE-2026-24690 affects Gitea: versions before 1.25.5. The issue is insufficient permission checks for updating or rebasing pull request branches, arising from the affected area of PR branch updates. The available connected documents confirm the root cause and identify the remediation: upgrade to ...

6AI score0.00159EPSS
Exploits0References4
CVE
CVE
added 3 days ago13 views

CVE-2026-14607

CVE-2026-14607 affects RT-Thread up to 5.0.2, specifically the sys_getaddrinfo implementation in components/lwp/lwp_syscall.c. Manipulating the ai_addr argument can cause memory corruption; exploit public and local access required. A fix is being prepared in a pull request (RT-Thread/rt-thread#11...

6.8CVSS5.6AI score0.00119EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 3 days ago7 views

PT-2026-55657

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A flaw exists that allows for a permanent fork pull request workflow approval gate bypass. This issue enables an attacker to circumvent the required approval...

8.9CVSS6AI score0.00201EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 5 days ago8 views

CVE-2026-50195

containerd is an open-source container runtime. Versions prior to 2.3.2, 2.2.5 and 2.1.9 contain a vulnerability in the CRI checkpoint import process where it fails to validate the image references specified within a checkpoint image's configuration. An attacker with permissions to create pods ca...

9.9CVSS6.1AI score0.00354EPSS
Exploits0
CVE
CVE
added 5 days ago53 views

CVE-2026-53488

CVE-2026-53488 affects containerd’s CRI plugin: image config LABELs are propagated to containers without validation, enabling potential host-command execution via a plugin that consumes labels. Concrete details across connected docs confirm this vulnerability in containerd versions prior to 1.7.3...

9.4CVSS5.9AI score0.00203EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added last week8 views

CVE-2026-13543

A vulnerability was detected in Documenso up to 2.11.0. Affected by this vulnerability is an unknown functionality of the file packages/auth/server/lib/utils/handle-oauth-callback-url.ts of the component Google OAuth Login. The manipulation results in improper authentication. It is possible to...

6.3CVSS5.6AI score0.00364EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/28 10:45 p.m.7 views

CVE-2026-13512

A vulnerability was identified in Databend up to 1.2.881 on HTTP. This affects the function ClientSessionManager::statekey of the file src/query/service/src/servers/http/v1/session/clientsessionmanager.rs of the component Tenant Handler. The manipulation leads to authorization bypass. It is...

6.5CVSS5.4AI score0.0022EPSS
Exploits0References6
CVE
CVE
added 2026/06/28 10:45 p.m.15 views

CVE-2026-13512

Databend up to version 1.2.881 on HTTP is affected. The issue resides in Tenant Handler’s ClientSessionManager::state_key (src/query/service/src/servers/http/v1/session/client_session_manager.rs) and enables authorization bypass. Exploitation may be initiated remotely; a publicly available exploi...

6.5CVSS6.2AI score0.0022EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/28 9:30 p.m.6 views

CVE-2026-13507

A vulnerability was detected in volcengine OpenViking up to 0.3.21. This affects the function strtouint64 of the file openviking/storage/vectordb/utils/strtouint64.py of the component Local VectorDB Primary-key Label Handler. The manipulation of the argument ID results in insufficient verificatio...

5CVSS5.5AI score0.00138EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/28 10:45 a.m.8 views

CVE-2026-13489

A weakness has been identified in 78 xiaozhi-esp32 up to 2.2.6. Affected by this issue is the function ParseMessage of the file main/mcpserver.cc of the component MCP Response Handler. This manipulation causes improper synchronization. Remote exploitation of the attack is possible. The attack's...

3.1CVSS5.1AI score0.00228EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.10 views

PT-2026-53167

Name of the Vulnerable Software and Affected Versions VoltAgent versions prior to 2.1.18 Description An improper authorization issue exists within the Memory REST API component, specifically in the handleGetMemoryConversation function located in the...

3.1CVSS5.8AI score0.0022EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.7 views

PT-2026-53166

Name of the Vulnerable Software and Affected Versions SimStudioAI sim versions prior to 0.6.93 Description An issue exists in the Password Protection Handler component within the apps/sim/lib/core/security/deployment.ts library. A remote attacker can perform a manipulation that results in the use...

6.3CVSS5.7AI score0.00216EPSS
Exploits0References12
Rows per page
Query Builder