Lucene search
K

3014 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/05 4:45 p.m.3 views

CVE-2026-5584

A vulnerability has been found in Fosowl agenticSeek 0.1.0. Impacted is the function PyInterpreter.execute of the file sources/tools/PyInterpreter.py of the component query Endpoint. Such manipulation leads to code injection. The attack can be launched remotely. The exploit has been disclosed to...

7.5CVSS6.6AI score0.00392EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/04/05 4:45 p.m.17 views

CVE-2026-5584

CVE-2026-5584 affects Fosowl agenticSeek 0.1.0. The vulnerability lies in the PyInterpreter.execute function of sources/tools/PyInterpreter.py (component: query Endpoint), where input manipulation can lead to code injection. The attack can be launched remotely and the exploit has been publicly di...

9.8CVSS6.6AI score0.00392EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/04/05 12:30 p.m.4 views

EUVD-2026-19071

A vulnerability was identified in provectus kafka-ui up to 0.7.2. This impacts the function validateAccess of the file /api/smartfilters/testexecutions of the component Endpoint. The manipulation leads to code injection. The attack can be initiated remotely. The exploit is publicly available and...

7.5CVSS5.5AI score0.0062EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/05 12:30 p.m.6 views

EUVD-2026-19061

A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. This vulnerability affects the function discoverAndLoadExtensions of the file packages/coding-agent/src/core/extensions/loader.ts. The manipulation leads to code injection. Remote exploitation of the attack is possible...

6.5CVSS6.2AI score0.00291EPSS
Exploits0References5
NVD
NVD
added 2026/04/05 11:16 a.m.6 views

CVE-2026-5562

A vulnerability was identified in provectus kafka-ui up to 0.7.2. This impacts the function validateAccess of the file /api/smartfilters/testexecutions of the component Endpoint. The manipulation leads to code injection. The attack can be initiated remotely. The exploit is publicly available and...

9.8CVSS0.0062EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/04/05 11:0 a.m.3 views

CVE-2026-5562 provectus kafka-ui Endpoint testexecutions validateAccess code injection

A vulnerability was identified in provectus kafka-ui up to 0.7.2. This impacts the function validateAccess of the file /api/smartfilters/testexecutions of the component Endpoint. The manipulation leads to code injection. The attack can be initiated remotely. The exploit is publicly available and...

7.5CVSS6.7AI score0.0062EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/05 11:0 a.m.3 views

CVE-2026-5562

A vulnerability was identified in provectus kafka-ui up to 0.7.2. This impacts the function validateAccess of the file /api/smartfilters/testexecutions of the component Endpoint. The manipulation leads to code injection. The attack can be initiated remotely. The exploit is publicly available and...

7.5CVSS6.7AI score0.0062EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/04/05 10:16 a.m.6 views

CVE-2026-5556

A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. This vulnerability affects the function discoverAndLoadExtensions of the file packages/coding-agent/src/core/extensions/loader.ts. The manipulation leads to code injection. Remote exploitation of the attack is possible...

6.5CVSS0.00291EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/05 9:30 a.m.3 views

CVE-2026-5556

A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. This vulnerability affects the function discoverAndLoadExtensions of the file packages/coding-agent/src/core/extensions/loader.ts. The manipulation leads to code injection. Remote exploitation of the attack is possible...

6.5CVSS6.2AI score0.00291EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.5 views

PT-2026-30426

A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. This vulnerability affects the function discoverAndLoadExtensions of the file packages/coding-agent/src/core/extensions/loader.ts. The manipulation leads to code injection. Remote exploitation of the attack is possible...

6.5CVSS6.2AI score0.00291EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.5 views

PT-2026-30451

Name of the Vulnerable Software and Affected Versions Fosowl agenticSeek version 0.1.0 Description A code injection issue exists in the PyInterpreter.execute function within the sources/tools/PyInterpreter.py file of the query Endpoint component. This manipulation can be exploited remotely. The...

9.8CVSS7AI score0.00392EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.9 views

PT-2026-30432

Name of the Vulnerable Software and Affected Versions provectus kafka-ui versions up to 0.7.2 Description A code injection issue exists in the validateAccess function within the Endpoint component, specifically in the file /api/smartfilters/testexecutions. This can be triggered remotely. The...

9.8CVSS7AI score0.0062EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/03/31 12:0 a.m.2 views

CVE-2026-30309

InfCode's terminal auto-execution module contains a critical command filtering vulnerability that renders its blacklist security mechanism completely ineffective. The predefined blocklist fails to cover native high-risk commands in Windows PowerShell such as powershell, and the matching algorithm...

7.8CVSS6.5AI score0.00297EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/30 3:32 p.m.6 views

EUVD-2026-17104

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewsupplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6.1CVSS6AI score0.0021EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/03/29 11:3 p.m.4 views

CVE-2026-5011

A vulnerability was detected in elecV2 elecV2P up to 3.8.3. This vulnerability affects the function runJSFile of the file /webhook of the component JSON Parser. Performing a manipulation of the argument rawcode results in code injection. Remote exploitation of the attack is possible. The exploit ...

6.5CVSS5.6AI score0.00232EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/29 11:3 p.m.3 views

CVE-2026-4998

A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/codeexecution/codeexecutor.py of the component Chat Message Handler. Executing a manipulation can lead to code injection. The attack may be...

7.5CVSS5.6AI score0.00532EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/28 11:9 p.m.4 views

CVE-2026-4963

A weakness has been identified in huggingface smolagents 1.25.0.dev0. This affects the function evaluateaugassign/evaluatecall/evaluatewith of the file src/smolagents/localpythonexecutor.py of the component Incomplete Fix CVE-2025-9959. This manipulation causes code injection. It is possible to...

7.6CVSS6.3AI score0.00575EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/28 9:33 p.m.4 views

EUVD-2026-16942

A vulnerability was detected in elecV2 elecV2P up to 3.8.3. This vulnerability affects the function runJSFile of the file /webhook of the component JSON Parser. Performing a manipulation of the argument rawcode results in code injection. Remote exploitation of the attack is possible. The exploit ...

6.5CVSS6.3AI score0.00232EPSS
Exploits0References6
NVD
NVD
added 2026/03/28 7:16 p.m.3 views

CVE-2026-5011

A vulnerability was detected in elecV2 elecV2P up to 3.8.3. This vulnerability affects the function runJSFile of the file /webhook of the component JSON Parser. Performing a manipulation of the argument rawcode results in code injection. Remote exploitation of the attack is possible. The exploit ...

6.5CVSS0.00232EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/28 6:30 p.m.2 views

CVE-2026-5011 elecV2 elecV2P JSON webhook runJSFile code injection

A vulnerability was detected in elecV2 elecV2P up to 3.8.3. This vulnerability affects the function runJSFile of the file /webhook of the component JSON Parser. Performing a manipulation of the argument rawcode results in code injection. Remote exploitation of the attack is possible. The exploit ...

6.5CVSS5.6AI score0.00232EPSS
Exploits0References5
Rows per page
Query Builder