41168 matches found
CVE-2026-5320 vanna-ai vanna Chat API Endpoint v2 missing authentication
A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is an unknown functionality of the file /api/vanna/v2/ of the component Chat API Endpoint. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is n...
CVE-2026-5320
CVE-2026-5320 affects vanna-ai vanna up to 2.0.2. The vulnerability resides in an unknown functionality of the file /api/vanna/v2/ (Chat API Endpoint), where manipulation leads to missing authentication and allows remote exploitation. Public exploit available; vendor status unknown. Affected pack...
CVE-2026-5320 vanna-ai vanna Chat API Endpoint v2 missing authentication
A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is an unknown functionality of the file /api/vanna/v2/ of the component Chat API Endpoint. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is n...
EUVD-2026-18114
A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...
CVE-2026-5318
A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...
UBUNTU-CVE-2026-5318
A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...
CVE-2026-5319
A security vulnerability has been detected in itsourcecode Payroll Management System up to 1.0. Affected is an unknown function of the file /navbar.php. Such manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclos...
CVE-2026-5319
CVE-2026-5319 affects itsourcecode Payroll Management System up to version 1.0. The vulnerability is in an unknown function of the file /navbar.php and enables cross-site scripting through manipulation of the argument page. It can be exploited remotely, and the exploit has been publicly disclosed...
CVE-2026-5318
LibRaw is affected up to 0.22.0. The vulnerability resides in HuffTable::initval (src/decompressors/losslessjpeg.cpp) where manipulation of bits[] can trigger an out-of-bounds write. An attacker could potentially exploit this remotely, and a public exploit has been made available. The fix is the ...
CVE-2026-5318 LibRaw JPEG DHT losslessjpeg.cpp initval out-of-bounds write
A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...
CVE-2026-5318
A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...
CVE-2026-5318
A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...
CVE-2026-5317
A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...
DEBIAN-CVE-2026-5317
A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...
UBUNTU-CVE-2026-5317
A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...
CVE-2026-5317 Nothings stb stb_vorbis.c start_decoder out-of-bounds write
A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...
CVE-2026-5317
A security flaw has been discovered in Nothings stb up to 1.22. This affects the function startdecoder of the file stbvorbis.c. The manipulation results in out-of-bounds write. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The...
CVE-2026-5317
CVE-2026-5317 affects Nothings stb up to 1.22; vulnerable area is start_decoder in stb_vorbis.c. The issue is an out-of-bounds write caused by manipulation of data, with potential for remote execution. Public exploit exists; vendor was contacted early but did not respond. Metrics indicate exploit...
EUVD-2026-18109
A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbttbufget8 in the library stbtruetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The exploit has been publicly...
EUVD-2026-18091
A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and ma...