Lucene search
+L

21588 matches found

NVD
NVD
added 5 days ago8 views

CVE-2026-15629

A weakness has been identified in louisho5 picobot up to 0.2.0. Impacted is the function CreateSkill/GetSkill of the file internal/agent/tools/filesystem.go of the component Workspace Handler. Executing a manipulation can lead to link following. It is possible to launch the attack remotely. The...

6.5CVSS0.00288EPSS
Exploits0References6
NVD
NVD
added 5 days ago11 views

CVE-2026-15626

A vulnerability was determined in nextlevelbuilder GoClaw 3.13.3-beta.3. This affects the function writeFile of the file internal/providers/acp/toolbridge.go of the component ACP ToolBridge Workspace Handler. This manipulation causes path traversal. The attack is possible to be carried out...

6.5CVSS0.00294EPSS
Exploits0References7
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-43614

A vulnerability was found in nextlevelbuilder GoClaw 3.11.3. Affected by this issue is the function ExecApprovalManager.CheckCommand of the file internal/tools/execapproval.go. The manipulation results in incomplete blacklist. The attack can be executed remotely. The exploit has been made public...

6.5CVSS6.4AI score0.0028EPSS
Exploits0References12
OSV
OSV
added 5 days ago3 views

CVE-2026-15625 nextlevelbuilder GoClaw exec_approval.go ExecApprovalManager.CheckCommand incomplete blacklist

A vulnerability was found in nextlevelbuilder GoClaw 3.11.3. Affected by this issue is the function ExecApprovalManager.CheckCommand of the file internal/tools/execapproval.go. The manipulation results in incomplete blacklist. The attack can be executed remotely. The exploit has been made public...

5.3CVSS6.4AI score0.0028EPSS
Exploits0References14
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-43613

A vulnerability has been found in nextlevelbuilder GoClaw 3.13.3-beta.3. Affected by this vulnerability is the function bytePlusDownloadVideo of the file internal/tools/createvideobyteplus.go of the component invoke Endpoint. The manipulation of the argument output.videourl leads to server-side...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
CVE
CVE
added 5 days ago10 views

CVE-2026-15624

Summary: CVE-2026-15624 affects nextlevelbuilder GoClaw 3.13.3-beta.3. The vulnerability is in the function bytePlusDownloadVideo (internal/tools/create_video_byteplus.go) of the invoke Endpoint. By manipulating the argument output.video_url, an attacker can trigger a server-side request forgery....

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago4 views

EUVD-2026-43561

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /subject.php. Such manipulation of the argument subject leads to cross site scripting. It is possible to launch the attack remotely. The exploit is...

5.3CVSS4.7AI score0.00347EPSS
Exploits0References7
OSV
OSV
added 5 days ago3 views

CVE-2026-15620 mosaxiv clawlet tool_web_fetch.go tools.webFetch server-side request forgery

A security vulnerability has been detected in mosaxiv clawlet up to 0.2.10. This affects the function tools.webFetch of the file tools/toolwebfetch.go. Such manipulation leads to server-side request forgery. The attack can be launched remotely. The exploit has been disclosed publicly and may be...

5.3CVSS6.2AI score0.00228EPSS
Exploits0References8
CVE
CVE
added 5 days ago6 views

CVE-2025-56363

The Matter SDK (connectedhomeip) has a null pointer dereference in ReadRevisionAttribute across multiple clusters (Channel, Account Login, TargetNavigator, etc.) due to missing validation of the delegate pointer. This affects versions prior to 1.4.0 and can be exploited by a remote unauthenticate...

7.5CVSS6AI score0.00343EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 5 days ago10 views

PT-2026-58727

Name of the Vulnerable Software and Affected Versions Google Chrome on Linux versions prior to 150.0.7871.125 Description A use-after-free issue exists in the Ozone graphics layer. A remote attacker could potentially exploit heap corruption—a condition where memory is corrupted in the heap area—v...

7.5CVSS6.5AI score0.00268EPSS
Exploits0References7
Kaspersky
Kaspersky
added 5 days ago5 views

KLA91142 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Monitor Agent Metri...

8.8CVSS5.4AI score0.01174EPSS
Exploits1References7
OSV
OSV
added 6 days ago5 views

CVE-2026-15618 mosaxiv clawlet exec Safety Guard tool_exec.go guardExecCommand protection mechanism

A security flaw has been discovered in mosaxiv clawlet up to 0.2.10. The affected element is the function guardExecCommand of the file tools/toolexec.go of the component exec Safety Guard. The manipulation results in protection mechanism failure. It is possible to launch the attack remotely. The...

5.3CVSS6.3AI score0.0024EPSS
Exploits0References8
OSV
OSV
added 6 days ago6 views

CVE-2026-15607 tanstack db Alias Path select.ts select prototype pollution

A vulnerability was detected in tanstack db up to 0.6.8. Affected by this vulnerability is the function select of the file src/query/compiler/select.ts of the component Alias Path Handler. The manipulation results in improperly controlled modification of object prototype attributes. The attack ma...

5.3CVSS5.7AI score0.00254EPSS
Exploits0References10
NVD
NVD
added 6 days ago6 views

CVE-2026-15596

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /subject.php. Such manipulation of the argument subject leads to cross site scripting. It is possible to launch the attack remotely. The exploit is...

5.3CVSS0.00347EPSS
Exploits0References6
NVD
NVD
added 6 days ago4 views

CVE-2026-15557

A weakness has been identified in waooAI waoowaoo up to 0.4.1. Affected by this vulnerability is the function getInternalTaskSession/getAuthSession/requireUserAuth/requireProjectAuth/requireProjectAuthLight in the library src/lib/api-auth.ts of the component Internal Task Header Handler. This...

7.5CVSS0.00507EPSS
Exploits0References6
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-43282

A security flaw has been discovered in SourceCodester Online Book Store System 1.0. This vulnerability affects unknown code of the file admin/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit has been released to the...

7.5CVSS6.8AI score0.00263EPSS
Exploits0References7
OSV
OSV
added 6 days ago5 views

CVE-2026-15557 waooAI waoowaoo Internal Task Header api-auth.ts requireProjectAuthLight improper authentication

A weakness has been identified in waooAI waoowaoo up to 0.4.1. Affected by this vulnerability is the function getInternalTaskSession/getAuthSession/requireUserAuth/requireProjectAuth/requireProjectAuthLight in the library src/lib/api-auth.ts of the component Internal Task Header Handler. This...

6.9CVSS5.8AI score0.00507EPSS
Exploits0References8
NVD
NVD
added 6 days ago5 views

CVE-2026-15546

A security flaw has been discovered in Shibby Tomato up to 1.28.0000. Affected by this issue is the function sub2D568 of the component startjffs2. Performing a manipulation of the argument jffs2exec results in os command injection. Remote exploitation of the attack is possible. The exploit has be...

6.5CVSS0.0105EPSS
Exploits0References5
Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-15546 Shibby Tomato start_jffs2 sub_2D568 os command injection

A security flaw has been discovered in Shibby Tomato up to 1.28.0000. Affected by this issue is the function sub2D568 of the component startjffs2. Performing a manipulation of the argument jffs2exec results in os command injection. Remote exploitation of the attack is possible. The exploit has be...

6.5CVSS0.0105EPSS
Exploits0References5
NVD
NVD
added 6 days ago6 views

CVE-2026-15536

A vulnerability was identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patviewprescription.php. The manipulation of the argument delid leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and mig...

6.5CVSS0.002EPSS
Exploits0References6
Rows per page
Query Builder