Lucene search
K

49 matches found

NVD
NVD
added 5 days ago8 views

CVE-2026-13489

A weakness has been identified in 78 xiaozhi-esp32 up to 2.2.6. Affected by this issue is the function ParseMessage of the file main/mcpserver.cc of the component MCP Response Handler. This manipulation causes improper synchronization. Remote exploitation of the attack is possible. The attack's...

3.1CVSS0.00228EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 5 days ago8 views

CVE-2026-13489

A weakness has been identified in 78 xiaozhi-esp32 up to 2.2.6. Affected by this issue is the function ParseMessage of the file main/mcpserver.cc of the component MCP Response Handler. This manipulation causes improper synchronization. Remote exploitation of the attack is possible. The attack's...

3.1CVSS5.1AI score0.00228EPSS
Exploits0References7Affected Software1
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-39989

A weakness has been identified in 78 xiaozhi-esp32 up to 2.2.6. Affected by this issue is the function ParseMessage of the file main/mcpserver.cc of the component MCP Response Handler. This manipulation causes improper synchronization. Remote exploitation of the attack is possible. The attack's...

3.1CVSS5.1AI score0.00228EPSS
Exploits0References7
CVE
CVE
added 5 days ago12 views

CVE-2026-13489

The CVE-2026-13489 entry describes a vulnerability in 78 xiaozhi-esp32

3.1CVSS5.1AI score0.00228EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 5 days ago10 views

PT-2026-53102

Name of the Vulnerable Software and Affected Versions xiaozhi-esp32 versions prior to 2.2.7 Description A weakness in the MCP Response Handler component allows for improper synchronization. This issue occurs within the ParseMessage function located in the main/mcp server.cc file. Remote...

3.1CVSS5.7AI score0.00228EPSS
Exploits0References12
CVE
CVE
added 2026/06/23 3:34 p.m.10 views

CVE-2026-56402

CVE-2026-56402 affects NanoClaw prior to 2.1.17. The issue is in handleApprovalsResponse where responder role authorization is not verified, allowing attackers with a valid questionId to approve or reject privileged actions (e.g., package installation) without proper role validation. The vulnerab...

7.1CVSS5.9AI score0.00213EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.11 views

CVE-2026-8026

A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/services/account.service.ts of the component API Response Handler. The manipulation results in information disclosure. The attack can be launched...

6.3CVSS4.6AI score0.00259EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/05/19 1:58 a.m.10 views

CVE-2026-8769

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

6.5CVSS5.5AI score0.00561EPSS
Exploits1References1
Snyk
Snyk
added 2026/05/18 2:7 a.m.14 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in various respons.text invocations in response-handler.ts, which accept and buffer arbitrarily long request strings. Functions like createJsonResponseHandler and...

6.9CVSS5.9AI score0.00561EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/18 12:31 a.m.29 views

EUVD-2026-30712

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

5.3CVSS5.5AI score0.00561EPSS
Exploits1References5
OSV
OSV
added 2026/05/18 12:31 a.m.5 views

GHSA-866G-F22W-33X8 @ai-sdk/provider-utils has an Uncontrolled Resource Consumption issue

A vulnerability was determined in Vercel AI up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

5.3CVSS5.5AI score0.00561EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2026/05/18 12:31 a.m.11 views

@ai-sdk/provider-utils has an Uncontrolled Resource Consumption issue

A vulnerability was determined in Vercel AI up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

6.5CVSS5.4AI score0.00561EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2026/05/17 11:17 p.m.26 views

CVE-2026-8769

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

6.5CVSS0.00561EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/05/17 11:0 p.m.65 views

CVE-2026-8769 vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumption

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

5.3CVSS0.00561EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/17 11:0 p.m.11 views

CVE-2026-8769 vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumption

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

5.3CVSS5.5AI score0.00561EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/17 11:0 p.m.21 views

CVE-2026-8769

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

5.3CVSS5.5AI score0.00561EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/05/06 12:30 p.m.18 views

CVE-2026-8026

FlowiseAI Flowise up to version 3.0.12 contains a security flaw in the API Response Handler, specifically in the function Login of packages/server/src/enterprise/services/account.service.ts. The manipulation leads to information disclosure and can be exploited remotely. The reported attack comple...

6.3CVSS5.2AI score0.00259EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.8 views

PT-2026-37628

A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/services/account.service.ts of the component API Response Handler. The manipulation results in information disclosure. The attack can be launched...

6.3CVSS5.2AI score0.00259EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/05/04 10:1 p.m.6 views

net-imap vulnerable to STARTTLS stripping via invalid response timing

Summary A man-in-the-middle attacker can cause Net::IMAPstarttls to return "successfully", without starting TLS. Details When using Net::IMAPstarttls to upgrade a plaintext connection to use TLS, a man-in-the-middle attacker can inject a tagged OK response with an easily predictable tag. By sendi...

7.6CVSS5.9AI score0.00324EPSS
Exploits0References14Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/04/26 8:9 a.m.4 views

NFC: digital: Bounds check NFC-A cascade depth in SDD response handler

...

8.8CVSS5.8AI score0.00281EPSS
Exploits0
Rows per page
Query Builder