Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

43 matches found

RedhatCVE
RedhatCVEadded 4 days ago5 views

CVE-2026-8026

A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/services/account.service.ts of the component API Response Handler. The manipulation results in information disclosure. The attack can be launched...

6.3CVSS4.6AI score0.00019EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/05/19 1:58 a.m.7 views

CVE-2026-8769

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

6.5CVSS5.5AI score0.00017EPSS
Exploits1References1
Snyk
Snykadded 2026/05/18 2:7 a.m.6 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in various respons.text invocations in response-handler.ts, which accept and buffer arbitrarily long request strings. Functions like createJsonResponseHandler and...

6.9CVSS5.9AI score0.00017EPSS
Exploits1References2
EUVD
EUVDadded 2026/05/18 12:31 a.m.13 views

EUVD-2026-30712

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

5.3CVSS5.5AI score0.00017EPSS
Exploits1References5
OSV
OSVadded 2026/05/18 12:31 a.m.2 views

GHSA-866G-F22W-33X8 @ai-sdk/provider-utils has an Uncontrolled Resource Consumption issue

A vulnerability was determined in Vercel AI up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

5.3CVSS5.5AI score0.00017EPSS
Exploits1References6
Github Security Blog
Github Security Blogadded 2026/05/18 12:31 a.m.6 views

@ai-sdk/provider-utils has an Uncontrolled Resource Consumption issue

A vulnerability was determined in Vercel AI up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

6.5CVSS5.4AI score0.00017EPSS
Exploits1References6Affected Software1
NVD
NVDadded 2026/05/17 11:17 p.m.8 views

CVE-2026-8769

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

6.5CVSS0.00017EPSS
Exploits1References4
Cvelist
Cvelistadded 2026/05/17 11:0 p.m.35 views

CVE-2026-8769 vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumption

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

5.3CVSS0.00017EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2026/05/17 11:0 p.m.9 views

CVE-2026-8769 vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumption

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

5.3CVSS5.5AI score0.00017EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2026/05/17 11:0 p.m.7 views

CVE-2026-8769

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

5.3CVSS5.5AI score0.00017EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2026/05/06 12:30 p.m.10 views

CVE-2026-8026

FlowiseAI Flowise up to version 3.0.12 contains a security flaw in the API Response Handler, specifically in the function Login of packages/server/src/enterprise/services/account.service.ts. The manipulation leads to information disclosure and can be exploited remotely. The reported attack comple...

6.3CVSS5.2AI score0.00019EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2026/05/06 12:0 a.m.3 views

PT-2026-37628

A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/services/account.service.ts of the component API Response Handler. The manipulation results in information disclosure. The attack can be launched...

6.3CVSS5.2AI score0.00019EPSS
Exploits1References5
Github Security Blog
Github Security Blogadded 2026/05/04 10:1 p.m.2 views

net-imap vulnerable to STARTTLS stripping via invalid response timing

Summary A man-in-the-middle attacker can cause Net::IMAPstarttls to return "successfully", without starting TLS. Details When using Net::IMAPstarttls to upgrade a plaintext connection to use TLS, a man-in-the-middle attacker can inject a tagged OK response with an easily predictable tag. By sendi...

7.6CVSS5.9AI score0.00016EPSS
Exploits0References14Affected Software1
Microsoft CVE
Microsoft CVEadded 2026/04/26 8:9 a.m.1 views

NFC: digital: Bounds check NFC-A cascade depth in SDD response handler

...

8.8CVSS5.8AI score0.00044EPSS
Exploits0
CVE
CVEadded 2026/04/24 2:42 p.m.11 views

CVE-2026-31622

Summary (CVE-2026-31622): In the Linux kernel NFC digital subsystem, the NFC‑A cascade depth handling in digital_in_recv_sdd_res() could allow a malicious peer to keep sending cascade responses, causing writes past the allocated nfc_target buffer (heap overflow) by exceeding the cascade depth. Th...

8.8CVSS5.4AI score0.00044EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVEadded 2026/04/24 2:42 p.m.2 views

CVE-2026-31622

In the Linux kernel, the following vulnerability has been resolved: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler The NFC-A anti-collision cascade in digitalinrecvsddres appends 3 or 4 bytes to target-nfcid1 on each round, but the number of cascade rounds is controlled...

8.8CVSS5.3AI score0.00044EPSS
Exploits0
Cvelist
Cvelistadded 2026/04/24 2:42 p.m.29 views

CVE-2026-31622 NFC: digital: Bounds check NFC-A cascade depth in SDD response handler

In the Linux kernel, the following vulnerability has been resolved: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler The NFC-A anti-collision cascade in digitalinrecvsddres appends 3 or 4 bytes to target-nfcid1 on each round, but the number of cascade rounds is controlled...

8.8CVSS0.00044EPSS
Exploits0References9
EUVD
EUVDadded 2026/03/11 9:31 p.m.3 views

EUVD-2026-11347

A security flaw has been discovered in LockerProject Locker 0.0.0/0.0.1/0.1.0. Affected is the function authIsAwesome of the file source-code/Locker-master/Ops/registry.js of the component Error Response Handler. The manipulation of the argument ID results in cross site scripting. The attack can ...

5.3CVSS4.3AI score0.0005EPSS
Exploits0References7
Cvelist
Cvelistadded 2026/03/11 7:32 p.m.25 views

CVE-2026-3951 LockerProject Locker Error Response registry.js authIsAwesome cross site scripting

A security flaw has been discovered in LockerProject Locker 0.0.0/0.0.1/0.1.0. Affected is the function authIsAwesome of the file source-code/Locker-master/Ops/registry.js of the component Error Response Handler. The manipulation of the argument ID results in cross site scripting. The attack can ...

5.3CVSS0.0005EPSS
Exploits0References6
CNNVD
CNNVDadded 2026/03/11 12:0 a.m.3 views

Locker 代码注入漏洞

Locker is an open-source personal data aggregation and management platform developed by The Locker Project. Versions 0.0.0, 0.0.1, and 0.1.0 of Locker contain code injection vulnerabilities. These vulnerabilities stem from incorrect operations on the authIsAwesome parameter ID in the file...

5.3CVSS5.7AI score0.0005EPSS
Exploits0References6
Rows per page
Query Builder