Lucene search
K

265335 matches found

NVD
NVD
added 56 minutes ago3 views

CVE-2026-55615

Langroid is a framework for building large-language-model-powered applications. Prior to version 0.65.5, Neo4jChatAgent passes LLM-generated Cypher queries straight to the Neo4j driver with no validation, no statement-type allowlist, and no opt-out gate. The query text is influenceable by prompt...

9.2CVSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 1 hour ago7 views

The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems allows a hacker to cause a service failure.

The vulnerability in the drivers/bluetooth/btnxpuart.c module of Linux operating systems is related to incorrect resource management. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS6AI score0.00119EPSS
Exploits0References6Affected Software4
Cvelist
Cvelist
added yesterday4 views

CVE-2026-55615 Langroid: Neo4jChatAgent executes LLM-generated Cypher without validation (prompt-to-Cypher injection; config-conditional RCE), mirroring the SQLChatAgent bug fixed in CVE-2026-25879

Langroid is a framework for building large-language-model-powered applications. Prior to version 0.65.5, Neo4jChatAgent passes LLM-generated Cypher queries straight to the Neo4j driver with no validation, no statement-type allowlist, and no opt-out gate. The query text is influenceable by prompt...

9.2CVSS
Exploits0References2
CVE
CVE
added yesterday11 views

CVE-2026-55615

Langroid is a framework for building large-language-model-powered applications. Prior to version 0.65.5, Neo4jChatAgent passes LLM-generated Cypher queries straight to the Neo4j driver with no validation, no statement-type allowlist, and no opt-out gate. The query text is influenceable by prompt...

9.2CVSS6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday3 views

Malicious code in pxpure8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a40ae433e9fa90bfbb449d343c281375329a44c0dacf080a91a0c1717579b679 The package's main entry pure.js consists of a single behavior: it creates a element pointing at https://cdn.jsdelivr.net/npm/px8my/px.js no version...

6.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday3 views

Malicious code in validator-string (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41a95b09ecd097cf7db1496950d26195169adb7ad2d8065a3458771389094be4 Package name validator-string impersonates the widely-used npm package validator and copies its README, homepage, and API surface. package.json...

6.4AI score
Exploits0References1
GithubExploit
GithubExploit
added yesterday7 views

cpm-poc-sdwebui-ext

cpm-poc-sdwebui-ext Research artifact — JHU EN.601.441/641 CP...

5.9AI score
Exploits0
NVD
NVD
added yesterday4 views

CVE-2026-57032

An Improper Handling of Undefined Parameters vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on EX Series devices allows an authenticated attacker with low privileges to cause a Denial-of-Service DoS. If an attempt is made to subscribe to an unsupported telemetry...

7.1CVSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-57019

An Improper Validation of Specified Quantity in Input vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. When a specific packet is received from device in the same broadcast...

7.1CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday7 views

CVE-2026-58144 Cotonti Siena 0.9.26 Stored XSS via PFS Module ntitle Parameter

Cotonti Siena 0.9.26 and earlier contains a stored cross-site scripting vulnerability that allows authenticated users with PFS access to inject arbitrary script payloads by supplying malicious HTML in the ntitle parameter processed through the TXT filter in pfs.main.php. Attackers can create a...

5.4CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday3 views

CVE-2026-57032 Junos OS: EX Series: Subscribing to an unsupported telemetry sensor path causes fxpc process crash

An Improper Handling of Undefined Parameters vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on EX Series devices allows an authenticated attacker with low privileges to cause a Denial-of-Service DoS. If an attempt is made to subscribe to an unsupported telemetry...

7.1CVSS
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-57032

CVE-2026-57032 describes an improper handling of undefined parameters in the packet forwarding engine (pfe) of Juniper Networks Junos OS on EX Series devices. When attempting to subscribe to an unsupported telemetry sensor path on EX2300, EX3400, EX4000, EX4100, and EX4400 via gRPC, the Front Pan...

7.1CVSS5.9AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-57032

An Improper Handling of Undefined Parameters vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on EX Series devices allows an authenticated attacker with low privileges to cause a Denial-of-Service DoS. If an attempt is made to subscribe to an unsupported telemetry...

7.1CVSS5.9AI score
Exploits0References2Affected Software1
EUVD
EUVD
added yesterday3 views

EUVD-2026-42723

An Improper Handling of Undefined Parameters vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on EX Series devices allows an authenticated attacker with low privileges to cause a Denial-of-Service DoS. If an attempt is made to subscribe to an unsupported telemetry...

7.1CVSS5.9AI score
Exploits0References1
GithubExploit
GithubExploit
added yesterday8 views

Exploit for CVE-2026-12400

CVE-2026-12400 — FlowForms IDOR: Unauthorized Form Modificatio...

6AI score
Exploits0
Cvelist
Cvelist
added yesterday3 views

CVE-2026-57019 Junos OS: MX Series: Specific traffic causes an FPC to reset

An Improper Validation of Specified Quantity in Input vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. When a specific packet is received from device in the same broadcast...

7.1CVSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-57019

CVE-2026-57019 affects Junos OS on MX Series. An issue in the Packet Forwarding Engine (pfe) due to improper validation of a specified quantity in input can allow an unauthenticated adjacent attacker to cause a Denial-of-Service by triggering an FPC major error and a reset, impacting traffic unti...

7.1CVSS6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-57019

An Improper Validation of Specified Quantity in Input vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. When a specific packet is received from device in the same broadcast...

7.1CVSS6AI score
Exploits0References2Affected Software1
EUVD
EUVD
added yesterday3 views

EUVD-2026-42706

An Improper Validation of Specified Quantity in Input vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. When a specific packet is received from device in the same broadcast...

7.1CVSS6AI score
Exploits0References1
Github Security Blog
Github Security Blog
added yesterday3 views

YesWiki Vulnerable to Authenticated PHP Object Injection in BazarImportAction via unserialize

Details Sink tools/bazar/services/CSVManager.php line 372-399: public function importEntryarray $importedEntries, string $formId: ?array if !$this-importdone // ... foreach $importedEntries as $entry $entry = unserializebase64decode$entry; // false argument; arbitrary classes are instantiated. Th...

6.7AI score0.00379EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder