CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.5CVSS5.7AI score0.00052EPSS

CVE-2026-29974

An issue was discovered in kosma minmea 0.3.0. The minmeascan functions format specifier copies NMEA field data to a caller-provided buffer without a size parameter. Applications using minmeascan on untrusted input are vulnerable to a stack buffer overflow...

4.3CVSS5.5AI score0.00032EPSS

CVE-2026-36757

A Server-Side Request Forgery SSRF in the /plugins/name/upgrade-from-uri endpoint of halo v2.22.14 allows authenticated attackers to scan internal resources via a crafted GET request...

7.5CVSS5.8AI score0.00012EPSS

CVE-2026-45255

When bsdinstall or bsdconfig are prompted to scan for nearby Wi-Fi networks, they build up a list of network names and use bsddialog1 to prompt the user to select a network. This is implemented using a shell script, and the code which handled network names was not careful to prevent expansion by...

8.8CVSS6.3AI score0.00839EPSS

CVE-2026-8264

A weakness has been identified in Tenda AC6 15.03.06.23. Affected by this vulnerability is the function formWifiApScan of the file /goform/WifiApScan of the component httpd. Executing a manipulation of the argument wl2g.public.country/wl5g.public.country can lead to os command injection. It is...

Exploits1References1

4.3CVSS5.4AI score0.00036EPSS

CVE-2026-34225

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.7.2 and below contain a Blind Server Side Request Forgery in the functionality that allows editing an image via a prompt. The affected function performs a GET request to a user-provided U...

Exploits1References1

RedhatCVE•added yesterday•6 views

CVE-2026-3773

The Accessibility Suite by Ability, Inc plugin for WordPress is vulnerable to SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.20. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

6.5CVSS5.7AI score0.00012EPSS

RedhatCVE•added yesterday•3 views

CVE-2026-0827

During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareScanAddin used in Lenovo Vantage that, during installation or when using hardware scan, could allow a local authenticated user to perform an arbitrary file write with elevated...

7.1CVSS5.6AI score0.00019EPSS

8.5CVSS5.5AI score0.00036EPSS

CVE-2026-38527

A Server-Side Request Forgery SSRF in the /settings/webhooks/create component of Webkul Krayin CRM v2.2.x allows attackers to scan internal resources via supplying a crafted POST request...

Exploits1References1

8.7CVSS5.7AI score0.00047EPSS

CVE-2026-47356

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the webhookurl parameter in the file scan endpoint POST /v1/iac/iacVersion/cloud/local/file/scan when running in server mode. An unauthenticated remote attacker can supply an arbitrary URL as the webhookurl multipa...

9.2CVSS5.5AI score0.00037EPSS

CVE-2026-47357

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via the remoteurl parameter in the remote directory scan endpoint POST /v1/iac/iacVersion/cloud/remote/dir/scan when running in server mode. An unauthenticated remote attacker can supply an attacker-controlled HTTP URL...

Zero Science Lab•added yesterday•14 views

Lyrion Music Server 9.2.0 (metadata) Stored XSS

Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stream music to a wide range of physical and virtual audio players called Squeezeboxes. Lyrion Music Server can stream your local music collection, intern...

7.2CVSS4.9AI score

Exploits2

Packet Storm•added yesterday•14 views

📄 Lyrion Music Server 9.2.0 metadata Persistent Cross Site Scripting

Lyrion Music Server version 9.2.0 stores media file metadata tags such as GENRE, ARTIST, and ALBUM exactly as written in the file and later renders them in its web interface without HTML-encoding, resulting in persistent cross site scripting. An attacker who gets a file with a malicious tag into...

7.2CVSS4.4AI score

Exploits2

Positive Technologies•added 2 days ago•7 views

PT-2026-46839

Good evening, I am internally scanning 16 servers for an environment. At first scan I did an authenticated scan for the 16 servers, one server let’s name it eight had 2 vulnerabilities for copy fail CVE-2026-31431 QID387198. Second scan through agent did not have this vulnerability. Third scan as...

5.8AI score

NVD•added 5 days ago•9 views

CVE-2026-10223

A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. This affects the function scanmemorycontent of the file tools/memorytool.py. This manipulation causes injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used f...

6.5CVSS0.00044EPSS

EUVD•added 5 days ago•18 views

EUVD-2026-33556

6.5CVSS5.6AI score0.00044EPSS

CVE•added 5 days ago•20 views

CVE-2026-10223

CVE-2026-10223 affects NousResearch hermes-agent up to version 2026.4.30. The weakness is in tools/memory_tool.py function _scan_memory_content, enabling remote injection. CVSS metrics indicate NETWORK access, LOW attack complexity, and LOW privileges required, with PROOF-OF-CONCEPT exploit matur...

6.5CVSS6.3AI score0.00044EPSS

CNNVD•added 5 days ago•5 views

Hermes Agent security vulnerabilities

Hermes Agent is an AI agent tool developed by Nous Research, featuring a self-learning mechanism. Versions of Hermes Agent prior to 2026.4.30 contained a security vulnerability, which was caused by a problem with the scanmemorycontent function in the tools/memorytool.py file. This vulnerability...

6.5CVSS6.6AI score0.00044EPSS