EUVD-2026-23452

OpenHarness before commit bd4df81 contains a server-side request forgery vulnerability in the webfetch and websearch tools that allows attackers to access private and localhost HTTP services by manipulating tool parameters without proper validation of target addresses. Attackers can influence an...

CVE-2026-40516

Technical details about CVE-2026-40516 are not publicly available in the provided Connected documents; the description exists but without explicit vendor/product/versions in this set. Monitor for updates.

Eco Search 安全漏洞

Eco Search is a search tool developed by the Eco Search company. Version 1.0.2.0 of Eco Search contains a security vulnerability. This vulnerability arises from the search function’s improper handling of extremely long strings, which may allow local attackers to cause the application to crash by...

CVE-2026-34554

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a heap-buffer-overflow HBO in CIccApplyCmmSearch::costFunc can be triggered via malformed JSON configuration input to the iccApplySearch tool. AddressSanitizer reports an...

CVE-2026-34554 iccDEV: HBO in CIccApplyCmmSearch::costFunc()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a heap-buffer-overflow HBO in CIccApplyCmmSearch::costFunc can be triggered via malformed JSON configuration input to the iccApplySearch tool. AddressSanitizer reports an...

CrewAI 安全漏洞

CrewAI is an open-source code execution and analysis tool component developed by CrewAI. CrewAI has a security vulnerability, which stems from the RAG search tool failing to properly validate URLs, potentially leading to server-side request forgeing attacks...

GHSA-92GP-JFGX-9QPV Hyperterse: Raw exposure of database statements in MCP search tool

Hyperterse allows users to specify database queries for tools to execute under the hood. As of v2.0.0, there are only two tools exposed - search and execute. The search tool allows LLMs to search for tools using natural language. While returning results, Hyperterse also returned the raw SQL...

Hyperterse: Raw exposure of database statements in MCP search tool

Hyperterse allows users to specify database queries for tools to execute under the hood. As of v2.0.0, there are only two tools exposed - search and execute. The search tool allows LLMs to search for tools using natural language. While returning results, Hyperterse also returned the raw SQL...

CVE-2026-31841

Hyperterse prior to v2.2.0 exposes raw SQL queries in search results, leaking statements intended to run covertly. Affects the Hyperterse tool-first MCP framework’s search component; vulnerability arises from returning executed-under-the-hood SQL alongside results. Impact per CVSS: Confidentialit...

CVE-2026-31841 Raw exposure of database statements in Hyperterse MCP search tool

Hyperterse is a tool-first MCP framework for building AI-ready backend surfaces from declarative config. Prior to v2.2.0, the search tool allows LLMs to search for tools using natural language. While returning results, Hyperterse also returned the raw SQL queries, exposing statements which were...

CVE-2026-31841

Hyperterse is a tool-first MCP framework for building AI-ready backend surfaces from declarative config. Prior to v2.2.0, the search tool allows LLMs to search for tools using natural language. While returning results, Hyperterse also returned the raw SQL queries, exposing statements which were...

PT-2026-25015

Hyperterse is a tool-first MCP framework for building AI-ready backend surfaces from declarative config. Prior to v2.2.0, the search tool allows LLMs to search for tools using natural language. While returning results, Hyperterse also returned the raw SQL queries, exposing statements which were...

AntiDupl 后置链接漏洞

AntiDupl is a program by the individual developer Ihar Yermalayeu that searches for similar and defective images on disk. AntiDupl 2.3.12 and earlier versions suffer from a backlink vulnerability that stems from a link-following issue in the file AntiDupl.NET.WinForms.exe of the component Delete...

EUVD-2020-27457

Malware in sbrugna...

CVE-2020-6307

Automated Note Search Tool update provided in SAP Basis 7.0, 7.01, 7.02, 7.31, 7.4, 7.5, 7.51, 7.52, 7.53 and 7.54 does not perform sufficient authorization checks leading to the reading of sensitive information...

My Writings Are in the LibGen AI Training Corpus

The Atlantic has a search tool that allows you to search for specific works in the "LibGen" database of copyrighted works that Meta used to train its AI models. The rest of the article is behind a paywall, but not the search tool. It’s impossible to know exactly which parts of LibGen Meta used to...

[SECURITY] Fedora 39 Update: rust-ripgrep-14.1.0-3.fc39

Ripgrep is a line-oriented search tool that recursively searches the current directory for a regex pattern while respecting gitignore rules. ripgrep has first class support on Windows, macOS and Linux...

Fedora: Security Advisory for rust-ripgrep (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RLSA-2023:7712 Important: tracker-miners security update

Tracker is a powerful desktop-neutral first class object database, tag/metadata database and search tool. This package contains various miners and metadata extractors for tracker. Security Fixes: tracker-miners: sandbox escape CVE-2023-5557 For more details about the security issues, including th...

RLSA-2023:7732 Important: tracker-miners security update

Tracker is a powerful desktop-neutral first class object database, tag/metadata database and search tool. This package contains various miners and metadata extractors for tracker. Security Fixes: tracker-miners: sandbox escape CVE-2023-5557 For more details about the security issues, including th...