Lucene search
+L

71 matches found

redhatcve
redhatcve
added 2026/06/09 2:58 a.m.13 views

CVE-2026-11466

A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...

5.5CVSS5.6AI score0.00253EPSS
Exploits0References1
euvd
euvd
added 2026/06/08 12:30 a.m.9 views

EUVD-2026-34997

A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...

5.5CVSS5.2AI score0.00253EPSS
Exploits0References8
nvd
nvd
added 2026/06/07 11:16 p.m.14 views

CVE-2026-11466

A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...

5.5CVSS0.00253EPSS
Exploits0References7
attackerkb
attackerkb
added 2026/06/07 11:0 p.m.5 views

CVE-2026-11466

A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...

5.5CVSS5.6AI score0.00253EPSS
Exploits0References7Affected Software1
vulnrichment
vulnrichment
added 2026/06/07 11:0 p.m.9 views

CVE-2026-11466 zilliztech deep-searcher collection_router.py CollectionRouter.invoke access control

A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...

5.5CVSS5.6AI score0.00253EPSS
Exploits0References7
cve
cve
added 2026/06/07 11:0 p.m.39 views

CVE-2026-11466

CVE-2026-11466 affects the zilliztech deep-searcher up to version 0.0.2. The issue is in deepsearcher/agent/collection_router.py (function CollectionRouter.invoke ), where argument kwargs manipulation leads to improper access controls. This enables remote exploitation ; the exploit is publicly av...

5.5CVSS5.6AI score0.00253EPSS
Exploits0References7
cvelist
cvelist
added 2026/06/07 11:0 p.m.38 views

CVE-2026-11466 zilliztech deep-searcher collection_router.py CollectionRouter.invoke access control

A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...

5.5CVSS0.00253EPSS
Exploits0References7
osv
osv
added 2026/06/07 11:0 p.m.2 views

CVE-2026-11466 zilliztech deep-searcher collection_router.py CollectionRouter.invoke access control

A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collectionrouter.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. Th...

5.3CVSS5.7AI score0.00253EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2026/06/07 12:0 a.m.16 views

PT-2026-47197

Name of the Vulnerable Software and Affected Versions zilliztech deep-searcher versions prior to 0.0.3 Description Improper access controls in the CollectionRouter.invoke function within the deepsearcher/agent/collection router.py file allow for remote exploitation. This issue is caused by the...

5.5CVSS6.1AI score0.00253EPSS
Exploits0References10
cnnvd
cnnvd
added 2026/06/07 12:0 a.m.12 views

deep-searcher 访问控制错误漏洞

Deep-Searcher is a private data search and intelligent question-answering tool developed by Zilliz, based on large models and VectorDB. Versions of Deep-Searcher 0.0.2 and earlier contain an access control vulnerability. This vulnerability stems from the operation of the CollectionRouter.invoke...

5.5CVSS5.6AI score0.00253EPSS
Exploits0References7
vulnrichment
vulnrichment
added 2026/02/18 6:32 a.m.6 views

CVE-2026-2642 ggreer the_silver_searcher search.c search_stream null pointer dereference

A security vulnerability has been detected in ggreer thesilversearcher up to 2.2.0. The impacted element is the function searchstream of the file src/search.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed...

4.8CVSS5.1AI score0.00153EPSS
Exploits0References6
cvelist
cvelist
added 2026/02/18 6:32 a.m.39 views

CVE-2026-2642 ggreer the_silver_searcher search.c search_stream null pointer dereference

A security vulnerability has been detected in ggreer thesilversearcher up to 2.2.0. The impacted element is the function searchstream of the file src/search.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed...

4.8CVSS0.00153EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/02/18 12:0 a.m.12 views

PT-2026-20355

A security vulnerability has been detected in ggreer the silver searcher up to 2.2.0. The impacted element is the function search stream of the file src/search.c. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed...

4.8CVSS5.1AI score0.00153EPSS
Exploits0References7
cnnvd
cnnvd
added 2026/02/18 12:0 a.m.8 views

The Silver Searcher 代码问题漏洞

The Silver Searcher is a code search tool developed by Geoff Greer personally. Versions of the Silver Searcher prior to 2.2.0 contained code-related vulnerabilities, specifically vulnerabilities related to null pointer dereferencing, which could lead to local crashes...

4.8CVSS5.9AI score0.00153EPSS
Exploits0References6
redhatcve
redhatcve
added 2026/01/23 9:15 p.m.4 views

CVE-2025-66137

Missing Authorization vulnerability in merkulove Searcher for Elementor searcher-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Searcher for Elementor: from n/a through = 1.0.3...

5.4CVSS5.4AI score0.0022EPSS
Exploits0References1
nvd
nvd
added 2026/01/22 5:16 p.m.4 views

CVE-2025-66137

Missing Authorization vulnerability in merkulove Searcher for Elementor searcher-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Searcher for Elementor: from n/a through = 1.0.3...

5.4CVSS0.0022EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/01/22 4:51 p.m.3 views

CVE-2025-66137

Missing Authorization vulnerability in merkulove Searcher for Elementor searcher-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Searcher for Elementor: from n/a through = 1.0.3...

8.8CVSS5.3AI score0.0022EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/01/22 4:51 p.m.4 views

CVE-2025-66137 WordPress Searcher for Elementor plugin <= 1.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in merkulove Searcher for Elementor searcher-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Searcher for Elementor: from n/a through = 1.0.3...

5.4CVSS5.9AI score0.0022EPSS
Exploits0References1
cve
cve
added 2026/01/22 4:51 p.m.9 views

CVE-2025-66137

CVE-2025-66137 is a Missing Authorization/Broken Access Control issue in the WordPress plugin “Searcher for Elementor” (merkulove) affecting versions up to and including 1.0.3. Multiple sources (NVD, Red Hat, CVE databases) describe the vulnerability as a Missing Authorization vulnerability in Se...

5.4CVSS5.4AI score0.0022EPSS
Exploits0References1
cvelist
cvelist
added 2026/01/22 4:51 p.m.25 views

CVE-2025-66137 WordPress Searcher for Elementor plugin <= 1.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in merkulove Searcher for Elementor searcher-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Searcher for Elementor: from n/a through = 1.0.3...

5.4CVSS0.0022EPSS
Exploits0References1
Rows per page
Query Builder