CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4262 matches found

CNNVD•added 2026/02/03 12:0 a.m.•4 views

Qwik 跨站脚本漏洞

Qwik is a micro-web framework developed by Qwik Dev. Versions of Qwik prior to 1.19.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from server-side rendering of virtual property serialization, which allowed remote attackers to inject arbitrary web scripts...

6.1CVSS5.8AI score0.00307EPSS

Exploits0References2

RedHat Linux•added 2026/01/30 6:51 p.m.•3 views

Critical: Red Hat Security Advisory: Red Hat OpenShift Lightspeed 1.0.9 security update

Red Hat OpenShift Lightspeed 1.0.9 operand images, which provide security fixes and container updates. Red Hat OpenShift Lightspeed is a generative AI-based virtual assistant integrated into the OpenShift console. It can answer questions related to OpenShift and layered offerings. Security Fixes:...

9.3CVSS7.9AI score0.1383EPSS

Exploits5References3

Microsoft Secure•added 2026/01/30 6:49 p.m.•6 views

Case study: Securing AI application supply chains

The rapid adoption of AI applications, including agents, orchestrators, and autonomous workflows, represents a significant shift in how software systems are built and operated. Unlike traditional applications, these systems are active participants in execution. They make decisions, invoke tools,...

9.3CVSS8.3AI score0.1383EPSS

Exploits5

Microsoft Secure•added 2026/01/30 6:49 p.m.•8 views

Case study: Securing AI application supply chains

9.3CVSS6.3AI score0.1383EPSS

Exploits5

Veracode•added 2026/01/27 2:28 p.m.•8 views

Serialization Injection Vulnerability

LangChain is vulnerable to a Serialization Injection Vulnerability. The vulnerability is due to improper handling of user-controlled objects containing lc keys in the toJSON serialization logic, which allows an attacker to inject crafted data that is mistakenly treated as a trusted LangChain obje...

9.1CVSS6AI score0.00746EPSS

Exploits0References6Affected Software2

Veracode•added 2026/01/27 2:15 p.m.•8 views

Serialization Injection Vulnerability

langchaincore is vulnerable to a Serialization Injection Vulnerability. The vulnerability is due to the dumps and dumpd functions not escaping user-controlled dictionaries containing the internal lc key, which allows an attacker to craft malicious input that is interpreted as a trusted LangChain...

9.3CVSS5.9AI score0.1383EPSS

Exploits5References9Affected Software1

Github Security Blog•added 2026/01/26 6:31 p.m.•11 views

Withdrawn Advisory: eslint has a Stack Overflow when serializing objects with circular references

Withdrawn Advisory This advisory has been withdrawn because RuleTester is used for testing rules during development and results in a error rather than crashing the application. Original Description There is a Stack Overflow vulnerability in eslint before 9.26.0 when serializing objects with...

5.5CVSS5.1AI score0.00163EPSS

Exploits1References5Affected Software1

OSV•added 2026/01/26 6:31 p.m.•3 views

GHSA-P5WG-G6QR-C7CG Withdrawn Advisory: eslint has a Stack Overflow when serializing objects with circular references

5.5CVSS5.1AI score0.00163EPSS

Exploits1References5

Snyk•added 2026/01/26 4:49 p.m.•2 views

Uncontrolled Recursion

Overview org.webjars.npm:eslint is a pluggable linting utility for JavaScript and JSX Affected versions of this package are vulnerable to Uncontrolled Recursion in the isSerializable function when handling objects with circular references during the serialization process. An attacker can cause th...

5.5CVSS5.9AI score0.00163EPSS

Exploits1References2

NVD•added 2026/01/26 4:15 p.m.•5 views

CVE-2025-50537

Stack overflow vulnerability in eslint before 9.26.0 when serializing objects with circular references in eslint/lib/shared/serialization.js. The exploit is triggered via the RuleTester.run method, which validates test cases and checks for duplicates. During validation, the internal function...

5.5CVSS0.00163EPSS

Exploits1References2

OSV•added 2026/01/26 4:15 p.m.•4 views

CVE-2025-50537

5.5CVSS5.9AI score

Exploits0References2

UbuntuCve•added 2026/01/26 4:15 p.m.•6 views

CVE-2025-50537

5.5CVSS7.3AI score0.00163EPSS

Exploits1References3

OSV•added 2026/01/26 4:15 p.m.•2 views

UBUNTU-CVE-2025-50537

5.5CVSS5.9AI score0.00163EPSS

Exploits1References4

ATTACKERKB•added 2026/01/26 12:0 a.m.•5 views

CVE-2025-50537

5.5CVSS6AI score0.00163EPSS

Exploits1References3

EUVD•added 2026/01/26 12:0 a.m.•3 views

EUVD-2025-206359

5.5CVSS6AI score0.00163EPSS

Exploits1References2

Vulnrichment•added 2026/01/26 12:0 a.m.•1 views

CVE-2025-50537

6AI score0.00163EPSS

Exploits1References2

Cvelist•added 2026/01/26 12:0 a.m.•31 views

CVE-2025-50537

0.00163EPSS

Exploits1References2

Debian CVE•added 2026/01/26 12:0 a.m.•4 views

CVE-2025-50537

Removed by vendor...

5.5CVSS5.2AI score0.00163EPSS

Exploits1

CVE•added 2026/01/26 12:0 a.m.•24 views

CVE-2025-50537

CVE-2025-50537 : The vulnerability affects eslint before 9.26.0, where serializing objects with circular references in eslint/lib/shared/serialization.js triggers infinite recursion in isSerializable() during RuleTester.run() validation, causing a stack overflow. Multiple sources (NVD, OSV, and C...

5.5CVSS6AI score0.00163EPSS

Exploits1References2Affected Software1

Tenable Nessus•added 2026/01/26 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-50537

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack overflow vulnerability in eslint before 9.26.0 when serializing objects with circular references in eslint/lib/shared/serialization.js. The exploit is...

5.5CVSS5.5AI score0.00163EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by