Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/06/02 12:0 a.m.2 views

BlenderMCP 安全漏洞

BlenderMCP is a 3D modeling control tool developed by ahujasid that connects Blender with AI. BlenderMCP has a security vulnerability, which stems from the operation of the Open function in the file src/blendermcp/server.py regarding the parameter inputimageurl, potentially leading to exploitatio...

5.3CVSS5.3AI score0.00248EPSS
Exploits0References8
CNNVD
CNNVDadded 2026/06/02 12:0 a.m.4 views

BlenderMCP 代码注入漏洞

BlenderMCP is a 3D modeling control tool developed by ahujasid that connects Blender with AI. Versions of BlenderMCP 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b and earlier have a code injection vulnerability. This vulnerability stems from the handling of the code parameter in the executeblendercode...

6.5CVSS5.5AI score0.00178EPSS
Exploits0References6
EUVD
EUVDadded 2026/05/15 8:33 p.m.9 views

EUVD-2026-30627

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.5, the tool update endpoint POST /api/v1/tools/id/id/update is missing the workspace.tools permission check that is present on the tool create endpoint. This allows a user who has been...

7.2CVSS6.2AI score0.00437EPSS
Exploits1References1
CVE
CVEadded 2026/04/28 9:0 p.m.6 views

CVE-2026-7319

CVE-2026-7319 affects elinsky execution-system-mcp 0.1.0. The vulnerability is in the function _get_context_file_path (src/execution_system_mcp/server.py, add_action Tool), where improper handling of the context argument enables path traversal. Attack can be initiated remotely; the exploit has be...

7.5CVSS7.1AI score0.0053EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/26 11:15 p.m.3 views

CVE-2026-7066

A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function execopenstack of the file server.py. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has...

7.5CVSS7.1AI score0.01338EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/03/29 5:3 p.m.3 views

CVE-2026-5002

A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The impacted element is the function routeusingoverviews of the file backend/server.py of the component LLM Prompt Handler. Such manipulation leads to injection. The attack may be performed fr...

7.5CVSS5.4AI score0.00304EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2025/10/28 4:10 a.m.184 views

Exploit for Improper Access Control in Adobe Coldfusion

PoC exploit for CVE-2023-26360, a Remote Code Execution vulnerab...

9.8CVSS7.9AI score0.97115EPSS
Exploits13
Debian
Debianadded 2012/03/29 6:6 a.m.31 views

[SECURITY] [DSA 2444-1] tryton-server security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2444-1 [email protected] http://www.debian.org/security/ Florian Weimer March 29, 2012 http://www.debian.org/security/faq -...

5.5CVSS6AI score0.01966EPSS
Exploits2
Rows per page
Query Builder