CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/06/02 10:35 p.m.•6 views

CVE-2026-32625 LibreChat Exfiltrates Server Secrets via MCP Server URL Injection

LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, the Model Context Protocol MCP server integration resolves $VAR placeholders against the server's process.env during Zod schema validation of user-supplied MCP server URLs. Any...

9.6CVSS5.8AI score0.00251EPSS

Exploits1References1

CNNVD•added 2026/06/02 12:0 a.m.•2 views

LibreChat 安全漏洞

LibreChat is an open-source, free, and highly customizable unified AI dialogue platform. It allows for the aggregation and running of large models from any vendor within one interface. LibreChat versions 0.8.3 and earlier have a security vulnerability caused by improper access control to the MCP...

6.5CVSS5.4AI score0.00231EPSS

Exploits1References1

NVD•added 2026/05/20 8:16 p.m.•11 views

CVE-2026-9129

9.4CVSS0.00239EPSS

Vulnrichment•added 2026/05/20 6:5 p.m.•4 views

CVE-2026-9129 Path Traversal in Altium Enterprise Server Viewer StorageController Allows Arbitrary File Read

ATTACKERKB•added 2026/05/20 6:5 p.m.•5 views

CVE-2026-9129

EUVD•added 2026/05/20 6:5 p.m.•9 views

EUVD-2026-31148

CVE•added 2026/05/20 6:5 p.m.•8 views

CVE-2026-9129

The CVE-2026-9129 entry concerns Altium Enterprise Server Viewer StorageController. On on‑prem deployments using local filesystem storage, an authenticated user can supply a URL-encoded absolute path in a Viewer storage API request, causing the storage root to be discarded and enabling arbitrary ...

Positive Technologies•added 2026/05/20 12:0 a.m.•7 views

PT-2026-42246

OSV•added 2026/05/06 6:42 p.m.•1 views

GHSA-VRQV-52X7-RM4V Kimai's Twig function config() leaks server-wide secrets (LDAP bind password, SAML SP private key) via invoice/export templates

Summary Kimai's Twig sandbox StrictPolicy, used for admin-uploaded invoice and export templates allow-lists the config Twig function with no key filtering. configname delegates to App\Configuration\SystemConfiguration::find$name, which returns arbitrary entries from the flattened kimai.config...

5.9CVSS5.9AI score

Github Security Blog•added 2026/05/06 6:42 p.m.•2 views

Kimai's Twig function config() leaks server-wide secrets (LDAP bind password, SAML SP private key) via invoice/export templates

5.9AI score

Exploits0References2Affected Software1

OSV•added 2026/04/14 1:10 p.m.•1 views

JLSEC-2026-114 Deno node:crypto doesn't finalize cipher

Summary The vulnerability allows an attacker to have infinite encryptions. This can lead to naive attempts at brute forcing, as well as more refined attacks with the goal to learn the server secrets. PoC js import crypto from "node:crypto"; const key = crypto.randomBytes32; const iv =...

9.2CVSS5.8AI score0.00195EPSS

Exploits1References4

Tenable Nessus•added 2026/03/24 12:0 a.m.•4 views

ConnectWise ScreenConnect < 26.1 Authentication Bypass

According to its version, the ConnectWise ScreenConnect remote access software installed on the remote host is prior to 26.1. It is, therefore, affected by an authentication bypass vulnerability: - A condition in ScreenConnect may allow an actor with access to server-level cryptographic material...

9CVSS6.1AI score0.00362EPSS