Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.12 views

CVE-2026-38950

An issue in ESA AnomalyMatch before 1.3.1 allow attackers to execute arbitrary code via crafted model checkpoint files. The affected components load model files from session directories using torch.load with unrestricted deserialization...

7.8CVSS6AI score0.00144EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 5:16 p.m.20 views

CVE-2026-38950

An issue in ESA AnomalyMatch before 1.3.1 allow attackers to execute arbitrary code via crafted model checkpoint files. The affected components load model files from session directories using torch.load with unrestricted deserialization...

7.8CVSS0.00144EPSS
Exploits0References3
CVE
CVE
added 2026/06/01 12:0 a.m.25 views

CVE-2026-38950

CVE-2026-38950 affects ESA AnomalyMatch prior to 1.3.1. The issue arises from loading model files from session directories with torch.load(), enabling unrestricted deserialization and arbitrary code execution. Affected component: model checkpoint loading in AnomalyMatch. Impact: potential full co...

7.8CVSS6.2AI score0.00144EPSS
Exploits0References3
OSV
OSV
added 2026/06/01 12:0 a.m.2 views

CVE-2026-38950

An issue in ESA AnomalyMatch before 1.3.1 allow attackers to execute arbitrary code via crafted model checkpoint files. The affected components load model files from session directories using torch.load with unrestricted deserialization...

7.8CVSS6.3AI score0.00144EPSS
Exploits0References5
NVD
NVD
added 2026/03/05 10:16 p.m.9 views

CVE-2026-28482

OpenClaw versions prior to 2026.2.12 construct transcript file paths using unsanitized sessionId parameters and sessionFile paths without enforcing directory containment. Authenticated attackers can exploit path traversal sequences like ../../etc/passwd in sessionId or sessionFile parameters to...

8.4CVSS0.00136EPSS
Exploits0References4
Rows per page
Query Builder