70 matches found
PT-2026-43220
NASA openVSP 3.16.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the geometry name field. Attackers can trigger a denial of service by pasting a 5000-byte payload into the name input field within the Geom...
CVE-2026-44352
Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, Broken Access Control allows reading of sketch logs from any user. This vulnerability is fixed in 1.2.3...
CVE-2026-44352
Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, Broken Access Control allows reading of sketch logs from any user. This vulnerability is fixed in 1.2.3...
CVE-2026-44352 Flowsint: Broken Access Control allows reading of sketch logs from any user
Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, Broken Access Control allows reading of sketch logs from any user. This vulnerability is fixed in 1.2.3...
CVE-2026-44352 Flowsint: Broken Access Control allows reading of sketch logs from any user
Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, Broken Access Control allows reading of sketch logs from any user. This vulnerability is fixed in 1.2.3...
CVE-2026-44352
Flowsint, an open-source OSINT graph exploration tool, has a Broken Access Control vulnerability prior to version 1.2.3 that allows reading of sketch logs by any user. The issue is fixed in 1.2.3. Available records (CVE-2026-44352) cite a base score of 5.3 (Medium) with network access and low att...
PT-2026-40470
Name of the Vulnerable Software and Affected Versions Flowsint versions prior to 1.2.3 Description Broken Access Control allows unauthorized reading of sketch logs from any user. This issue affects an open-source OSINT graph exploration tool used for cybersecurity investigation, transparency, and...
CVE-2026-7216
A weakness has been identified in donchelo processing-claude-mcp-bridge up to e017b20a4b592a45531a6392f494007f04e661bd. Impacted is an unknown function of the file processingserver.py of the component createsketch Tool. This manipulation of the argument sketchname causes path traversal. Remote...
CVE-2026-7216
A weakness has been identified in donchelo processing-claude-mcp-bridge up to e017b20a4b592a45531a6392f494007f04e661bd. Impacted is an unknown function of the file processingserver.py of the component createsketch Tool. This manipulation of the argument sketchname causes path traversal. Remote...
CVE-2026-7216
The CVE-2026-7216 entry describes a weakness in donchelo processing-claude-mcp-bridge up to e017b20a4b592a45531a6392f494007f04e661bd. The vulnerable component is the create_sketch Tool, specifically the processing_server.py function handling the sketch_name argument. This input manipulation enabl...
CVE-2026-7216 donchelo processing-claude-mcp-bridge create_sketch Tool processing_server.py path traversal
A weakness has been identified in donchelo processing-claude-mcp-bridge up to e017b20a4b592a45531a6392f494007f04e661bd. Impacted is an unknown function of the file processingserver.py of the component createsketch Tool. This manipulation of the argument sketchname causes path traversal. Remote...
PT-2026-35648
A weakness has been identified in donchelo processing-claude-mcp-bridge up to e017b20a4b592a45531a6392f494007f04e661bd. Impacted is an unknown function of the file processing server.py of the component create sketch Tool. This manipulation of the argument sketch name causes path traversal. Remote...
Processing-Claude MCP Bridge 路径遍历漏洞
Processing-Claude MCP Bridge is a bridge tool developed by Mariano, allowing for control of Processing applications via natural language. Processing-Claude MCP Bridge contains a path traversal vulnerability, which stems from the sketchname parameter in the processingserver.py file within the...
Malicious code in sketch-measure (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c54126529b9da791496e58ec744f6b7fe4fe769258480802eb5a3dcbc017d0d8 The package sketch-measure was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-1096 Malicious code in sketch-measure (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c54126529b9da791496e58ec744f6b7fe4fe769258480802eb5a3dcbc017d0d8 The package sketch-measure was found to contain malicious code. Source: ossf-package-analysis...
FairSketch Rise Ultimate Project Manager and CRM 跨站脚本漏洞
FairSketch Rise Ultimate Project Manager and CRM is a team management and customer relationship management system from FairSketch. A cross-site scripting vulnerability exists in FairSketch Rise Ultimate Project Manager and CRM version 3.8.1, which stems from insufficient validation of user input...
FairSketch Rise Ultimate Project Manager and CRM 跨站脚本漏洞
FairSketch Rise Ultimate Project Manager and CRM is a team management and customer relationship management system from FairSketch. A cross-site scripting vulnerability exists in FairSketch Rise Ultimate Project Manager and CRM version 3.8.1, which stems from insufficient validation of user input...
EUVD-2002-2026
Malware in sbrugna...
CVE-2025-56807
A cross-site scripting XSS vulnerability in FairSketch RISE Ultimate Project Manager & CRM 3.9.4 allows an administrator to store a JavaScript payload using the file explorer in the admin dashboard when creating new folders...
Malicious code in emmet-sketch (npm)
The package emmet-sketch was found to contain malicious code...