CVE-2021-21735

creationtimestamp| type| source ---|---|--- 2026-05-25 19:10:00+00:00| seen| https://bsky.app/profile/r-netsec.bsky.social/post/3mmp6j7lche2v 2026-05-27 00:19:21+00:00| seen| https://bsky.app/profile/hacker.at.thenote.app/post/3mmsac3s46k2g 2026-05-28 06:07:07+00:00| seen|...

CVE-2026-9484

Affected software : SourceCodester Student Grades Management System 1.0. Vulnerability : In classroom.php, the functions getClassroomStudents and removeStudentFromClassroom can be manipulated by altering the classroom_id argument, leading to improper authorization. The issue is exploitable remote...

MAL-2026-4670 Malicious code in skills-detector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 844190b21455d308d6e2b5305ebe92634d80b55817290a84644a1048df0e54b3 On npm install, postinstall.js executes whoami and id via childprocess.execSync, collects os.hostname, os.platform, current working directory, and th...

GHSA-F9F8-RM49-7JV2

creationtimestamp| type| source ---|---|--- 2026-05-25 18:03:54+00:00| seen| https://bsky.app/profile/winsontang.com/post/3mmp2tsdeu62f...

CVE-2026-9473

A vulnerability has been found in c-rick jimeng-mcp 1.10.0. Affected by this vulnerability is the function getFileContent/uploadCoverFile/generateImage/generateVideo of the file src/api.ts. The manipulation of the argument filePath leads to path traversal. The attack may be initiated remotely. Th...

CVE-2026-33712

creationtimestamp| type| source ---|---|--- 2026-05-25 17:00:04+00:00| seen| https://t.me/GithubRedTeam/85856 2026-05-25 19:00:11+00:00| seen| Telegram/u353QQC82id8CE3exVt8JuaCPTA2e4vaac9ku63kUT5lYfk 2026-05-25 21:00:04+00:00| seen| Telegram/DE8V0W55Lks0xFUNDp9UGyNB0T-CRSwfpeIrdYc5V2Tnj4...

CVE-2026-9468

A security flaw has been discovered in dazeb cline-mcp-memory-bank up to 55c81b9cf6c16700983c84dc4cdea3cafa19a75f. The affected element is the function handleInitializeMemoryBank of the file src/index.ts. The manipulation of the argument projectPath results in path traversal. The attack may be...

CVE-2026-9467

A vulnerability was identified in debugmcp mcp-debugger up to 0.20.0. Impacted is the function handleGetSourceContext of the file src/server.ts. The manipulation leads to path traversal. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...

CVE-2026-9468 dazeb cline-mcp-memory-bank index.ts handleInitializeMemoryBank path traversal

A security flaw has been discovered in dazeb cline-mcp-memory-bank up to 55c81b9cf6c16700983c84dc4cdea3cafa19a75f. The affected element is the function handleInitializeMemoryBank of the file src/index.ts. The manipulation of the argument projectPath results in path traversal. The attack may be...

CVE-2026-9389

creationtimestamp| type| source ---|---|--- 2026-05-25 14:45:36+00:00| seen| https://t.me/bdufstecru/3193...

EUVD-2026-31697

A vulnerability was identified in debugmcp mcp-debugger up to 0.20.0. Impacted is the function handleGetSourceContext of the file src/server.ts. The manipulation leads to path traversal. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...

CVE-2026-9467

A vulnerability was identified in debugmcp mcp-debugger up to 0.20.0. Impacted is the function handleGetSourceContext of the file src/server.ts. The manipulation leads to path traversal. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...

CVE-2026-9467

CVE-2026-9467 concerns the debugmcp mcp-debugger prior to 0.20.0, where the vulnerability lies in the function handleGetSourceContext within src/server.ts . The description indicates a path traversal vulnerability that can be triggered remotely, with a publicly available exploit referenced in sou...

CVE-2026-26946

creationtimestamp| type| source ---|---|--- 2026-05-25 14:02:52+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3mmonescdwk2f...

CVE-2026-47102

creationtimestamp| type| source ---|---|--- 2026-05-25 14:00:04+00:00| seen| https://t.me/GithubRedTeam/85833 2026-05-25 15:00:12+00:00| seen| Telegram/X1SzwuqpRNev2GcuASsATzQD-1aeqEPKRVacdyAUElWlBI 2026-05-25 21:00:04+00:00| seen| Telegram/DE8V0W55Lks0xFUNDp9UGyNB0T-CRSwfpeIrdYc5V2Tnj4 2026-06-1...

GHSA-86QP-5C8J-P5MR

creationtimestamp| type| source ---|---|--- 2026-05-25 13:07:35+00:00| seen| https://gist.github.com/konard/1df63152a8fa23d9ee65875a3fd172e2 2026-05-28 19:29:34+00:00| seen| https://gist.github.com/lesnargitonga/ded68f9d3d270cc386fe7c2227970ebc 2026-06-04 13:40:58+00:00| seen|...

CVE-2026-38422

creationtimestamp| type| source ---|---|--- 2026-05-25 11:00:06+00:00| seen| https://t.me/GithubRedTeam/85810 2026-05-25 11:00:08+00:00| seen| Telegram/-Rw1GdqgLbdPMkOwlVEIvz70NMtSIs0WWvrIrO5vIfavaPE 2026-05-25 15:00:06+00:00| seen| Telegram/p4pSz48sW8Fl1dqUeH21RBDMwtfRPHmaTBryFak7xdWuTDY...

CVE-2026-5223

Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override the source code of another crate from the same registry. The severity of the vulnerability is medium for users of third-party registries. Users of crates.io a...

ALPINE-CVE-2026-5223

Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override the source code of another crate from the same registry. The severity of the vulnerability is medium for users of third-party registries. Users of crates.io a...

CVE-2026-5223

Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override the source code of another crate from the same registry. The severity of the vulnerability is medium for users of third-party registries. Users of crates.io a...