Lucene search
K

110873 matches found

Circl
Circl
added 2026/05/11 10:0 p.m.20 views

CVE-2026-42950

creationtimestamp| type| source ---|---|--- 2026-05-11 22:00:00+00:00| seen| https://jvn.jp/en/jp/JVN03037325 2026-05-13 15:37:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlqn3qbbyj2k 2026-06-03 01:22:01+00:00| seen|...

5.1CVSS5.5AI score0.00207EPSS
Exploits0References3
Circl
Circl
added 2026/05/11 9:43 p.m.11 views

CVE-2026-42882

creationtimestamp| type| source ---|---|--- 2026-05-11 21:43:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlmakxtgsm2p 2026-05-12 06:00:34+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mln4edlx4r2m 2026-05-12 06:00:37+00:00| seen|...

9.4CVSS5.8AI score0.00554EPSS
Exploits0References4
Circl
Circl
added 2026/05/11 9:40 p.m.7 views

CVE-2026-42874

creationtimestamp| type| source ---|---|--- 2026-05-11 21:40:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlmagih4q72e...

3.7CVSS5.8AI score0.00215EPSS
Exploits0References1
Circl
Circl
added 2026/05/11 9:38 p.m.7 views

CVE-2026-42886

creationtimestamp| type| source ---|---|--- 2026-05-11 21:38:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlmace2y6u2o...

4.9CVSS5.8AI score0.00257EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/11 9:31 p.m.14 views

MLflow allows an unauthenticated remote attacker to read arbitrary files from the server's filesystem

A vulnerability in the createmodelversion handler of mlflow/server/handlers.py in mlflow/mlflow versions 3.9.0 and earlier allows an unauthenticated remote attacker to read arbitrary files from the server's filesystem. The issue arises when a CreateModelVersion request includes the tag...

7.5CVSS7.3AI score0.00657EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/05/11 9:31 p.m.21 views

EUVD-2026-29180

A vulnerability in the createmodelversion handler of mlflow/server/handlers.py in mlflow/mlflow versions 3.9.0 and earlier allows an unauthenticated remote attacker to read arbitrary files from the server's filesystem. The issue arises when a CreateModelVersion request includes the tag...

7.5CVSS7.3AI score0.00657EPSS
Exploits1References3
Circl
Circl
added 2026/05/11 9:30 p.m.9 views

CVE-2026-45025

creationtimestamp| type| source ---|---|--- 2026-05-11 21:30:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlm7uf7ym52p...

6.8CVSS5.8AI score0.0023EPSS
Exploits0References1
Circl
Circl
added 2026/05/11 9:28 p.m.8 views

CVE-2026-42884

creationtimestamp| type| source ---|---|--- 2026-05-11 21:28:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlm7rfjkcy2r...

4.3CVSS5.8AI score0.00162EPSS
Exploits0References1
Circl
Circl
added 2026/05/11 9:27 p.m.9 views

CVE-2026-42872

creationtimestamp| type| source ---|---|--- 2026-05-11 21:27:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlm7okusjp2o...

6.1CVSS5.8AI score0.00178EPSS
Exploits0References1
Circl
Circl
added 2026/05/11 9:25 p.m.8 views

CVE-2026-42887

creationtimestamp| type| source ---|---|--- 2026-05-11 21:25:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlm7lupnk52e...

4.5CVSS5.8AI score0.00207EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.4 views

@squawk/mcp (>=0.4.1 <=0.8.1) potentially affected by unknown CVE via @squawk/airport-data (>=0.4.1 <=0.6.1)

@squawk/airport-data NPM version =0.4.1, =0.4.1, =0.8.1 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKAIRPORTDATA-16640876...

5.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.4 views

@squawk/mcp (>=0.4.1 <=0.8.1) potentially affected by unknown CVE via @squawk/airway-data (>=0.3.3 <=0.4.2)

@squawk/airway-data NPM version =0.3.3, =0.4.1, =0.8.1 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKAIRWAYDATA-16640895...

5.5AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.7 views

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/flightplan (>=0.3.3 <=0.5.1)

@squawk/flightplan NPM version =0.3.3, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKFLIGHTPLAN-16640877...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.9 views

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/fixes (>=0.1.4 <=0.3.1)

@squawk/fixes NPM version =0.1.4, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKFIXES-16640881...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.7 views

@squawk/airports (>=0.2.0 <=0.6.1), @squawk/airspace (>=0.2.3 <=0.8.0) +7 more potentially affected by unknown CVE via @squawk/units (=0.4.2)

@squawk/units NPM version =0.4.2 is affected by a known vulnerability. The following packages have a transitive dependency on @squawk/units and may be impacted: - @squawk/airports =0.2.0, =0.2.3, =0.2.0, =0.1.0, =0.2.0, =0.3.0, =0.2.0, =0.2.0, =0.2.0, =0.4.1 Source cves: unknown CVE Source...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.9 views

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/airspace (>=0.4.1 <=0.8.0)

@squawk/airspace NPM version =0.4.1, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKAIRSPACE-16640892...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.6 views

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/procedures (>=0.2.4 <=0.5.1)

@squawk/procedures NPM version =0.2.4, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKPROCEDURES-16640885...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.6 views

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/airports (>=0.3.2 <=0.6.1)

@squawk/airports NPM version =0.3.2, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKAIRPORTS-16640888...

5.8AI score
Exploits0
Snyk
Snyk
added 2026/05/11 9:0 p.m.15 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Circl
Circl
added 2026/05/11 8:29 p.m.3 views

GHSA-WXX8-76RW-96J2

creationtimestamp| type| source ---|---|--- 2026-05-11 20:29:17+00:00| seen| https://gist.github.com/tw89Coder/cd011dc1842625f821c171e41e812fbc...

5.3AI score
Exploits0References1
Rows per page
Query Builder