Lucene search
K

110881 matches found

vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.7 views

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/flightplan (>=0.3.3 <=0.5.1)

@squawk/flightplan NPM version =0.3.3, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKFLIGHTPLAN-16640877...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.9 views

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/fixes (>=0.1.4 <=0.3.1)

@squawk/fixes NPM version =0.1.4, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKFIXES-16640881...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.7 views

@squawk/airports (>=0.2.0 <=0.6.1), @squawk/airspace (>=0.2.3 <=0.8.0) +7 more potentially affected by unknown CVE via @squawk/units (=0.4.2)

@squawk/units NPM version =0.4.2 is affected by a known vulnerability. The following packages have a transitive dependency on @squawk/units and may be impacted: - @squawk/airports =0.2.0, =0.2.3, =0.2.0, =0.1.0, =0.2.0, =0.3.0, =0.2.0, =0.2.0, =0.2.0, =0.4.1 Source cves: unknown CVE Source...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.9 views

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/airspace (>=0.4.1 <=0.8.0)

@squawk/airspace NPM version =0.4.1, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKAIRSPACE-16640892...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.6 views

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/procedures (>=0.2.4 <=0.5.1)

@squawk/procedures NPM version =0.2.4, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKPROCEDURES-16640885...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/11 9:0 p.m.6 views

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/airports (>=0.3.2 <=0.6.1)

@squawk/airports NPM version =0.3.2, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKAIRPORTS-16640888...

5.8AI score
Exploits0
Snyk
Snyk
added 2026/05/11 9:0 p.m.15 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Circl
Circl
added 2026/05/11 8:29 p.m.3 views

GHSA-WXX8-76RW-96J2

creationtimestamp| type| source ---|---|--- 2026-05-11 20:29:17+00:00| seen| https://gist.github.com/tw89Coder/cd011dc1842625f821c171e41e812fbc...

5.3AI score
Exploits0References1
Circl
Circl
added 2026/05/11 8:29 p.m.7 views

GHSA-Q9FQ-3RX9-7XCV

creationtimestamp| type| source ---|---|--- 2026-05-11 20:29:17+00:00| seen| https://gist.github.com/tw89Coder/cd011dc1842625f821c171e41e812fbc...

5.3AI score
Exploits0References1
Circl
Circl
added 2026/05/11 8:29 p.m.10 views

CVE-2026-44905

creationtimestamp| type| source ---|---|--- 2026-05-11 20:29:17+00:00| seen| https://gist.github.com/tw89Coder/cd011dc1842625f821c171e41e812fbc 2026-05-26 23:00:43+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mms3violnv2e 2026-05-27 01:13:40+00:00| seen|...

7.5CVSS5.3AI score0.00202EPSS
Exploits0References3
Circl
Circl
added 2026/05/11 8:29 p.m.8 views

CVE-2026-43988

creationtimestamp| type| source ---|---|--- 2026-05-11 20:29:17+00:00| seen| https://gist.github.com/tw89Coder/cd011dc1842625f821c171e41e812fbc 2026-05-27 04:01:17+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmsmovh4ot2z...

7.5CVSS5.3AI score0.00184EPSS
Exploits0References2
Circl
Circl
added 2026/05/11 8:2 p.m.7 views

CVE-2026-45223

creationtimestamp| type| source ---|---|--- 2026-05-11 20:02:09+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlm2wduquj2k 2026-05-11 20:30:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlm4jgz6l62e...

8.8CVSS5.3AI score0.00382EPSS
Exploits0References2
Circl
Circl
added 2026/05/11 7:46 p.m.10 views

CVE-2026-45671

creationtimestamp| type| source ---|---|--- 2026-05-11 19:46:11+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-26g9-27vm-x3q8 2026-05-16 10:00:04+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlxlm7v57a2n...

8CVSS5.7AI score0.0027EPSS
Exploits1References2
Circl
Circl
added 2026/05/11 7:40 p.m.7 views

CVE-2026-5266

creationtimestamp| type| source ---|---|--- 2026-05-11 19:40:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mllzp7kxcx2k 2026-05-11 19:40:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mllzp7kxcx2k...

2.3CVSS5.8AI score0.00247EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/11 7:32 p.m.8 views

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the bugreportpage.php process when cloning an issue from a different project, due to improper escaping of the source project name. An attacker with sufficient...

8.6CVSS5.6AI score0.00444EPSS
Exploits0References2
Circl
Circl
added 2026/05/11 7:7 p.m.7 views

CVE-2026-44996

creationtimestamp| type| source ---|---|--- 2026-05-11 19:07:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mllxu2s6ga2c 2026-05-11 19:07:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mllxu2s6ga2c...

6.3CVSS5.8AI score0.00305EPSS
Exploits0References1
Circl
Circl
added 2026/05/11 7:7 p.m.10 views

CVE-2026-45667

creationtimestamp| type| source ---|---|--- 2026-05-11 19:07:10+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-m69w-p7m4-585j 2026-05-16 00:24:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlwlgnytx32i...

6.5CVSS5.7AI score0.00341EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/11 7:2 p.m.40 views

CVE-2026-2614 Arbitrary File Read via Prompt Tag Source Validation Bypass in mlflow/mlflow

A vulnerability in the createmodelversion handler of mlflow/server/handlers.py in mlflow/mlflow versions 3.9.0 and earlier allows an unauthenticated remote attacker to read arbitrary files from the server's filesystem. The issue arises when a CreateModelVersion request includes the tag...

7.5CVSS0.00657EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/11 7:2 p.m.8 views

CVE-2026-2614 Arbitrary File Read via Prompt Tag Source Validation Bypass in mlflow/mlflow

A vulnerability in the createmodelversion handler of mlflow/server/handlers.py in mlflow/mlflow versions 3.9.0 and earlier allows an unauthenticated remote attacker to read arbitrary files from the server's filesystem. The issue arises when a CreateModelVersion request includes the tag...

7.5CVSS7.3AI score0.00657EPSS
Exploits1References2
Circl
Circl
added 2026/05/11 6:55 p.m.9 views

CVE-2026-45002

creationtimestamp| type| source ---|---|--- 2026-05-11 18:55:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mllx7csja72h...

6.3CVSS5.8AI score0.00279EPSS
Exploits0References1
Rows per page
Query Builder