Lucene search
K

1096 matches found

NVD
NVD
added 2026/02/06 4:15 a.m.5 views

CVE-2026-1977

A security vulnerability has been detected in isaacwasserman mcp-vegalite-server up to 16aefed598b8cd897b78e99b907f6e2984572c61. Affected by this vulnerability is the function eval of the component visualizedata. Such manipulation of the argument vegalitespecification leads to code injection. The...

6.5CVSS0.00228EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/02/06 3:32 a.m.3 views

CVE-2026-1977 isaacwasserman mcp-vegalite-server visualize_data eval code injection

A security vulnerability has been detected in isaacwasserman mcp-vegalite-server up to 16aefed598b8cd897b78e99b907f6e2984572c61. Affected by this vulnerability is the function eval of the component visualizedata. Such manipulation of the argument vegalitespecification leads to code injection. The...

6.5CVSS5.1AI score0.00228EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/02/06 3:32 a.m.3 views

CVE-2026-1977

A security vulnerability has been detected in isaacwasserman mcp-vegalite-server up to 16aefed598b8cd897b78e99b907f6e2984572c61. Affected by this vulnerability is the function eval of the component visualizedata. Such manipulation of the argument vegalitespecification leads to code injection. The...

6.5CVSS5.1AI score0.00228EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.6 views

Data Visualization MCP Server 代码注入漏洞

The Data Visualization MCP Server is a context-based protocol server developed by Isaac Wasserman, designed for data visualization purposes. The Data Visualization MCP Server has a code injection vulnerability, which stems from incorrect handling of the vegalitespecification parameter, potentiall...

6.5CVSS6.7AI score0.00228EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.7 views

PT-2026-6671

Name of the Vulnerable Software and Affected Versions isaacwasserman mcp-vegalite-server versions prior to 16aefed598b8cd897b78e99b907f6e2984572c61 Description A security issue exists in the eval function of the visualize data component. Manipulation of the vegalite specification argument can lea...

6.5CVSS5.3AI score0.00228EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/02/04 4:7 p.m.6 views

CVE-2026-23060

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, cryptoauthencesndecrypt can advance past the end of...

5.5CVSS5.1AI score0.00123EPSS
Exploits0
Hacker One
Hacker One
added 2026/01/30 7:5 a.m.43 views

curl: MQTT Protocol Packet Injection via Unchecked CONNACK Remaining Length

I'm not sure if this is a vulnerability or intended behavior, but I noticed that curl MQTT implementation accepts CONNACK packets with Remaining Length values greater than 2, which appears to violate the MQTT v3.1.1 specification. According to the MQTT spec, CONNACK packets should have a Remainin...

5.9AI score
Exploits0
Fedora
Fedora
added 2026/01/21 1:31 a.m.8 views

[SECURITY] Fedora 42 Update: golang-github-tetratelabs-wazero-1.11.0-1.fc42

WebAssembly is a way to safely run code compiled in other languages. Runtimes execute WebAssembly Modules Wasm, which are most often binaries with a .wasm extension. wazero is a WebAssembly Core Specification 1.0 and 2.0 compliant runtime written in Go. It has zero dependencies, and doesn't rely ...

6.5CVSS6.7AI score0.00489EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/01/13 10:52 p.m.6 views

CVE-2026-22785

orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Prior to 7.18.0, the MCP server generation logic relies on string manipulation that incorporates the summary field from the OpenAPI specification without proper validation or escaping. This allo...

9.8CVSS6.9AI score0.00709EPSS
Exploits2References1
Snyk
Snyk
added 2026/01/13 7:12 p.m.3 views

Arbitrary Command Injection

Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via improper handling of the summary field during server generation logic. An attacker can execute arbitrary code by injecting malicious input into the OpenAPI specification, which is then incorporated withou...

9.8CVSS8AI score0.00709EPSS
Exploits2References2
OSV
OSV
added 2026/01/13 7:12 p.m.3 views

GHSA-MWR6-3GP8-9JMJ orval MCP client is vulnerable to a code injection attack.

Impact The MCP server generation logic relies on string manipulation that incorporates the summary field from the OpenAPI specification without proper validation or escaping. This allows an attacker to "break out" of the string literal and inject arbitrary code. Here is an example OpenAPI with th...

9.3CVSS6.9AI score0.00709EPSS
Exploits2References4
Vulnrichment
Vulnrichment
added 2026/01/12 6:43 p.m.5 views

CVE-2026-22785 orval MCP client is vulnerable to a code injection attack.

orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Prior to 7.18.0, the MCP server generation logic relies on string manipulation that incorporates the summary field from the OpenAPI specification without proper validation or escaping. This allo...

9.3CVSS6.6AI score0.00709EPSS
Exploits2References2
RedhatCVE
RedhatCVE
added 2026/01/09 9:51 a.m.10 views

CVE-2020-10113

cPanel before 84.0.20 allows self XSS via a temporary character-set specification SEC-515...

6.1CVSS5.8AI score0.00641EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:13 a.m.7 views

CVE-2022-31169

Wasmtime is a standalone runtime for WebAssembly. There is a bug in Wasmtime's code generator, Cranelift, for AArch64 targets where constant divisors can result in incorrect division results at runtime. This affects Wasmtime prior to version 0.38.2 and Cranelift prior to 0.85.2. This issue only...

7.5CVSS7.1AI score0.00676EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:12 a.m.5 views

CVE-2022-0174

Improper Validation of Specified Quantity in Input vulnerability in dolibarr dolibarr/dolibarr...

4.3CVSS6.8AI score0.00851EPSS
Exploits1References1
CVE
CVE
added 2026/01/07 9:17 p.m.15 views

CVE-2025-69222

CVE-2025-69222 affects LibreChat (v0.8.1-rc2 and prior) with a server-side request forgery (SSRF) due to missing restrictions in the default Actions configuration. The issue arises because agents can be configured with predefined instructions and actions via OpenAPI, enabling access to arbitrary ...

9.1CVSS6.6AI score0.04094EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/07 9:41 a.m.9 views

CVE-1999-0203

In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program...

10CVSS7.1AI score0.02084EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/12/30 12:0 a.m.13 views

SynRAG: A Large Language Model Framework for Executable Query Generation in Heterogeneous SIEM System

Security Information and Event Management SIEM systems are essential for large enterprises to monitor their IT infrastructure by ingesting and analyzing millions of logs and events daily. Security Operations Center SOC analysts are tasked with monitoring and analyzing this vast data to identify...

6.8AI score
Exploits0
NVD
NVD
added 2025/12/18 5:15 p.m.6 views

CVE-2025-14896

due to insufficient sanitazation in Vega’s convert function when safeMode is enabled and the spec variable is an array. An attacker can craft a malicious Vega diagram specification that will allow them to send requests to any URL, including local file system paths, leading to exposure of sensitiv...

8.7CVSS0.0025EPSS
Exploits0References1
OSV
OSV
added 2025/12/18 5:15 p.m.7 views

CVE-2025-14896

due to insufficient sanitazation in Vega’s convert function when safeMode is enabled and the spec variable is an array. An attacker can craft a malicious Vega diagram specification that will allow them to send requests to any URL, including local file system paths, leading to exposure of sensitiv...

8.7CVSS6.5AI score
Exploits0References1
Rows per page
Query Builder