Lucene search
K

248 matches found

NVD
NVD
added 2026/06/27 8:16 a.m.10 views

CVE-2026-11364

The Product Specifications for WooCommerce plugin for WordPress is vulnerable to unauthorized modification, creation, and deletion of data in versions up to and including 0.8.9. This is due to a missing capability check and missing nonce verification in the invoke methods of the...

4.3CVSS0.00213EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/27 6:50 a.m.8 views

CVE-2026-11364

The Product Specifications for WooCommerce plugin for WordPress is vulnerable to unauthorized modification, creation, and deletion of data in versions up to and including 0.8.9. This is due to a missing capability check and missing nonce verification in the invoke methods of the...

4.3CVSS5.9AI score0.00213EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/27 6:50 a.m.32 views

CVE-2026-11364 Product Specifications for Woocommerce <= 0.8.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Attribute/Group Creation, Modification, and Deletion via 'dwps_modify_groups' and 'dwps_modify_attributes' AJAX Actions

The Product Specifications for WooCommerce plugin for WordPress is vulnerable to unauthorized modification, creation, and deletion of data in versions up to and including 0.8.9. This is due to a missing capability check and missing nonce verification in the invoke methods of the...

4.3CVSS0.00213EPSS
Exploits0References8
CVE
CVE
added 2026/06/27 6:50 a.m.15 views

CVE-2026-11364

CVE-2026-11364 affects the Product Specifications for WooCommerce plugin for WordPress up to version 0.8.9. The root cause is missing capability checks and absent nonce verification in the __invoke() methods of AttributeGroupController and AttributeController, tied to AJAX actions dwps_modify_gro...

4.3CVSS5.9AI score0.00213EPSS
Exploits0References8
NVD
NVD
added 2026/06/12 3:16 p.m.12 views

CVE-2026-8694

Improper access control in Devolutions PowerShell Universal 2026.1.7 and earlier allows an unauthenticated remote attacker to obtain the OpenAPI specification of user-defined REST endpoints...

5.3CVSS0.00221EPSS
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2026/06/10 4:0 p.m.20 views

Turn specs into evals for any agent with ASSERT

Today, we’re releasing Adaptive Spec-driven Scoring for Evaluation and Regression Testing ASSERT, an open-source framework for turning natural-language behavior specifications into executable evaluations. Every team building an AI system starts with a clear intention for the behaviors they want t...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/05 7:12 p.m.10 views

CVE-2026-39885

FrontMCP is a TypeScript-first framework for the Model Context Protocol MCP. Prior to 2.3.0, the mcp-from-openapi library uses @apidevtools/json-schema-ref-parser to dereference $ref pointers in OpenAPI specifications without configuring any URL restrictions or custom resolvers. A malicious OpenA...

7.5CVSS5.4AI score0.00319EPSS
Exploits1References1
OSV
OSV
added 2026/06/05 9:16 a.m.11 views

UBUNTU-CVE-2026-11332

A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...

7.8CVSS6.1AI score0.00156EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/05 8:21 a.m.7 views

CVE-2026-11332 Ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution

A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...

7.8CVSS6.1AI score0.00156EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/06/05 8:21 a.m.3 views

CVE-2026-11332

A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags through the src field...

7.8CVSS6.5AI score0.00156EPSS
Exploits0
Veracode
Veracode
added 2026/05/16 5:22 a.m.13 views

Server-Side Request Forgery (SSRF)

FrontMCP is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to unsafe dereferencing of $ref pointers in OpenAPI specifications without URL restrictions, which allows an attacker to trigger requests to internal network resources or read local files through malicious OpenAP...

7.5CVSS5.8AI score0.00319EPSS
Exploits1References3Affected Software3
Packet Storm News
Packet Storm News
added 2026/05/12 12:0 a.m.12 views

Iterative Audit Convergence in LLM-Managed Multi-Agent Systems: A Case Study in Prompt Engineering Quality Assurance

Prompt specifications for multi-agent large language model LLM systems carry data contracts and integration logic across many interdependent files but are rarely subjected to structured-inspection rigor. This paper reports a single-system empirical case study of iterative, agent-driven auditing...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/20 12:0 a.m.22 views

Security Is Relative: Training-Free Vulnerability Detection Via Multi-Agent Behavioral Contract Synthesis

Deep learning for vulnerability detection has shown promising results on early benchmarks, but recent evaluations reveal catastrophic degradation: models achieving F1 0.68 on legacy datasets collapse to 0.031 under strict deduplication. We identify the root cause as the semantic ambiguity problem...

5.7AI score
Exploits0
CVE
CVE
added 2026/04/08 8:34 p.m.25 views

CVE-2026-39885

CVE-2026-39885 affects FrontMCP (prior to 2.3.0) via the mcp-from-openapi library, which dereferences $ref in OpenAPI specs without URL restrictions, enabling SSRF and local file reads when processing untrusted specs. Fixed in 2.3.0. CVSS v3.1 base score 7.5 (HIGH). Exploitation status not provid...

7.5CVSS5.9AI score0.00319EPSS
Exploits1References2Affected Software4
Vulnrichment
Vulnrichment
added 2026/04/08 8:34 p.m.1 views

CVE-2026-39885 FrontMCP Affected by SSRF via $ref Dereferencing in Untrusted OpenAPI Specifications

FrontMCP is a TypeScript-first framework for the Model Context Protocol MCP. Prior to 2.3.0, the mcp-from-openapi library uses @apidevtools/json-schema-ref-parser to dereference $ref pointers in OpenAPI specifications without configuring any URL restrictions or custom resolvers. A malicious OpenA...

7.5CVSS5.9AI score0.00319EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/08 7:57 p.m.10 views

CVE-2026-39348

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source omits authorization on job specification and vacancy attachment download handlers, allowing authenticated low-privilege users to read attachments via direct reference to attachment identifier...

5.3CVSS5.9AI score0.00165EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 7:22 p.m.3 views

EUVD-2026-20632

mcp-from-openapi is Vulnerable to SSRF via $ref Dereferencing in Untrusted OpenAPI Specifications...

7.5CVSS5.9AI score0.00319EPSS
Exploits1References2
OSV
OSV
added 2026/04/08 7:22 p.m.5 views

GHSA-V6PH-XCQ9-QXXJ mcp-from-openapi is Vulnerable to SSRF via $ref Dereferencing in Untrusted OpenAPI Specifications

Summary The mcp-from-openapi library uses @apidevtools/json-schema-ref-parser to dereference $ref pointers in OpenAPI specifications without configuring any URL restrictions or custom resolvers. A malicious OpenAPI specification containing $ref values pointing to internal network addresses, cloud...

7.5CVSS5.9AI score0.00319EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/04/08 7:22 p.m.50 views

mcp-from-openapi is Vulnerable to SSRF via $ref Dereferencing in Untrusted OpenAPI Specifications

Summary The mcp-from-openapi library uses @apidevtools/json-schema-ref-parser to dereference $ref pointers in OpenAPI specifications without configuring any URL restrictions or custom resolvers. A malicious OpenAPI specification containing $ref values pointing to internal network addresses, cloud...

7.5CVSS6AI score0.00319EPSS
Exploits1References4Affected Software3
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.10 views

PT-2026-31451

FrontMCP is a TypeScript-first framework for the Model Context Protocol MCP. Prior to 2.3.0, the mcp-from-openapi library uses @apidevtools/json-schema-ref-parser to dereference $ref pointers in OpenAPI specifications without configuring any URL restrictions or custom resolvers. A malicious OpenA...

7.5CVSS5.9AI score0.00319EPSS
Exploits1References3
Rows per page
Query Builder