Lucene search
K

1339176 matches found

CVE
CVE
added 22 minutes ago1 views

CVE-2026-62328 9Router 0.4.41 - Unauthenticated Information Disclosure via API Usage Endpoints

9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerability that allows remote attackers to access sensitive user data by sending requests to unprotected API endpoints. Attackers can enumerate paginated request logs and retrieve complete AI conversation historie...

8.7CVSS
Exploits0References2
Cvelist
Cvelist
added 22 minutes ago1 views

CVE-2026-62328 9Router 0.4.41 - Unauthenticated Information Disclosure via API Usage Endpoints

9Router through version 0.4.41 contain an unauthenticated information disclosure vulnerability that allows remote attackers to access sensitive user data by sending requests to unprotected API endpoints. Attackers can enumerate paginated request logs and retrieve complete AI conversation historie...

8.7CVSS
Exploits0References2
Cvelist
Cvelist
added 28 minutes ago1 views

CVE-2026-15680 Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability

Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit th...

7.5CVSS
Exploits0References1
CVE
CVE
added 28 minutes ago1 views

CVE-2026-15680 Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability

Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit th...

7.5CVSS
Exploits0References1
Cvelist
Cvelist
added 29 minutes ago2 views

CVE-2026-15681 AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability

AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order t...

4.7CVSS
Exploits0References1
CVE
CVE
added 29 minutes ago2 views

CVE-2026-15681 AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability

AnyDesk Screen Recording Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in order t...

4.7CVSS
Exploits0References1
CVE
CVE
added 29 minutes ago1 views

CVE-2026-62185 Argo CD Helm Chart < 10.0.0 Missing Network Policy RCE

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...

8.6CVSS
Exploits0References2
Cvelist
Cvelist
added 29 minutes ago1 views

CVE-2026-62185 Argo CD Helm Chart < 10.0.0 Missing Network Policy RCE

Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...

8.6CVSS
Exploits0References2
Cvelist
Cvelist
added 29 minutes ago1 views

CVE-2026-15682 AnyDesk Support Information Link Following Denial-of-Service Vulnerability

AnyDesk Support Information Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in orde...

4.7CVSS
Exploits0References1
CVE
CVE
added 29 minutes ago1 views

CVE-2026-15682 AnyDesk Support Information Link Following Denial-of-Service Vulnerability

AnyDesk Support Information Link Following Denial-of-Service Vulnerability. This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AnyDesk. An attacker must first obtain the ability to execute low-privileged code on the target system in orde...

4.7CVSS
Exploits0References1
CVE
CVE
added 30 minutes ago1 views

CVE-2026-15684 Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability

Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Glarysoft Glary Utilities. An attacker must first obtain the ability to execute low-privileged code on the target system...

7.3CVSS
Exploits0References1
Cvelist
Cvelist
added 30 minutes ago1 views

CVE-2026-15684 Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability

Glarysoft Glary Utilities Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Glarysoft Glary Utilities. An attacker must first obtain the ability to execute low-privileged code on the target system...

7.3CVSS
Exploits0References1
CVE
CVE
added 30 minutes ago1 views

CVE-2026-62194 OpenClaw 2026.5.20 < 2026.6.9 Privilege Escalation via Plugin Install

OpenClaw versions 2026.5.20 before 2026.6.9 contain a privilege escalation vulnerability in plugin install commands that allows lower-trust callers to execute or persist actions beyond their intended authorization. Attackers can exploit misconfigured input paths or enabled features to escalate...

8.8CVSS
Exploits0References2
Cvelist
Cvelist
added 30 minutes ago1 views

CVE-2026-62194 OpenClaw 2026.5.20 < 2026.6.9 Privilege Escalation via Plugin Install

OpenClaw versions 2026.5.20 before 2026.6.9 contain a privilege escalation vulnerability in plugin install commands that allows lower-trust callers to execute or persist actions beyond their intended authorization. Attackers can exploit misconfigured input paths or enabled features to escalate...

8.8CVSS
Exploits0References2
CVE
CVE
added 30 minutes ago1 views

CVE-2026-15685 Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability

Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ollama. Authentication is not required to exploit this vulnerability. The specific flaw exists...

7.5CVSS
Exploits0References1
Cvelist
Cvelist
added 30 minutes ago1 views

CVE-2026-15685 Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability

Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ollama. Authentication is not required to exploit this vulnerability. The specific flaw exists...

7.5CVSS
Exploits0References1
Cvelist
Cvelist
added 30 minutes ago1 views

CVE-2026-15596 SourceCodester Class and Exam Timetabling System subject.php cross site scripting

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /subject.php. Such manipulation of the argument subject leads to cross site scripting. It is possible to launch the attack remotely. The exploit is...

5.3CVSS
Exploits0References6
CVE
CVE
added 30 minutes ago1 views

CVE-2026-15596 SourceCodester Class and Exam Timetabling System subject.php cross site scripting

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /subject.php. Such manipulation of the argument subject leads to cross site scripting. It is possible to launch the attack remotely. The exploit is...

5.3CVSS
Exploits0References6
Mageia
Mageia
added 36 minutes ago0 views

Updated libheif packages fix security vulnerabilities

libheif has a Heap OOB Read/SEGV Crash via Zero samplesperchunk. CVE-2026-32738 libheif is Vulnerable to Infinite Loop DoS via stts Sample Duration Lookup. CVE-2026-32739 Heap-Buffer-Overflow Write in Grid Tile Chroma Compositing. CVE-2026-32740 libheif has a heap buffer overflow in...

8.8CVSS0.00514EPSS
Exploits5References3
Wallarm Lab
Wallarm Lab
added 42 minutes ago0 views

AI Control Platform vs. AI Firewall vs. AI Gateway: Clearing Up The Terminology

Editor's note: This article was originally published by Tim Erlin on LinkedIn. It has been republished here with the author's permission. https://www.linkedin.com/pulse/ai-control-platform-vs-firewall-gateway-clearing-up-tim-erlin-ypodc It seems like every security vendor now sells "AI security."...

Exploits0
Rows per page
Query Builder