Lucene search
K

15815 matches found

NVD
NVD
added 2026/06/25 2:16 a.m.13 views

CVE-2026-8665

OS Command Injection vulnerability in the TR action of Rapid7 InsightConnect Translate Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to insufficient input sanitization in shell command construction...

9.8CVSS0.00675EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/25 2:9 a.m.10 views

CVE-2026-10701

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: Text component...

7.5CVSS5.8AI score0.00301EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/25 1:32 a.m.10 views

EUVD-2026-39160

OS Command Injection vulnerability in the processstring action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to unsafe shell command construction in the processing pipeline...

7.7CVSS6.3AI score0.00675EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 1:12 a.m.13 views

CVE-2026-8665

CVE-2026-8665 affects the Rapid7 InsightConnect Translate Plugin (Linux) via the TR action. The root cause is insufficient input sanitization in shell command construction within the TR action, allowing an attacker to supply text or expression parameters that leads to OS command execution. Docume...

9.8CVSS6.3AI score0.00675EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:12 a.m.6 views

CVE-2026-8665

OS Command Injection vulnerability in the TR action of Rapid7 InsightConnect Translate Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to insufficient input sanitization in shell command construction...

7.7CVSS6.3AI score0.00675EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52491

Name of the Vulnerable Software and Affected Versions LibreChat versions prior to 0.8.4-rc1 Description A flaw exists in the markdown artifact preview pipeline. The generateMarkdownHtml function located in client/src/utils/markdown.ts utilizes a custom image renderer that triggers a fallback to t...

5.4CVSS6AI score0.0014EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-49851

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately O...

8.7CVSS7.1AI score0.0035EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52476

Name of the Vulnerable Software and Affected Versions Vim versions prior to 9.2.0670 Description The get text props function in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of 32-byte textprop T entries that follow. Because the count ...

6.1CVSS5.8AI score0.00113EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.10 views

PT-2026-52479

Name of the Vulnerable Software and Affected Versions Vim versions 9.2.0320 through 9.2.0678 Description A flaw exists where a crafted undo or swap file can store a virtual-text property with an offset and length that point outside the line's property data. When the software restores or displays...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References5
OSV
OSV
added 2026/06/24 10:18 p.m.4 views

MAL-2026-6404 Malicious code in syco1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e43be65a0930b121cf4d610c70b2d07165e4d335dece4344590b471d078fa5b5 Package self-describes as a 'System binary configuration tool' but ships a covert screen and clipboard surveillance overlay. pointer.py captures...

6AI score
Exploits0References3
NVD
NVD
added 2026/06/24 9:16 p.m.8 views

CVE-2026-33235

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions prior to 0.6.52, the Fill Text Template block is vulnerable to a Denial of Service DoS attack. While the backend implements a SandboxedEnvironment to prevent...

7.7CVSS0.0031EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 8:52 p.m.17 views

CVE-2026-33235 AutoGPT: Denial of Service (DoS) via Resource Exhaustion in text templating features

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions prior to 0.6.52, the Fill Text Template block is vulnerable to a Denial of Service DoS attack. While the backend implements a SandboxedEnvironment to prevent...

7.7CVSS0.0031EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 8:52 p.m.4 views

CVE-2026-33235

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions prior to 0.6.52, the Fill Text Template block is vulnerable to a Denial of Service DoS attack. While the backend implements a SandboxedEnvironment to prevent...

7.7CVSS5.8AI score0.0031EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/24 8:52 p.m.20 views

CVE-2026-33235

AutoGPT is vulnerable to Denial of Service in the Fill Text Template block prior to v0.6.52. Although a SandboxedEnvironment blocks certain attributes (e.g., class ), it does not cap the computational complexity or execution time of Python/Jinja2 expressions, allowing crafted inputs to exhaust CP...

7.7CVSS5.8AI score0.0031EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/24 8:39 p.m.7 views

CVE-2026-54530

A flaw was found in pypdf, a pure-python PDF library. An attacker can craft a malicious PDF file that, when processed by a system extracting text in layout mode, can lead to an infinite loop. This vulnerability results in a Denial of Service DoS, making the affected system unresponsive. Mitigatio...

6.9CVSS5.8AI score0.00123EPSS
Exploits0References6
Snyk
Snyk
added 2026/06/24 7:16 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the parselinktext function of mistune/inlineparser.py, which performs a regex search inside a loop that advances one character at a time when parsing fails, producing On² behavior...

8.7CVSS5.8AI score0.0035EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 6:17 p.m.17 views

CVE-2026-49851

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately On² behavior in parselinktext. When parsing Markdown containing many consecutive characters, parselinktext repeatedly scans the input usin...

8.7CVSS0.0035EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 5:5 p.m.28 views

CVE-2026-49851 Mistune: Potential DoS via quadratic-time parsing in parse_link_text

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately On² behavior in parselinktext. When parsing Markdown containing many consecutive characters, parselinktext repeatedly scans the input usin...

8.7CVSS0.0035EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 5:5 p.m.11 views

CVE-2026-49851

Mistune (Python Markdown parser) prior to 3.3.0 is vulnerable to CPU exhaustion DoS due to quadratic-time behavior in parse_link_text when parsing many consecutive '[' characters. The code repeatedly scans input with a regex inside a loop, yielding O(n^2) runtime on affected inputs and enabling a...

8.7CVSS5.9AI score0.0035EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/24 5:5 p.m.5 views

CVE-2026-49851 Mistune: Potential DoS via quadratic-time parsing in parse_link_text

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately On² behavior in parselinktext. When parsing Markdown containing many consecutive characters, parselinktext repeatedly scans the input usin...

8.7CVSS5.9AI score0.0035EPSS
Exploits0References1
Rows per page
Query Builder