Lucene search
K

8 matches found

Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-10055

In Eclipse Theia since version 1.26.0, the backend /services/request-service RPC accepts an attacker-controlled URL from any client connected to the standard /services messaging endpoint, performs the HTTP request server-side, and returns the full response body to the caller. Because the...

8.5CVSS0.00297EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 6 days ago9 views

PT-2026-55524

Name of the Vulnerable Software and Affected Versions Eclipse Theia versions 1.26.0 and later Description The backend /services/request-service RPC accepts a URL controlled by an attacker from any client connected to the standard /services messaging endpoint. The server performs the HTTP request...

8.5CVSS6.1AI score0.00297EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-44691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Theia versions prior to 1.69.0, custom task definitions in workspace files e.g. .theia/tasks.json, .vscode/tasks.json could be executed without...

8.8CVSS6AI score0.00231EPSS
Exploits0References2
NVD
NVD
added 2026/06/18 4:16 p.m.13 views

CVE-2026-44688

In Eclipse Theia versions prior to 1.71.0, the AI chat agent processed workspace file and directory names as part of its prompt context without distinguishing them from system instructions. An attacker could craft a malicious repository with adversarial directory or file names that, when analyzed...

8.8CVSS0.00272EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-21091

Malware in sbrugna...

9.8CVSS9.2AI score0.02223EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-2115

Malware in sbrugna...

8.8CVSS8.6AI score0.00595EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/22 4:46 a.m.11 views

CVE-2019-17636

In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is "Mini-Browser", published as "@theia/mini-browser" on npmjs.com. This extension, for its own needs, exposes a HTTP endpoint that allows to read the content of files on the host's filesystem, given...

8.1CVSS6.6AI score0.00586EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/09/02 12:0 a.m.7 views

Eclipse Theia 代码问题漏洞

Eclipse Theia is the Eclipse Foundation's set of open source IDE frameworks for desktop and web applications based on Visual Studio Code. A security vulnerability exists in Eclipse Theia versions 0.1.1 through 0.2.0, which can be exploited by an attacker to obtain remote code execution via...

9.8CVSS9.1AI score0.02223EPSS
Exploits0References1
Rows per page
Query Builder