Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/05/27 8:13 p.m.12 views

CVE-2026-44451

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals fetch, window, eval, etc. with undefined. A static source validator...

9.3CVSS5.7AI score0.0023EPSS
Exploits0References1
NVD
NVDadded 2026/05/26 9:16 p.m.15 views

CVE-2026-44451

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals fetch, window, eval, etc. with undefined. A static source validator...

9.3CVSS0.0023EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/26 7:58 p.m.10 views

EUVD-2026-31979

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals fetch, window, eval, etc. with undefined. A static source validator...

9.3CVSS5.7AI score0.0023EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/26 7:58 p.m.30 views

CVE-2026-44451 Lumiverse: TSX component sandbox escape via DOM ref and string-split identifier bypass

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals fetch, window, eval, etc. with undefined. A static source validator...

9.3CVSS0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/26 7:58 p.m.8 views

CVE-2026-44451 Lumiverse: TSX component sandbox escape via DOM ref and string-split identifier bypass

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals fetch, window, eval, etc. with undefined. A static source validator...

9.3CVSS5.7AI score0.0023EPSS
Exploits0References1
CVE
CVEadded 2026/05/26 7:58 p.m.14 views

CVE-2026-44451

Lumiverse prior to version 0.9.7 has a sandbox escape vulnerability in its component override system. The system transpiles user TSX with Sucrase and evaluates it via new Function, shadowing dangerous globals (fetch, window, eval, etc.). A static validator blocks identifiers, but a string-split b...

9.3CVSS5.7AI score0.0023EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/05/26 12:0 a.m.11 views

PT-2026-43403

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the component override system transpiles user-supplied TSX via Sucrase and evaluates it with new Function, shadowing dangerous globals fetch, window, eval, etc. with undefined. A static source validator...

9.3CVSS5.7AI score0.0023EPSS
Exploits0References2
OSV
OSVadded 2017/11/22 7:29 p.m.4 views

CVE-2017-2699

The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a privilege elevation vulnerability. An attacker could exploit this vulnerability to upload theme packs containing malicious files and trick users into...

7.8CVSS6AI score0.00975EPSS
Exploits0References2
Rows per page
Query Builder