Lucene search
+L

16930 matches found

CVE
CVE
added 8 hours ago6 views

CVE-2026-16082

Summary of CVE-2026-16082 : Affects Sipeed PicoClaw up to version 0.2.9. The vulnerability is in the function ExecTool.executeRun (file: pkg/agent/pipeline_execute.go) where manipulation of the argument cwe leads to a time-of-check time-of-use issue. Exploitation is local, and a public exploit is...

5.3CVSS5.4AI score
Exploits0References6
Nuclei
Nuclei
added 8 hours ago115 views

Crypto <= 2.15 - Authentication Bypass

The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.15. This is due a to limited arbitrary method call to 'cryptoconnectajaxprocess::login' function in the 'cryptoconnectajaxprocess' function. This makes it possible for unauthenticated...

9.8CVSS5.6AI score0.07217EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 10 hours ago6 views

CVE-2026-16077

A vulnerability was found in AstrBotDevs AstrBot up to 4.25.5. Impacted is the function normalizerwpath of the file astrbot/core/tools/computertools/fs.py of the component Filesystem Computer-Use Tool. Performing a manipulation results in link following. The attack is only possible with local...

5.3CVSS5.3AI score
Exploits0References5Affected Software1
EUVD
EUVD
added 10 hours ago5 views

EUVD-2026-45356

A vulnerability was found in AstrBotDevs AstrBot up to 4.25.5. Impacted is the function normalizerwpath of the file astrbot/core/tools/computertools/fs.py of the component Filesystem Computer-Use Tool. Performing a manipulation results in link following. The attack is only possible with local...

5.3CVSS5.3AI score
Exploits0References5
NVD
NVD
added yesterday5 views

CVE-2026-58195

Agentic-Flow is an AI agent orchestration platform. Prior to 2.0.14, agentic-flow MCP server tools in src/mcp/standalone-stdio.ts, src/mcp/fastmcp/servers/claude-flow-sdk.ts, src/mcp/fastmcp/servers/stdio-full.ts, src/mcp/fastmcp/servers/http-streaming-updated.ts,...

8.8CVSS
Exploits0References7
CVE
CVE
added yesterday10 views

CVE-2026-57860

Technical details about CVE-2026-57860 are not publicly available in the provided documents. Monitor for updates.

8.4CVSS5.9AI score
Exploits0References5
NVD
NVD
added yesterday6 views

CVE-2026-12705

Missing support for integrity check vulnerability in ABB KNX Update Tool ABB, ABB KNX Update Tool BJE. This issue affects KNX Update Tool ABB: through 2.0.175; KNX Update Tool BJE: through 2.0.175...

6.4CVSS
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-45179

Missing support for integrity check vulnerability in ABB KNX Update Tool ABB, ABB KNX Update Tool BJE. This issue affects KNX Update Tool ABB: through 2.0.175; KNX Update Tool BJE: through 2.0.175...

6.4CVSS5.2AI score
Exploits0References1
Vulnrichment
Vulnrichment
added yesterday5 views

CVE-2026-12705 Integrity mechanism of KNX-device FW-files can be bypassed in ABB Update Tool

Missing support for integrity check vulnerability in ABB KNX Update Tool ABB, ABB KNX Update Tool BJE. This issue affects KNX Update Tool ABB: through 2.0.175; KNX Update Tool BJE: through 2.0.175...

6.4CVSS5.3AI score
Exploits0References1
Cvelist
Cvelist
added yesterday28 views

CVE-2026-12705 Integrity mechanism of KNX-device FW-files can be bypassed in ABB Update Tool

Missing support for integrity check vulnerability in ABB KNX Update Tool ABB, ABB KNX Update Tool BJE. This issue affects KNX Update Tool ABB: through 2.0.175; KNX Update Tool BJE: through 2.0.175...

6.4CVSS
Exploits0References1
CVE
CVE
added yesterday10 views

CVE-2026-12705

The CVE-2026-12705 entry concerns a missing integrity check in ABB KNX Update Tool (ABB) and KNX Update Tool (BJE) up to version 2.0.175. Affected components: KNX Update Tool (ABB) and KNX Update Tool (BJE); root cause: lack of integrity verification for KNX device firmware/files. Impact, as stat...

6.4CVSS5.2AI score
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-16017

The CVE-2026-16017 entry concerns mosaxiv clawlet cron Chat Tool (up to version 0.2.10), specifically the function list/remove in tools/tool_cron.go. The vulnerability is described as a manipulation that bypasses authorization, enabling remote exploitation. Public exploits have been released and ...

6.5CVSS6AI score
Exploits0References6
EUVD
EUVD
added yesterday11 views

EUVD-2026-45175

A security flaw has been discovered in mosaxiv clawlet up to 0.2.10. Impacted is the function list/remove of the file tools/toolcron.go of the component cron Chat Tool. The manipulation results in missing authorization. The attack may be performed from remote. The exploit has been released to the...

6.5CVSS6AI score
Exploits0References6
Cvelist
Cvelist
added yesterday25 views

CVE-2026-16017 mosaxiv clawlet cron Chat Tool tool_cron.go remove authorization

A security flaw has been discovered in mosaxiv clawlet up to 0.2.10. Impacted is the function list/remove of the file tools/toolcron.go of the component cron Chat Tool. The manipulation results in missing authorization. The attack may be performed from remote. The exploit has been released to the...

6.5CVSS
Exploits0References6
Positive Technologies
Positive Technologies
added yesterday7 views

PT-2026-60768

A security flaw has been discovered in mosaxiv clawlet up to 0.2.10. Impacted is the function list/remove of the file tools/tool cron.go of the component cron Chat Tool. The manipulation results in missing authorization. The attack may be performed from remote. The exploit has been released to th...

6.5CVSS6AI score
Exploits0References6
Positive Technologies
Positive Technologies
added yesterday6 views

PT-2026-60766

Missing support for integrity check vulnerability in ABB KNX Update Tool ABB, ABB KNX Update Tool BJE. This issue affects KNX Update Tool ABB: through 2.0.175; KNX Update Tool BJE: through 2.0.175...

6.4CVSS5.2AI score
Exploits0References1
NVD
NVD
added 2 days ago5 views

CVE-2026-46378

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. From 3.0.0 until 3.10.1, the selector lexer matchRegexPattern closure in Tokenizer.parseCurRune in selector/lexer/tokenize.go loops while tokenizing an unterminated regex literal such as r/ because...

6.2CVSS0.00112EPSS
Exploits0References2
OSV
OSV
added 2 days ago5 views

MAL-2026-10732 Malicious code in hehehe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 588dd776720f805d7d84a58c93ffcd21ed860e3fc21a48787d732eb6180b974d Package is published as an 'enterprise Windows Diagnostic Utility' but is an anti-proctoring cheating tool that also steals the installer's browser...

6.1AI score
Exploits0References2
OSV
OSV
added 2 days ago4 views

CVE-2026-46377 Dasel: Index-out-of-range panic in dasel selector lexer on trailing backslash in quoted string

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. From 3.0.0 until 3.10.1, the escape sequence handler in Tokenizer.parseCurRune in selector/lexer/tokenize.go increments past a trailing backslash in a quoted string such as "\ or '\ and then reads...

6.2CVSS6.1AI score0.00129EPSS
Exploits0References5
OSV
OSV
added 2 days ago4 views

CVE-2026-46378 Dasel: Denial of service in dasel selector lexer due to infinite loop on unterminated regex literal

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. From 3.0.0 until 3.10.1, the selector lexer matchRegexPattern closure in Tokenizer.parseCurRune in selector/lexer/tokenize.go loops while tokenizing an unterminated regex literal such as r/ because...

6.2CVSS6.1AI score0.00112EPSS
Exploits0References4
Rows per page
Query Builder