Lucene search
K

36 matches found

CVE
CVE
added 5 hours ago7 views

CVE-2026-15528

CVE-2026-15528 affects lamaalrajih/kicad-mcp up to 3.3.1. The vulnerability is in kicad_mcp/utils/path_validator.py where manipulating the arguments project_path or schematic_path causes a protection mechanism failure. Local exploitation is required, and the exploit has been made public. The proj...

4.8CVSS5.8AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.11 views

PT-2026-55744

Name of the Vulnerable Software and Affected Versions HdrHistogram versions prior to 2.2.3 Description A range check issue exists in the recordValue function within the org.HdrHistogram.DoubleHistogram class. A manipulation of this function leads to an incorrect comparison. This issue requires...

4.8CVSS5.8AI score0.0024EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.11 views

PT-2026-55798

Name of the Vulnerable Software and Affected Versions mjperpinosa stumasy versions up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be Description A remote cross-site scripting issue exists due to improper manipulation of the argument reference within the add definition function located in the...

5.1CVSS5.7AI score0.00203EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/07/04 11:45 p.m.41 views

CVE-2026-14685 HdrHistogram AbstractHistogram AbstractHistogram.java recordValueWithCount state issue

A vulnerability has been found in HdrHistogram up to 2.2.2. This vulnerability affects the function recordValueWithCount of the file src/main/java/org/HdrHistogram/AbstractHistogram.java of the component AbstractHistogram. Such manipulation of the argument Count leads to state issue. The attack c...

4.8CVSS0.00118EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/08 2:0 a.m.15 views

EUVD-2026-35009

A flaw has been found in kokke tiny-regex-c up to f2632c6d9ed25272987471cdb8b70395c2460bdb. This vulnerability affects the function matchstar of the file re.c of the component Pattern Handler. This manipulation causes inefficient regular expression complexity. The attack is restricted to local...

4.8CVSS4.9AI score0.00113EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.10 views

CVE-2026-7158

A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function validateurlsafe of the file src/mcpurldownloader/server.py. Such manipulation of the argument url leads to server-side request forgery. The attack...

7.5CVSS6.6AI score0.00294EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.8 views

CVE-2026-7211

A weakness has been identified in dvladimirov MCP up to 0.1.0. The impacted element is the function GitSearchRequest of the file mcpserver.py of the component Git Search API. Executing a manipulation of the argument repourl/pattern can lead to command injection. The attack can be executed remotel...

7.5CVSS6.9AI score0.01338EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 2:30 p.m.12 views

EUVD-2026-34842

A flaw has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. This impacts the function sessionstart of the file /login-form.php. Executing a manipulation of the argument UserAuthData can lead to session fixiation...

7.5CVSS5.2AI score0.00232EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.25 views

PT-2026-45678

A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argument uploadPath causes command injection. Remote exploitation of the attack is possible. The exploi...

6.5CVSS6.3AI score0.01067EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/01 5:0 p.m.31 views

CVE-2026-10276 hekmon8 Jenkins-server-mcp get_build_status/get_build_log/trigger_build index.ts jobPath server-side request forgery

A vulnerability has been found in hekmon8 Jenkins-server-mcp 0.1.0. This vulnerability affects the function jobPath of the file src/index.ts of the component getbuildstatus/getbuildlog/triggerbuild. Such manipulation leads to server-side request forgery. The attack may be performed from remote. T...

6.5CVSS0.0027EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/01 5:30 a.m.12 views

CVE-2026-10228

A vulnerability was found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admissionformcheck.php. The manipulation of the argument Message results in cross site scripting. The attack can be...

5.1CVSS4.2AI score0.00199EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/31 4:45 a.m.11 views

CVE-2026-10169

A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajaxforgotpassword of the file application/controllers/Login.php of the component Forgot Password Endpoint. The...

6.3CVSS5.1AI score0.00286EPSS
Exploits0References4
NVD
NVD
added 2026/05/25 5:16 p.m.18 views

CVE-2026-9472

A flaw has been found in dazeb markdown-downloader up to 3d4394b34b6c99d81af817623af55e3384df5a6a. Affected is the function downloadmarkdown/listdownloadedfiles/createsubdirectory of the file src/index.ts. Executing a manipulation can lead to path traversal. The attack can be launched remotely. T...

6.5CVSS0.00337EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 4:15 p.m.12 views

EUVD-2026-31706

A vulnerability has been found in c-rick jimeng-mcp 1.10.0. Affected by this vulnerability is the function getFileContent/uploadCoverFile/generateImage/generateVideo of the file src/api.ts. The manipulation of the argument filePath leads to path traversal. The attack may be initiated remotely. Th...

6.5CVSS6.2AI score0.00337EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 11:15 a.m.15 views

EUVD-2026-31671

A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component SkillsLoader. Performing a manipulation of the argument requires.bins results in command injection. T...

7.5CVSS5.6AI score0.01385EPSS
Exploits0References5
OSV
OSV
added 2026/05/11 2:16 a.m.5 views

DEBIAN-CVE-2026-8258

A flaw has been found in Squirrel up to 3.2. Impacted is the function validateformat in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can lead to stack-based buffer overflow. The attack can only be executed locally. The exploit has been published and may be used. The project was...

4.8CVSS6.2AI score0.00123EPSS
Exploits0References1
NVD
NVD
added 2026/05/05 4:16 p.m.15 views

CVE-2026-7844

A vulnerability was detected in chatchat-space Langchain-Chatchat up to 0.3.1.3. This vulnerability affects the function files/listfiles/retrievefile/retrievefilecontent/deletefile of the file libs/chatchat-server/chatchat/server/apiserver/openairoutes.py of the component Compatible File Service...

6.3CVSS0.00322EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.13 views

PT-2026-36970

A flaw has been found in UsamaK98 python-notebook-mcp up to a05a232815809a7e425b5fa7be26e0d4369894c2. Impacted is the function create notebook/read notebook/edit cell/add cell of the file server.py. This manipulation causes path traversal. It is possible to initiate the attack remotely. The explo...

7.5CVSS6.8AI score0.0041EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.6 views

CVE-2026-7443

A weakness has been identified in BurtTheCoder mcp-dnstwist up to 1.0.4. Affected by this vulnerability is the function fuzzdomain of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument Request can lead to os command injection. The attack may be launched...

7.5CVSS6.8AI score0.01378EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/29 9:30 p.m.3 views

CVE-2026-7416

A vulnerability was found in PolarVista xcode-mcp-server 1.0.0. This issue affects the function buildproject/runtests of the file src/index.ts of the component MCP Interface. The manipulation of the argument Request results in os command injection. The attack may be launched remotely. The exploit...

7.5CVSS7.2AI score0.01629EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder