Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.13 views

CVE-2026-7221

A vulnerability was found in TencentCloudBase CloudBase-MCP up to 2.17.0. Affected is the function openUrl of the file mcp/src/interactive-server.ts of the component open-url API Endpoint. The manipulation of the argument req.body.url results in server-side request forgery. It is possible to laun...

7.5CVSS6.6AI score0.00298EPSS
Exploits0References1
NVD
NVD
added 2026/04/28 4:16 a.m.5 views

CVE-2026-7221

A vulnerability was found in TencentCloudBase CloudBase-MCP up to 2.17.0. Affected is the function openUrl of the file mcp/src/interactive-server.ts of the component open-url API Endpoint. The manipulation of the argument req.body.url results in server-side request forgery. It is possible to laun...

7.5CVSS0.00298EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/04/28 3:30 a.m.6 views

CVE-2026-7221

A vulnerability was found in TencentCloudBase CloudBase-MCP up to 2.17.0. Affected is the function openUrl of the file mcp/src/interactive-server.ts of the component open-url API Endpoint. The manipulation of the argument req.body.url results in server-side request forgery. It is possible to laun...

7.5CVSS5.1AI score0.00298EPSS
Exploits0References8Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.8 views

PT-2026-35653

A vulnerability was found in TencentCloudBase CloudBase-MCP up to 2.17.0. Affected is the function openUrl of the file mcp/src/interactive-server.ts of the component open-url API Endpoint. The manipulation of the argument req.body.url results in server-side request forgery. It is possible to laun...

7.5CVSS7AI score0.00298EPSS
Exploits0References12
CVE
CVE
added 2026/04/17 12:15 p.m.33 views

CVE-2026-6486

CVE-2026-6486 affects classroombookings up to version 2.17.0; the read() function in crbs-core/application/views/layout.php (User Display Name Handler) is vulnerable to cross-site scripting via the displayname argument. Exploitation is possible remotely; exploitation is documented as PoC. A fix i...

5.1CVSS4.1AI score0.00212EPSS
Exploits0References8
Snyk
Snyk
added 2026/03/25 6:38 p.m.3 views

Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error via the FcFontCapabilities function in fcfreetype.c. An attacker can cause a one-byte out-of-bounds write, potentially leading to a crash or execution of arbitrary code by supplying crafted input that triggers the...

7.8CVSS6.3AI score0.00125EPSS
Exploits0References2
Debian
Debian
added 2026/01/19 10:50 p.m.11 views

[SECURITY] [DLA 4444-1] apache-log4j2 security update

Debian LTS Advisory DLA-4444-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 19, 2026 https://wiki.debian.org/LTS Package : apache-log4j2 Version : 2.17.1-1deb11u2 CVE ID : CVE-2025-68161 Debian Bug : 1123744 In Apache Log4j2, a Java Logging Framework, t...

6.3CVSS6.5AI score0.00743EPSS
Exploits1
Rows per page
Query Builder