Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8159 matches found

OSV
OSVadded 2026/04/20 11:16 a.m.2 views

UBUNTU-CVE-2026-6654

Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic in ptr::dropinplace skips setting the length to zero...

5.1CVSS5.8AI score0.00022EPSS
Exploits1References3
Debian CVE
Debian CVEadded 2026/04/20 10:5 a.m.1 views

CVE-2026-6654

Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic in ptr::dropinplace skips setting the length to zero...

5.1CVSS5.2AI score0.00022EPSS
Exploits1
EUVD
EUVDadded 2026/04/20 12:30 a.m.3 views

EUVD-2026-23717

A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function getvectordbdetails of the file superagi/controllers/vectordbs.py of the component Vector Database Management Endpoint. Executing a manipulation can lead to missing authentication. The attack...

7.5CVSS5.3AI score0.00105EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/20 12:0 a.m.1 views

CVE-2026-29645

NEMU OpenXiangShan/NEMU before v2025.12.r2 contains an improper instruction-validation flaw in its RISC-V Vector RVV decoder. The decoder does not correctly validate the funct3 field when decoding vsetvli/vsetivli/vsetvl, allowing certain invalid OP-V instruction encodings to be misinterpreted an...

5.9AI score0.00034EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/04/20 12:0 a.m.5 views

NEMU 安全漏洞

NEMU is an open-source teaching system simulator developed by XiangShan. Versions of NEMU prior to v2025.12.r2 contained security vulnerabilities. These vulnerabilities were caused by improper instruction validation in the RISC-V Vector decoder, which could lead to incorrect trap behavior,...

7.5CVSS5.8AI score0.00034EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/20 12:0 a.m.2 views

PT-2026-33826

NEMU OpenXiangShan/NEMU before v2025.12.r2 contains an improper instruction-validation flaw in its RISC-V Vector RVV decoder. The decoder does not correctly validate the funct3 field when decoding vsetvli/vsetivli/vsetvl, allowing certain invalid OP-V instruction encodings to be misinterpreted an...

7.5CVSS5.9AI score0.00034EPSS
Exploits0References8
OPENSUSE Linux
OPENSUSE Linuxadded 2026/04/20 12:0 a.m.4 views

Security update for roundcubemail (important)

openSUSE Security Update: Security update for roundcubemail Announcement ID: openSUSE-SU-2026:0144-1 Rating: important References: 1261157 1261488 Cross-References: CVE-2026-35537 Affected Products: openSUSE Backports SLE-15-SP6 An update that solves one vulnerability and has one errata is now...

7.5CVSS5.7AI score0.00051EPSS
Exploits0References2
CVE
CVEadded 2026/04/20 12:0 a.m.4 views

CVE-2026-29645

CVE-2026-29645 (NEMU/OpenXiangShan/NEMU) : The RVV decoder in NEMU before v2025.12.r2 has an improper instruction-validation flaw: it does not properly validate the funct3 field when decoding vsetvli/vsetivli/vsetvl. As a result, certain invalid OP-V instruction encodings can be misinterpreted an...

7.5CVSS5.9AI score0.00034EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/04/20 12:0 a.m.26 views

CVE-2026-29645

NEMU OpenXiangShan/NEMU before v2025.12.r2 contains an improper instruction-validation flaw in its RISC-V Vector RVV decoder. The decoder does not correctly validate the funct3 field when decoding vsetvli/vsetivli/vsetvl, allowing certain invalid OP-V instruction encodings to be misinterpreted an...

0.00034EPSS
Exploits0References4
Redos
Redosadded 2026/04/20 12:0 a.m.5 views

ROS-20260420-73-0018

A vulnerability in the CMS message handler of the OpenSSL cryptographic library is related to writing outside buffer boundaries when processing an initialization vector. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code by sending specially crafted packets...

8.8CVSS7.5AI score0.02889EPSS
Exploits7
ATTACKERKB
ATTACKERKBadded 2026/04/20 12:0 a.m.0 views

CVE-2026-29645

NEMU OpenXiangShan/NEMU before v2025.12.r2 contains an improper instruction-validation flaw in its RISC-V Vector RVV decoder. The decoder does not correctly validate the funct3 field when decoding vsetvli/vsetivli/vsetvl, allowing certain invalid OP-V instruction encodings to be misinterpreted an...

5.9AI score0.00034EPSS
Exploits0References5
NVD
NVDadded 2026/04/19 11:16 p.m.3 views

CVE-2026-6582

A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function getvectordbdetails of the file superagi/controllers/vectordbs.py of the component Vector Database Management Endpoint. Executing a manipulation can lead to missing authentication. The attack...

7.5CVSS0.00105EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/19 10:45 p.m.22 views

CVE-2026-6582 TransformerOptimus SuperAGI Vector Database Management Endpoint vector_dbs.py get_vector_db_details missing authentication

A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function getvectordbdetails of the file superagi/controllers/vectordbs.py of the component Vector Database Management Endpoint. Executing a manipulation can lead to missing authentication. The attack...

7.5CVSS0.00105EPSS
Exploits0References4
CVE
CVEadded 2026/04/19 10:45 p.m.6 views

CVE-2026-6582

TransformerOptimus SuperAGI up to 0.0.14: the get_vector_db_details function in superagi/controllers/vector_dbs.py of the Vector Database Management Endpoint is vulnerable to a manipulation that leads to missing authentication. This is a remote-exploit, with a publicly published exploit and confi...

7.5CVSS6.6AI score0.00105EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/04/19 10:45 p.m.3 views

CVE-2026-6582

A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function getvectordbdetails of the file superagi/controllers/vectordbs.py of the component Vector Database Management Endpoint. Executing a manipulation can lead to missing authentication. The attack...

7.5CVSS5.3AI score0.00105EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/19 10:45 p.m.1 views

CVE-2026-6582 TransformerOptimus SuperAGI Vector Database Management Endpoint vector_dbs.py get_vector_db_details missing authentication

A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function getvectordbdetails of the file superagi/controllers/vectordbs.py of the component Vector Database Management Endpoint. Executing a manipulation can lead to missing authentication. The attack...

7.5CVSS6.6AI score0.00105EPSS
Exploits0References4
Packet Storm News
Packet Storm Newsadded 2026/04/19 12:0 a.m.12 views

GuardPhish: Securing Open-Source LLMs from Phishing Abuse

The rapid adoption of open-source Large Language Models LLMs in offline and enterprise environments has introduced a largely unexamined security risk like susceptibility to adversarial phishing prompts under static safety configurations. In this work, we systematically investigate this...

5.8AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2026/04/19 12:0 a.m.4 views

PT-2026-33651

A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function get vector db details of the file superagi/controllers/vector dbs.py of the component Vector Database Management Endpoint. Executing a manipulation can lead to missing authentication. The...

7.5CVSS6.6AI score0.00105EPSS
Exploits0References6
OSV
OSVadded 2026/04/18 1:11 a.m.3 views

GHSA-JM8C-9F3J-4378 pretalx mail templates vulnerable to email injection via unescaped user-controlled placeholders

An unauthenticated attacker can send arbitrary HTML-rendered emails from a pretalx instance's configured sender address by embedding malformed HTML or markdown link syntax in a user-controlled template placeholder such as the account display name. The most direct vector is the password-reset flow...

6.1CVSS5.9AI score0.00048EPSS
Exploits0References4
OSV
OSVadded 2026/04/18 12:42 a.m.2 views

GHSA-XR93-PCQ3-PXF8 Zebra: addr/addrv2 Deserialization Resource Exhaustion

CVE-2026-40881: addr/addrv2 Deserialization Resource Exhaustion Summary When deserializing addr or addrv2 messages, which contain vectors of addresses, Zebra would fully deserialize them up to a maximum length over 233,000 that was derived from the 2 MiB message size limit. This is much larger th...

6.3CVSS5.7AI score0.0006EPSS
Exploits0References3
Rows per page
Query Builder