Lucene search
K

8 matches found

vulnersOsv
vulnersOsv
added 2026/04/17 10:31 p.m.6 views

built-in-math-eval (>=0.1.0 <=0.3.1), function-plot (>=1.0.0 <=1.14.0) +1 more potentially affected by CVE-2026-41507 via math-codegen (>=0.2.5 <=0.4.2)

math-codegen NPM version =0.2.5, =0.1.0, =1.0.0, =0.2.0, =0.5.2 Source cves: CVE-2026-41507 Source advisory: SNYK:JS-MATHCODEGEN-16420747...

9.8CVSS5.8AI score0.00393EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/03/07 4:38 p.m.3 views

CVE-2026-30861 WeKnora: Remote Code Execution (RCE) via Command Injection in MCP Stdio Configuration Validation

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. From version 0.2.5 to before version 0.2.10, an unauthenticated remote code execution RCE vulnerability exists in the MCP stdio configuration validation. The application allows unrestricted user...

9.9CVSS6.5AI score0.02054EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2025/09/25 3:30 p.m.7 views

@extplug/cors-proxy (>=1.0.0 <=1.0.1), @ir-engine/server-core (=1.6.0) +34 more potentially affected by CVE-2020-36851 via cors-anywhere (>=0.2.5 <=0.4.4)

cors-anywhere NPM version =0.2.5, =1.0.0, =0.0.7, =0.1.0, =0.13.0, =0.0.19, =0.5.0, =0.5.0, =1.0.0, =1.2.0, =1.1.0, =4.0.0, =5.0.0 and more Source cves: CVE-2020-36851 Source advisory: SNYK:JS-CORSANYWHERE-13109647...

9.5CVSS5.8AI score0.01005EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/08 12:0 a.m.5 views

Amazon Linux 2023 : ruby3.2, ruby3.2-bundled-gems, ruby3.2-default-gems (ALAS2023-2025-1168)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1168 advisory. Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory...

6.5CVSS6.3AI score0.00412EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/04/02 2:8 p.m.4 views

WordPress Tainá plugin <= 0.2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter in WordPress Theme Tainá versions 0.2.5...

6.5CVSS6.1AI score0.00235EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2024/09/09 8:19 p.m.6 views

10chars-test (>=1.0.0 <=1.0.34), 128981semzub (=1.0.1) +1463 more potentially affected by CVE-2024-45296 via path-to-regexp (>=0.2.5 <=1.8.0)

path-to-regexp NPM version =0.2.5, =1.0.0, =4.0.61, =4.0.61, =4.0.61, =0.0.3, =0.0.1, =1.1.11, =2.0.0, =0.0.1, =1.0.0, =3.3.9-patch.1, =3.0.0, =3.0.3 and more Source cves: CVE-2024-45296 Source advisory: OSV:GHSA-9WV6-86V2-598J...

7.5CVSS6.6AI score0.00932EPSS
Exploits0
OSV
OSV
added 2023/09/19 2:47 p.m.31 views

CVE-2023-42444 phonenumber panics on parsing crafted RF3966 inputs

phonenumber is a library for parsing, formatting and validating international phone numbers. Prior to versions 0.3.3+8.13.9 and 0.2.5+8.11.3, the phonenumber parsing code may panic due to a panic-guarded out-of-bounds access on the phonenumber string. In a typical deployment of rust-phonenumber,...

8.6CVSS7.5AI score0.00694EPSS
Exploits0References5
NVD
NVD
added 2022/11/08 8:15 a.m.35 views

CVE-2022-39352

OpenFGA is a high-performance authorization/permission engine inspired by Google Zanzibar. Versions prior to 0.2.5 are vulnerable to authorization bypass under certain conditions. You are affected by this vulnerability if you added a tuple with a wildcard assigned to a tupleset relation the right...

9.8CVSS0.0042EPSS
Exploits0References1
Rows per page
Query Builder