Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

92 matches found

NVD
NVDadded 2026/06/17 1:19 p.m.10 views

CVE-2026-10094

A Path Traversal vulnerability affecting SOLIDWORKS Visualize from SOLIDWORKS Desktop Release 2024 through SOLIDWORKS Desktop Release 2026 could allow an attacker to write arbitrary files on the server...

9.8CVSS0.0038EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/17 6:48 a.m.27 views

CVE-2026-10094 Path Traversal vulnerability affecting SOLIDWORKS Visualize from SOLIDWORKS Desktop Release 2024 through SOLIDWORKS Desktop Release 2026

A Path Traversal vulnerability affecting SOLIDWORKS Visualize from SOLIDWORKS Desktop Release 2024 through SOLIDWORKS Desktop Release 2026 could allow an attacker to write arbitrary files on the server...

9.8CVSS0.0038EPSS
Exploits0References1
CVE
CVEadded 2026/06/17 6:48 a.m.9 views

CVE-2026-10094

CVE-2026-10094 is a path traversal vulnerability in SOLIDWORKS Visualize used with SOLIDWORKS Desktop releases 2024–2026. The underlying flaw permits an attacker to write arbitrary files on the server. Affected product scope is SOLIDWORKS Visualize (with the 2024–2026 desktop releases); no vendor...

9.8CVSS5.4AI score0.0038EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/07 7:22 a.m.5 views

CVE-2026-1977

A security vulnerability has been detected in isaacwasserman mcp-vegalite-server up to 16aefed598b8cd897b78e99b907f6e2984572c61. Affected by this vulnerability is the function eval of the component visualizedata. Such manipulation of the argument vegalitespecification leads to code injection. The...

6.5CVSS6.1AI score0.00228EPSS
Exploits0References1
NVD
NVDadded 2026/02/06 4:15 a.m.5 views

CVE-2026-1977

A security vulnerability has been detected in isaacwasserman mcp-vegalite-server up to 16aefed598b8cd897b78e99b907f6e2984572c61. Affected by this vulnerability is the function eval of the component visualizedata. Such manipulation of the argument vegalitespecification leads to code injection. The...

6.5CVSS0.00228EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/02/06 3:32 a.m.3 views

CVE-2026-1977 isaacwasserman mcp-vegalite-server visualize_data eval code injection

A security vulnerability has been detected in isaacwasserman mcp-vegalite-server up to 16aefed598b8cd897b78e99b907f6e2984572c61. Affected by this vulnerability is the function eval of the component visualizedata. Such manipulation of the argument vegalitespecification leads to code injection. The...

6.5CVSS5.1AI score0.00228EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/02/06 3:32 a.m.32 views

CVE-2026-1977 isaacwasserman mcp-vegalite-server visualize_data eval code injection

A security vulnerability has been detected in isaacwasserman mcp-vegalite-server up to 16aefed598b8cd897b78e99b907f6e2984572c61. Affected by this vulnerability is the function eval of the component visualizedata. Such manipulation of the argument vegalitespecification leads to code injection. The...

6.5CVSS0.00228EPSS
Exploits0References5
CVE
CVEadded 2026/02/06 3:32 a.m.11 views

CVE-2026-1977

The CVE-2026-1977 entry concerns isaacwasserman mcp-vegalite-server. The vulnerability affects the eval usage in the visualize_data component, where manipulating the vegalite_specification argument can cause code injection. A remote attacker could exploit this, and public PoC details are noted. T...

6.5CVSS6.2AI score0.00228EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/02/06 12:0 a.m.6 views

PT-2026-6671

Name of the Vulnerable Software and Affected Versions isaacwasserman mcp-vegalite-server versions prior to 16aefed598b8cd897b78e99b907f6e2984572c61 Description A security issue exists in the eval function of the visualize data component. Manipulation of the vegalite specification argument can lea...

6.5CVSS5.3AI score0.00228EPSS
Exploits0References8
UbuntuCve
UbuntuCveadded 2026/01/08 2:15 p.m.3 views

CVE-2026-21892

Parsl is a Python parallel scripting library. A SQL Injection vulnerability exists in the parsl-visualize component of versions prior to 2026.01.05. The application constructs SQL queries using unsafe string formatting Python % operator with user-supplied input workflowid directly from URL routes...

7.3CVSS6AI score0.00235EPSS
Exploits1References3
OSV
OSVadded 2026/01/08 2:15 p.m.2 views

UBUNTU-CVE-2026-21892

Parsl is a Python parallel scripting library. A SQL Injection vulnerability exists in the parsl-visualize component of versions prior to 2026.01.05. The application constructs SQL queries using unsafe string formatting Python % operator with user-supplied input workflowid directly from URL routes...

7.3CVSS6AI score0.00235EPSS
Exploits1References4
CVE
CVEadded 2026/01/08 2:2 p.m.16 views

CVE-2026-21892

CVE-2026-21892 affects Parsl (Python parallel scripting library) in the parsl-visualize component. Versions prior to 2026.01.05 construct SQL queries using unsafe Python % formatting with user-supplied input (workflow_id) sourced from URL routes, enabling SQL injection by an unauthenticated attac...

7.3CVSS7.1AI score0.00235EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/08 2:2 p.m.1 views

CVE-2026-21892 Parsl Monitoring Visualization Vulnerable to SQL Injection

Parsl is a Python parallel scripting library. A SQL Injection vulnerability exists in the parsl-visualize component of versions prior to 2026.01.05. The application constructs SQL queries using unsafe string formatting Python % operator with user-supplied input workflowid directly from URL routes...

5.3CVSS7.1AI score0.00235EPSS
Exploits1References2
CNNVD
CNNVDadded 2026/01/08 12:0 a.m.4 views

parsl 安全漏洞

parsl is the Parallel Scripting Library open source a parallel scripting library for Python. A security vulnerability exists in parsl versions prior to 2026.01.05, which stems from an SQL injection in the parsl-visualize component that could lead to data exfiltration or denial of service...

7.3CVSS6.8AI score0.00235EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2026/01/08 12:0 a.m.3 views

PT-2026-2123

Name of the Vulnerable Software and Affected Versions Parsl versions prior to 2026.01.05 Description A SQL Injection issue exists in the parsl-visualize component. The application builds SQL queries using unsafe string formatting with user-supplied input workflow id taken directly from URL routes...

7.3CVSS7.7AI score0.00235EPSS
Exploits1References13
RedhatCVE
RedhatCVEadded 2026/01/07 9:39 a.m.9 views

CVE-1999-0707

The default FTP configuration in HP Visualize Conference allows conference users to send a file to other participants without authorization...

7.5CVSS6.8AI score0.02144EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/12/13 3:59 a.m.2 views

CVE-2025-13961

The Data Visualizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'visualize' shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5AI score0.00228EPSS
Exploits0References1
EUVD
EUVDadded 2025/12/12 3:20 a.m.3 views

EUVD-2025-202978

The Data Visualizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'visualize' shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS4.7AI score0.00228EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/12/12 3:20 a.m.1 views

CVE-2025-13961 Data Visualizer <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Data Visualizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'visualize' shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS4.7AI score0.00228EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/12/12 12:0 a.m.2 views

PT-2025-50833

The Data Visualizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'visualize' shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS5AI score0.00228EPSS
Exploits0References4
Rows per page
Query Builder