Lucene search
K

60485 matches found

Github Security Blog
Github Security Blog
added 2026/03/19 6:31 p.m.9 views

PyMuPDF has a path traversal in _main_.py

A path traversal and arbitrary file write vulnerability exist in the embedded get function in 'main.py' in PyMuPDF version, 1.26.5...

8.2CVSS5.9AI score0.00354EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/19 6:31 p.m.8 views

Metricbeat Allocates Memory with Excessive Size Value Leading to Denial of Service

Memory Allocation with Excessive Size Value CWE-789 in the Prometheus remotewrite HTTP handler in Metricbeat can lead Denial of Service via Excessive Allocation CAPEC-130...

5.7CVSS5.8AI score0.00179EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2026/03/19 6:31 p.m.4 views

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the remotewrite HTTP handler not enabled by default. An attacker can cause excessive memory allocation by sending specially crafted HTTP requests, potentially leading to service disruption...

6.9CVSS5.8AI score0.00179EPSS
Exploits0References2
Snyk
Snyk
added 2026/03/19 6:31 p.m.2 views

Memory Allocation with Excessive Size Value

Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value in the remotewrite HTTP handler not enabled by default. An attacker can cause excessive memory allocation by sending specially crafted HTTP requests, potentially leading to service disruption...

6.9CVSS5.8AI score0.00179EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/19 6:31 p.m.3 views

EUVD-2026-13139

Memory Allocation with Excessive Size Value CWE-789 in the Prometheus remotewrite HTTP handler in Metricbeat can lead Denial of Service via Excessive Allocation CAPEC-130...

5.7CVSS5.8AI score0.00179EPSS
Exploits0References2
OSV
OSV
added 2026/03/19 6:31 p.m.3 views

GHSA-5VRW-QJXW-89R5 Metricbeat Allocates Memory with Excessive Size Value Leading to Denial of Service

Memory Allocation with Excessive Size Value CWE-789 in the Prometheus remotewrite HTTP handler in Metricbeat can lead Denial of Service via Excessive Allocation CAPEC-130...

5.7CVSS5.8AI score0.00179EPSS
Exploits0References4
OSV
OSV
added 2026/03/19 5:46 p.m.7 views

GHSA-G2J9-7RJ2-GM6C Langflow has an Arbitrary File Write (RCE) via v2 API

Summary While reviewing the recent patch for CVE-2025-68478 External Control of File Name in v1.7.1, I discovered that the root architectural issue within LocalStorageService remains unresolved. Because the underlying storage layer lacks boundary containment checks, the system relies entirely on...

9.9CVSS6AI score0.01417EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/03/19 5:46 p.m.10 views

Langflow has an Arbitrary File Write (RCE) via v2 API

Summary While reviewing the recent patch for CVE-2025-68478 External Control of File Name in v1.7.1, I discovered that the root architectural issue within LocalStorageService remains unresolved. Because the underlying storage layer lacks boundary containment checks, the system relies entirely on...

9.9CVSS6AI score0.01417EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/03/19 5:5 p.m.17 views

CVE-2026-26931 Memory Allocation with Excessive Size Value in Metricbeat Leading to Denial of Service

Memory Allocation with Excessive Size Value CWE-789 in the Prometheus remotewrite HTTP handler in Metricbeat can lead Denial of Service via Excessive Allocation CAPEC-130...

5.7CVSS0.00179EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/19 5:5 p.m.2 views

CVE-2026-26931

Memory Allocation with Excessive Size Value CWE-789 in the Prometheus remotewrite HTTP handler in Metricbeat can lead Denial of Service via Excessive Allocation CAPEC-130...

5.7CVSS5.8AI score0.00179EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/19 5:5 p.m.19 views

CVE-2026-26931

CVE-2026-26931 affects Metricbeat’s Prometheus remote_write HTTP handler. The issue is a memory allocation with an excessive size value, leading to Denial of Service. Public references (OSV/GHSA/Nessus) describe Metricbeat (8.0.x–8.19.12/9.0.x–9.2.4 ranges) as affected and indicate remediation by...

5.7CVSS5.8AI score0.00179EPSS
Exploits0References1
OSV
OSV
added 2026/03/19 4:16 p.m.3 views

CVE-2026-3029

A path traversal and arbitrary file write vulnerability exist in the embedded get function in 'main.py' in PyMuPDF version, 1.26.5...

5.9AI score
Exploits0References3
NVD
NVD
added 2026/03/19 4:16 p.m.11 views

CVE-2026-3029

A path traversal and arbitrary file write vulnerability exist in the embedded get function in 'main.py' in PyMuPDF version, 1.26.5...

8.2CVSS0.00354EPSS
Exploits0References6
OSV
OSV
added 2026/03/19 4:16 p.m.4 views

UBUNTU-CVE-2026-3029

A path traversal and arbitrary file write vulnerability exist in the embedded get function in 'main.py' in PyMuPDF version, 1.26.5...

8.2CVSS5.9AI score0.00354EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2026/03/19 4:16 p.m.5 views

CVE-2026-3029

A path traversal and arbitrary file write vulnerability exist in the embedded get function in 'main.py' in PyMuPDF version, 1.26.5...

7.5CVSS5.9AI score0.00354EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/03/19 3:53 p.m.6 views

CVE-2026-3029

A path traversal and arbitrary file write vulnerability exist in the embedded get function in 'main.py' in PyMuPDF version, 1.26.5...

5.9AI score0.00354EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/03/19 3:53 p.m.28 views

CVE-2026-3029 CVE-2026-3029

A path traversal and arbitrary file write vulnerability exist in the embedded get function in 'main.py' in PyMuPDF version, 1.26.5...

0.00354EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/19 3:53 p.m.3 views

CVE-2026-3029 CVE-2026-3029

A path traversal and arbitrary file write vulnerability exist in the embedded get function in 'main.py' in PyMuPDF version, 1.26.5...

5.9AI score0.00354EPSS
Exploits0References2
CVE
CVE
added 2026/03/19 3:53 p.m.47 views

CVE-2026-3029

Summary: CVE-2026-3029 affects PyMuPDF 1.26.5. A path traversal in the embedded_get function (in main .py) allows arbitrary file writes. Impact: writing files to arbitrary local locations, potentially with elevated privileges. Status: document set confirms version and file, with remediation guida...

8.2CVSS5.9AI score0.00354EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/03/19 3:53 p.m.3 views

CVE-2026-3029

A path traversal and arbitrary file write vulnerability exist in the embedded get function in 'main.py' in PyMuPDF version, 1.26.5...

8.2CVSS5.5AI score0.00354EPSS
Exploits0
Rows per page
Query Builder