38452 matches found
CVE-2026-33017 Langflow has Unauthenticated Remote Code Execution via Public Flow Build Endpoint
Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/buildpublictmp/flowid/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses...
CVE-2026-32953 Tillitis: TKey Client has an Error in Protocol Implementation
Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets USS to be silently ignored, producing the same Compound Device Identifier CDI—and thus the same key...
CVE-2026-32953
Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets USS to be silently ignored, producing the same Compound Device Identifier CDI—and thus the same key...
CVE-2026-32949 SQLBot: SSRF to Arbitrary File Read (AFR) via Rogue MySQL
SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a Server-Side Request Forgery SSRF vulnerability that allows an attacker to retrieve arbitrary system and application files from the server. An attacker can exploit the...
CVE-2026-32947
Harden-Runner (CI/CD security agent for GitHub Actions runners) versions 2.15.1 and earlier are affected by a DNS over HTTPS (DoH) vulnerability that enables data exfiltration through permitted HTTPS endpoints by encoding data (e.g., hostname) in DoH subdomains. The attack requires the attacker t...
CVE-2026-32889
Tinytag (Python) version 2.2.0 is affected by a Denial of Service via a non-terminating SYLT frame parsing loop when processing attacker-supplied MP3s. The root cause is in _parse_synced_lyrics/_find_string_end_pos where an absent string terminator can cause the parser to reset its offset and nev...
DEBIAN-CVE-2026-32874
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Versions 5.4.0 through 5.11.0 contain an accumulating memory leak in JSON parsing large outside of the range -2^63, 2^64 - 1 integers. The leaked memory is a copy of the string form of the integer plus a...
CVE-2026-32711
pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, b...
CVE-2026-32880
ChurchCRM is an open-source church management system. Versions prior to 7.0.2 allow an admin user to edit JSON type system settings to store a JavaScript payload that can execute when any admin views the system settings. The JSON input is left unescaped/unsanitized in SystemSettings.php, leading ...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:arc-graphql-spring-boot-starter (>=0.1.1 <=0.112.0) +1641 more potentially affected by CVE-2026-22737 via org.springframework:spring-webflux (>=6.0.0 <=6.1.21)
org.springframework:spring-webflux MAVEN version =6.0.0, =0.2.0, =0.1.1, =0.1.1, =0.0.4, =0.1.0, =0.6.0, =0.6.0, =0.2.2, =0.0.6, =0.0.6, =4.5.0, =1.2.0, =1.3.0 and more Source cves: CVE-2026-22737 Source advisory: OSV:GHSA-4773-3JFM-QMX3...
SUSE CVE-2026-28500
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load due to improper logic in the repository trust verification mechanism. While the function is designed to warn users...
itsourcecode Online Frozen Foods Ordering System SQL注入漏洞
itsourcecode Online Frozen Foods Ordering System is an open-source online frozen food ordering system developed by itsourcecode. Version 1.0 of the system has a SQL injection vulnerability, which arises from incorrect handling of the parameter productname in the file admin/admin/editmenuaction.ph...
CVE-2026-23274
In the Linux kernel, the following vulnerability has been resolved: netfilter: xtIDLETIMER: reject rev0 reuse of ALARM timer labels IDLETIMER revision 0 rules reuse existing timers by label and always call modtimer on timer-timer. If the label was created first by revision 1 with XTIDLETIMERALARM...
Linux Distros Unpatched Vulnerability : CVE-2026-23266
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev: rivafb: fix divide error in nv3arb A userspace program can trigger the RIVA NV3 arbitration code by calling the FBIOPUTVSCREENINFO ioctl on /dev/fb. When...
Linux Distros Unpatched Vulnerability : CVE-2026-4159
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - 1-byte OOB heap read in wcPKCS7DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte...
AWStats 安全漏洞
AWStats is a log analysis tool developed by eldy, a personal developer. This software supports the analysis of web site logs on all operating systems such as IIS 5.0 and Apache. It can analyze logs from web, WAP, proxy, streaming servers, FTP, and mail servers. AWStats 8.0 has a security...
NASimJax: GPU-Accelerated Policy Learning Framework for Penetration Testing
Penetration testing, the practice of simulating cyberattacks to identify vulnerabilities, is a complex sequential decision-making task that is inherently partially observable and features large action spaces. Training reinforcement learning RL policies for this domain faces a fundamental...
PT-2026-26653
A vulnerability was identified in atjiu pybbs 6.0.0. This affects the function create of the file src/main/java/co/yiiu/pybbs/controller/api/TopicApiController.java. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available a...
Zimbra Collaboration Suite(ZCS) 安全漏洞
Zimbra Collaboration Suite ZCS is an open-source collaboration suite developed by Zimbra Corporation. This product includes features such as WebMail, calendars, and contact management. Both the Zimbra Collaboration Suite 10.0 and 10.1 versions contained security vulnerabilities. These...
PT-2026-26562
AVideo is a video-sharing Platform. Versions prior to 8.0 contain a SQL Injection vulnerability in the getSqlFromPost method of Object.php. The $ POST'sort' array keys are used directly as SQL column identifiers inside an ORDER BY clause. Although real escape string was applied, it only escapes...