Lucene search
K
Bdu FstecRecent

89987 matches found

BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

Vulnerability of the “iHead: Logs” module of the CMS system for 1C-Bitrix: Website management related to lack of measures to protect the website structure, allowing attackers to execute arbitrary code.

Vulnerability of the “iHead: Logs” module in the Content Management System CMS of 1C-Bitrix: Website management is related to the failure to protect the structure of web pages. Exploiting this vulnerability may allow a malicious actor to execute arbitrary code remotely...

9.4CVSS6AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability in the email template description of the state module and the Webmin control panel of the hosting system allows attackers to perform cross-site scripting (XSS) attacks.

The vulnerability of the email template description field in the state module of the Webmin hosting control panel is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

5.5CVSS5.6AI score0.00168EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the One-Time Password Handler component in the mobile application for managing internet services, the my Excitel App, allows a violator to disclose protected information.

The vulnerability of the One-Time Password Handler component in the mobile application for managing internet services, the my Excitel App, is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclo...

3.5CVSS5.7AI score0.00225EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the FortiSandbox threat detection and mitigation system, related to the lack of authentication, allows a violator to execute arbitrary code.

The vulnerability of the FortiSandbox threat detection and mitigation system is related to the lack of authentication. Exploiting this vulnerability allows a malicious actor operating remotely to execute arbitrary code...

10CVSS6.3AI score0.00733EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the Zimbra Collaboration Suite’s corporate email management system, related to the, allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Zimbra Collaboration Suite email management system is related to the of inter-site requests. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...

6.4CVSS5.8AI score0.00144EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the final loading point of the corporate version of the GitHub Enterprise Server, which allows a violator to disclose protected information

The vulnerability of the final download point of the corporate version of the GitHub Enterprise Server is related to insufficient validation of requests on the server side. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

7.8CVSS5.7AI score0.06605EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the r2cmd_str() function in the radare2-mcp server allows a hacker to execute arbitrary code.

The vulnerability of the r2cmdstr function in the radare2-mcp server is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.0192EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the contact search component in the SOGo software for collaborative work allows a hacker to execute arbitrary code or gain unauthorized access to protected information.

The vulnerability of the contact search component in the SOGo software for collaborative work is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or gain unauthorized access to protected...

10CVSS6.2AI score
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of Progress MOVEit Automation’s software for automating work processes lies in its ability to bypass authentication due to a fundamental flaw. This allows attackers to circumvent the authentication process and gain increased privileges.

The vulnerability of the Progress MOVEit Automation software for automating work processes is related to the ability to bypass authentication due to a fundamental flaw. Exploiting this vulnerability allows a malicious actor to circumvent the authentication process and gain increased privileges...

10CVSS6.1AI score0.05633EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the WLAN HAL microprogramming system component in Qualcomm’s embedded chips allows a hacker to trigger a service failure.

The vulnerability of the WLAN HAL microprogramming system component in Qualcomm’s embedded chips relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

7.8CVSS6AI score0.00216EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the DSP microprogramming software service in Qualcomm’s embedded chips allows attackers to disclose protected information.

The vulnerability of the DSP microprogramming system in Qualcomm’s embedded chips lies in the fact that operations are performed outside of the buffer in memory. Exploiting this vulnerability can allow attackers to disclose protected information...

6.1CVSS5.9AI score0.00074EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the microprogramming software of the Qualcomm QSC family, related to deficiencies in authentication procedures, allows a perpetrator to execute arbitrary code.

The vulnerability of the microprogramming software in the Qualcomm QSC family is related to deficiencies in the authentication process. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.1AI score
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of embedded Qualcomm microprogramming software, related to deficiencies in authentication mechanisms, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of embedded Qualcomm software is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

9.6CVSS5.8AI score0.00182EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of Qualcomm’s integrated circuit-based microprogramming software, related to the use of dangerous methods or functions, allows attackers to enhance their privileges.

The vulnerability of Qualcomm’s integrated circuit-based microprogramming software relates to the use of dangerous methods or functions. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.8CVSS5.8AI score
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the Zimbra Collaboration Suite’s email management system, related to incorrect restrictions on XML links to external objects, allows attackers to carry out XXE attacks.

The vulnerability of the Zimbra Collaboration Suite email management system is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability allows a malicious actor to perform XXE attacks remotely...

4.3CVSS5.7AI score0.00234EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the server.auth.getAuthorizationToken() function in the Ollama system for running and managing large language models (LLMs) allows a hacker to bypass existing security mechanisms.

The vulnerability of the server.auth.getAuthorizationToken function in the Ollama system for running and managing large language models is related to insufficient verification of data authenticity. Exploiting this vulnerability could allow a malicious actor to bypass existing security measures...

6.9CVSS7.3AI score0.03837EPSS
Exploits2References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the `net.Dial()` and `net.LookupPort()` functions in the Go programming language for Windows operating systems allows a hacker to cause a service failure.

The vulnerability of the net.Dial and net.LookupPort functions in the Go programming language for Windows operating systems is related to the use of pointers. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

7.8CVSS5.8AI score0.00588EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of Docker’s plugin-based system for creating containerized systems like Moby (Docker Engine) allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of Docker’s plugin-based container creation system, Moby Docker Engine, is related to a single-shift error. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and integrity of the protected information...

9.4CVSS5.8AI score0.00387EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the Next.js web application development software platform, related to the loading of unreliable external data alongside reliable data, allows attackers to trigger service failures.

The vulnerability of the Next.js web application development platform lies in the loading of unreliable external data alongside reliable data. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...

3.7CVSS5.7AI score0.00195EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the Windows WLAN Host microprogramming system components in Qualcomm’s embedded chips allows a hacker to trigger memory corruption.

The vulnerability of the Windows WLAN Host microprogramming software in embedded Qualcomm devices is related to the use of dangerous methods or functions. Exploiting this vulnerability can allow an attacker to cause memory corruption...

5.5CVSS5.8AI score0.00071EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the Tlon plugin (Urbit), which targets the AI agent OpenClaw (previously ClawdBot or MoltBot), allows a hacker to perform an SSRF attack.

The vulnerability of the Tlon plugin Urbit, which is part of the AI agent OpenClaw previously known as ClawdBot or MoltBot, stems from insufficient validation of requests on the server side. Exploiting this vulnerability allows a remote attacker to execute an SSRF attack...

8.3CVSS5.9AI score0.00242EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability in the `src/auto-reply/reply/commands-approve.ts` script of the AI agent OpenClaw (previously known as ClawdBot or MoltBot) allows a violator to bypass existing security mechanisms.

The vulnerability in the src/auto-reply/reply/commands-approve.ts script of the AI agent OpenClaw previously known as ClawdBot or MoltBot is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to bypass existing security mechanisms...

8.5CVSS5.7AI score0.00281EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the `tunnel.allowNgrokFreeTierLoopbackBypass` parameter. This vulnerability is exploited by an AI agent named OpenClaw (previously known as ClawdBot or MoltBot), allowing attackers to compromise the integrity and accessibility of protected information.

The vulnerability of the tunnel.allowNgrokFreeTierLoopbackBypass parameter is related to the AI agent OpenClaw previously ClawdBot or MoltBot. This vulnerability stems from the lack of authentication for a critical function. Exploiting this vulnerability allows an attacker operating remotely to...

6.5CVSS5.8AI score0.0029EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the OAuth authorization protocol implemented by the AI agent OpenClaw (formerly known as ClawdBot or MoltBot) allows a attacker to perform a CSRF attack.

The vulnerability of the OAuth authorization protocol implementation of the AI agent OpenClaw formerly known as ClawdBot or MoltBot is related to the manipulation of cross-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...

8.3CVSS5.6AI score0.00133EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.2 views

The vulnerability of the Cast component in Google Chrome and Microsoft Edge browsers allows attackers to bypass existing security restrictions.

The vulnerability of the Cast component in Google Chrome and Microsoft Edge relates to a flaw in data protection mechanisms. Exploiting this vulnerability allows an attacker to bypass existing security restrictions through a specially created HTML page...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.2 views

The vulnerability of the user interface (UI) of Google Chrome and Microsoft Edge browsers allows a hacker to execute arbitrary code.

The vulnerability of the user interface of Google Chrome and Microsoft Edge is related to improper handling of code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created HTML page...

4.2CVSS6.2AI score0.00155EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the Next.js software platform for creating web applications relates to bypassing authentication by using an alternative path or channel, allowing a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Next.js web application development software platform relates to bypassing authentication by using an alternative path or channel. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

7.8CVSS5.8AI score0.00505EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of embedded software developed by Qualcomm, related to unreliable pointer assignment, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of embedded software in Qualcomm chips relates to unreliable pointer handling. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and accessibility of protected information...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the Zimbra Collaboration Suite’s email management system lies in the lack of measures to neutralize special elements in LDAP requests. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the Zimbra Collaboration Suite email management system is related to the failure to take measures to neutralize special elements in the LDAP request. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

4.3CVSS5.8AI score0.00227EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of Mozilla Firefox’s preview interface for browser links allows attackers to carry out phishing attacks.

The vulnerability of the preview interface for Mozilla Firefox links is related to errors in information presentation by the user interface. Exploiting this vulnerability can allow attackers, operating remotely, to carry out phishing attacks...

5CVSS5.8AI score0.00199EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the OAuth protocol implementation of the artificial intelligence-based platform LibreChat, which allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the OAuth protocol implementation of the artificial intelligence-based LibreChat platform is related to the lack of authentication for a critical function. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

7.6CVSS5.8AI score0.00244EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the golang-x-image package, a programming language, allows attackers to trigger a service failure.

The vulnerability of the golang-x-image package, a programming language, is related to unlimited resource distribution. Exploiting this vulnerability can allow an attacker to cause service failures...

6.1CVSS5.8AI score0.00112EPSS
Exploits0References6Affected Software10
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the software for secure file sharing and transmission of SolarWinds Serv-U, related to uncontrolled resource consumption, allows a perpetrator to trigger a service failure.

The vulnerability of the software for secure file sharing and transmission of SolarWinds Serv-U is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to trigger a service failure by sending a specially crafted POST request...

7.8CVSS6.1AI score0.10659EPSS
Exploits2References5
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the password-changing component in the SOGo software, which allows a hacker to execute arbitrary code or gain unauthorized access to protected information.

The vulnerability of the contact search component in the SOGo software for collaborative work is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or gain unauthorized access to protected...

10CVSS6.2AI score
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the Next.js software platform for creating web applications stems from the occurrence of interpretation conflicts, which allow attackers to compromise the integrity and accessibility of the protected information.

The vulnerability of the Next.js web application development software platform is related to the occurrence of interpretation conflicts. Exploiting this vulnerability allows a malicious actor to compromise the integrity and accessibility of the protected information...

5.4CVSS5.8AI score0.0025EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the WLAN microprogramming software’s firmware in Qualcomm embedded chips allows a hacker to induce a service failure.

The vulnerability of WLAN microprogramming software’s firmware in Qualcomm embedded chips relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause system failures remotely...

7.8CVSS6AI score0.00216EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the graphical user interface of the software solution for coordinating the operation of cybersecurity systems and for managing real-time incident responses in Fortinet FortiSOAR allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the graphical user interface of the software solution for coordinating the operation of cybersecurity systems and for managing real-time incident responses in Fortinet FortiSOAR is related to insufficient validation of requests on the server side. Exploiting this vulnerabilit...

4.3CVSS5.8AI score0.00197EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the LibreChat artificial intelligence-based platform, related to the lack of access control when processing JWT tokens, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the LibreChat artificial intelligence-based platform is related to deficiencies in access control when processing JWT tokens. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected informati...

8CVSS5.8AI score0.00344EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the Camera component in the microprogramming software of Qualcomm’s integrated chips allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Camera component in the microprogramming software of Qualcomm-internal chips is related to unreliable pointer assignment. Exploiting this vulnerability could allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS5.8AI score0.00075EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the Go tool pack command language allows a perpetrator to gain access to read and write arbitrary files.

The vulnerability of the Go tool pack command language is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain access to read and write arbitrary files...

5.9CVSS6.2AI score0.0017EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the Web application network firewall library OWASP Coraza WAF lies in the use of a name with an incorrect reference. This allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the Web application firewall library OWASP Coraza WAF is related to the use of a name with an incorrect reference. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...

5.4CVSS6AI score0.00294EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.2 views

The vulnerability of the Media component in Google Chrome and Microsoft Edge allows a hacker to replace the user interface.

The vulnerability of the Media component in Google Chrome and Microsoft Edge is related to information representation errors in the user interface. Exploiting this vulnerability can allow a malicious actor to replace the user interface with a specially created HTML page...

6.4CVSS5.8AI score0.00159EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the API Endpoint component of the LibreChat artificial intelligence-based platform, which allows a hacker to compromise the integrity of the protected information.

The vulnerability of the API Endpoint component of the LibreChat artificial intelligence-based platform is related to a violation of expected behavior. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the integrity of the protected information...

9CVSS5.8AI score0.00419EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the get_abs_path() function in the framework for creating AI agents, Agent Zero, allows a hacker to read arbitrary files.

The vulnerability of the getabspath function in the framework used to create AI agents like Agent Zero is related to an incorrect limitation on the path name for the directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to read arbitrary files...

4.3CVSS5.9AI score0.00357EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the sub_41C8E8() function in D-Link DWR-M920 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the sub41C8E8 function in D-Link DWR-M920 router microprogramming software is related to the lack of measures taken to clean data at the control level when processing the actionvalue parameter. Exploiting this vulnerability can allow a remote attacker to execute arbitrary cod...

9CVSS6.1AI score0.04236EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the apparmor component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the apparmor component in the Linux operating system’s kernel is related to an uncontrolled recursion. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00177EPSS
Exploits0References10Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the Zimbra Collaboration Suite’s email management system, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Zimbra Collaboration Suite email management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

6.4CVSS5.5AI score0.00223EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the handle_pdf_document() function in the framework for creating AI agents, Agent Zero, allows a perpetrator to perform an SSRF attack.

The vulnerability of the handlepdfdocument function in the framework for creating AI agents like Agent Zero is related to insufficient validation of incoming requests. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute an SSRF attack...

6.5CVSS5.8AI score0.00201EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the LibreChat artificial intelligence-based platform, related to an error in processing exceptional states at the final `/api/convos` endpoint, allows a violator to trigger a service failure.

The vulnerability of the LibreChat artificial intelligence-based platform is related to an error in processing exceptional states at the final endpoint /api/convos. Exploiting this vulnerability could allow a malicious actor to cause service failures...

6.8CVSS5.8AI score0.00377EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/08 12:0 a.m.1 views

The vulnerability of the Printing component in Google Chrome and Microsoft Edge allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Printing component in Google Chrome and Microsoft Edge relates to the possibility of using memory after it is freed. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information...

8.3CVSS5.8AI score0.00178EPSS
Exploits0References4Affected Software2
Total number of security vulnerabilities89987