Lucene search
K

195539 matches found

CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. There is a security vulnerability in Qualcomm Chipsets, which stems from memory corruption that occurs when processing invalid fastboot commands...

7.2CVSS5.4AI score0.00097EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.16 views

Nextcloud Server 路径遍历漏洞

NextCloud Server is an open-source NextCloud server program developed by NextCloud. Versions of NextCloud Server from 31.0.0 to 31.0.14 and from 32.0.0 to 32.0.4 contained a path traversal vulnerability. This vulnerability occurred when the lang parameter was used in template directory...

6.5CVSS5.3AI score0.00392EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

WordPress plugin Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. WordPress plugins are additional applications that can b...

7.5CVSS5.5AI score0.00245EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

WordPress plugin WP Directory Kit SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...

9.3CVSS5.8AI score0.00236EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from missing permission checks for multiple functions in AppOpsService.java. This vulnerability may lead to the disclosure of local informati...

3.3CVSS5.3AI score0.00064EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

WordPress plugin Classified Listing 路径遍历漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

6.5CVSS5.5AI score0.00295EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from the lack of permission checks in the addInputMethodListener function within com.android.server.inputmethod.InputMethodManagerService. Th...

10CVSS5.3AI score0.00122EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. The FlexRIC v2.0.0 version contains a security vulnerability. This vulnerability stems from the use of the assert function to enforce the existence of pending events when processing RICSUBSCRIPTIONRESPONSE with an unknown...

7.5CVSS5.4AI score0.00347EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from improper input validation in the applySimpleFieldMaxSize function within DataRowHandler.java. This vulnerability may lead to local denia...

5.5CVSS5.3AI score0.00071EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Hermes Agent 安全漏洞

Hermes Agent is an AI agent tool developed by Nous Research, featuring a self-learning mechanism. Versions of Hermes Agent prior to 2026.4.30 contained a security vulnerability. This vulnerability stemmed from issues with the handlewebhookrequest function in the gateway/platforms/feishu.py file,...

6.9CVSS5.6AI score0.00372EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Version 7.0.x of OTRS contains security vulnerabilities. These vulnerabilities stem from user-controlled inputs during ticket processing, which could allow authenticated attackers to execute reflective cross-site scriptin...

7.1CVSS5.2AI score0.00219EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in OTRS versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X, as well as in the Community Edition 6.0.x version. These vulnerabilities stem from improper input validation ...

9.1CVSS5.6AI score0.00362EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities; these vulnerabilities stem from the lack of boundary checks, which may lead to local denial-of-service attacks, requiring user-specific permissions for...

5.5CVSS5.3AI score0.00102EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.17 views

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities, which stem from buffer overflow attacks. These vulnerabilities may lead to remote code execution, requiring user execution privileges for exploitation...

8CVSS6.3AI score0.00435EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.16 views

Hermes Agent 安全漏洞

Hermes Agent is an AI agent tool developed by Nous Research, featuring a self-learning mechanism. Versions of Hermes Agent prior to 2026.4.30 contained a security vulnerability, which was caused by issues with the servepluginskill/skillview function in the tools/skillstool.py file. This...

7.5CVSS7.3AI score0.00304EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

goclaw 安全漏洞

Goclaw is an open-source multi-tenant AI smart agent platform developed by Next Level Builder. Goclaw versions 3.11.3 and earlier contain security vulnerabilities. These vulnerabilities stem from improper permission management in the handleSave function within the RoleAdmin Gateway component’s...

6.5CVSS6.5AI score0.00209EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

droidclaw 安全漏洞

Droidclaw is an open-source AI tool developed by Unitedby AI U/AI, which allows for control of Android phones through natural language commands. Droidclaw versions 0.5.3 and earlier contain security vulnerabilities. These vulnerabilities stem from an improper limit on the number of authentication...

6.3CVSS5.1AI score0.00406EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Dolibarr ERP CRM 授权问题漏洞

Dolibarr ERP CRM is an open-source enterprise and sales management system developed by Dolibarr. Versions of Dolibarr ERP CRM 23.0.1 and earlier had an authorization issue. This vulnerability stems from an improper authorization in the CheckUserAccessToObject function within the Leave Request RES...

5.3CVSS5AI score0.00259EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

AstrBot 路径遍历漏洞

AstrBot is an open-source multi-platform LLM chatbot and development framework created by AstrBot. Version 4.23.6 of AstrBot contains a path traversal vulnerability. This vulnerability stems from improper handling of the Name parameter in the/api/skills/delete file within the API Endpoint...

5.5CVSS5.6AI score0.00372EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

OFCMS SQL注入漏洞

OFCMS is a content management system developed by the Oufu individual developers. Version OFCMS 1.1.3 has a SQL injection vulnerability, which stems from an SQL injection in the Query function of the SysUserController.java file within the JSON query interface...

6.5CVSS6.6AI score0.00192EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.98 views

Hermes Agent 安全漏洞

Hermes Agent is an AI agent tool developed by Nous Research, featuring a self-learning mechanism. Versions of Hermes Agent prior to 2026.4.30 contained a security vulnerability, which was caused by a problem with the sanitizeenvlines function in the hermescli/config.py file. This vulnerability...

6.3CVSS5.8AI score0.00266EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.15 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X. These vulnerabilities stem from improper input validation in the client backend module, which may allow access to...

5.7CVSS5.3AI score0.00198EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.16 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Versions 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X of OTRS contained security vulnerabilities. These vulnerabilities were due to uncontrolled resource allocation during email processing, which could...

5.7CVSS5.3AI score0.00201EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.15 views

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities. These vulnerabilities stem from insufficient boundary checking in the geniezone component, leading to out-of-bound writes. This can result in an increase in...

7.8CVSS5.3AI score0.00108EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

MediaTek Chipsets 安全漏洞

MediaTek Chipsets are a series of chips developed by MediaTek Corporation in China. The MediaTek Chipsets contain security vulnerabilities. These vulnerabilities stem from insufficient boundary checking in the geniezone component, leading to out-of-bound writes. This can result in an increase in...

6.7CVSS5.3AI score0.00114EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Hermes Agent 安全漏洞

Hermes Agent is an AI agent tool developed by Nous Research, featuring a self-learning mechanism. Versions of Hermes Agent prior to 0.12.0 contain security vulnerabilities. These vulnerabilities stem from issues with the compresscontext function in the runagent.py file, which may lead to injectio...

7.5CVSS7.3AI score0.00304EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

goclaw 操作系统命令注入漏洞

Goclaw is an open-source multi-tenant AI agent platform developed by Next Level Builder. Goclaw versions 3.11.3 and earlier contained a vulnerability related to operating system command injection. This vulnerability originated from the FsBridge.WriteFile function in the internal/sandbox/fsbridge....

7.5CVSS7.7AI score0.01336EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

goclaw 授权问题漏洞

Goclaw is an open-source multi-tenant AI agent platform developed by Next Level Builder. Goclaw versions 3.11.3 and earlier have a vulnerability related to authorization. This vulnerability stems from improper authorization in the auth function within the internal/http/evolutionhandlers.go file,...

5.5CVSS5.8AI score0.0023EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

AstrBot 安全漏洞

AstrBot is an open-source multi-platform LLM chatbot and development framework created by AstrBot. Version 4.23.6 of AstrBot contains a security vulnerability. This vulnerability stems from the improper authorization in the normalizerwpath function found in the...

6.5CVSS6.4AI score0.00201EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

AstrBot 安全漏洞

AstrBot is an open-source multi-platform LLM chatbot and development framework created by AstrBot. Version 4.23.6 of AstrBot contains a security vulnerability, which stems from an injection vulnerability in the sanitizepromptdescription function located in the astrbot/core/skills/skillmanager.py...

6.5CVSS6.3AI score0.00228EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Metasoft MetaCRM 代码问题漏洞

Metasoft MetaCRM is a customer relationship management system software developed by Metasoft Corporation. Version 6.4.0 of Metasoft MetaCRM contains a code vulnerability. This vulnerability stems from the develop/systparam/softlogo/upload.jsp file, which lacks restrictions on uploads, potentially...

6.5CVSS6.5AI score0.00201EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

OFCMS SQL注入漏洞

OFCMS is a content management system developed by the Oufu individual developers. Version OFCMS 1.1.3 has a SQL injection vulnerability, which stems from the SQL injection in the Query function of the SystemDictController.java file within the JSON query interface...

6.5CVSS6.6AI score0.00192EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.17 views

Assimp 安全漏洞

Assimp is an open-source library developed by Assimp. It is used for importing and exporting various 3D model formats. Versions of Assimp 6.0.4 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a zero-division error in the FBXExporter.cpp file’s...

4.8CVSS4.6AI score0.00112EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

WordPress plugin WP Statistics 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS5.1AI score0.00212EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.15 views

AnomalyMatch 安全漏洞

AnomalyMatch is a semi-supervised image anomaly detection tool open source by the European Space Agency. Versions of AnomalyMatch prior to 1.3.1 contained security vulnerabilities. These vulnerabilities stemmed from the use of torch.load to load model files without proper deserialization...

7.8CVSS6AI score0.00144EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from a logical error in the fixInitiatingUserIfNecessary function. This vulnerability may lead to emergency calls...

4CVSS5.3AI score0.00074EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. Qualcomm Chipsets have a buffer error vulnerability, which stems from memory corruption when processing device identifier strings that exceed the expected maximum length...

7.8CVSS5.7AI score0.00075EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Code-Projects Online Hospital Management System SQL注入漏洞

Code-Projects Online Hospital Management System is an open-source online hospital management system developed by Code-Projects. Version 1.0 of the Code-Projects Online Hospital Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of the editid...

6.5CVSS6.6AI score0.002EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

CodexBar 安全漏洞

CodexBar is an AI programming service usage monitoring tool developed by Peter Steinberger. Versions of CodexBar prior to 0.32.0 contained security vulnerabilities. These vulnerabilities were caused by a session cookie leakage issue, which could allow network attackers to exploit the improper...

8.2CVSS5.3AI score0.00186EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.11 views

Dassault Systèmes DELMIA Service Process Engineer 安全漏洞

Dassault Systèmes DELMIA Service Process Engineer is a process planning software developed by Dassault Systèmes, a French company. There are security vulnerabilities in Dassault Systèmes DELMIA Service Process Engineer versions from 3DEXPERIENCE R2024x to 3DEXPERIENCE R2026x. These vulnerabilitie...

8.7CVSS5.6AI score0.00199EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. The FlexRIC v2.0.0 version contains a security vulnerability. This vulnerability arises from trusting the xappid field in the trust E42 message without binding it to the sender’s SCTP association. As a result, remote...

7.5CVSS5.4AI score0.0057EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from an integer overflow in the l2cfcrclonebuf function found in l2cfcr.cc. This vulnerability may lead to controlled heap corruption within...

8CVSS5.7AI score0.00107EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.10 views

Dräger Infinity Explorer C700 安全漏洞

The Dräger Infinity Explorer C700 is an integrated medical-grade monitoring workstation component developed by the German company Dräger. The Dräger Infinity Explorer C700 has a security vulnerability that stems from privilege escalation. This vulnerability could allow attackers to break through...

8.6CVSS5.3AI score0.00118EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

Capsule 安全漏洞

Capsule is an open-source Kubernetes framework developed by Project Capsule. Versions prior to Capsule 0.13.0 have security vulnerabilities. These vulnerabilities stem from the processing of TenantResource RawItems, which does not set namespaces for cluster-wide resources. This could allow tenant...

9.1CVSS5.4AI score0.0043EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.42 views

Nextcloud Server 访问控制错误漏洞

NextCloud Server is an open-source NextCloud server program. Versions of NextCloud Server from 32.0.0 to 32.0.9 and from 33.0.0 to 33.0.3 had a access control vulnerability due to improper sharing token access controls. This vulnerability could allow malicious users to access temporarily uploaded...

6.3CVSS5.3AI score0.00231EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.14 views

nanobot 代码问题漏洞

Nanobot is a lightweight personal AI assistant open-source by Data Intelligence Lab@HKU. Versions of Nanobot prior to 0.2.1 contained code vulnerabilities. These vulnerabilities stemmed from issues with server-side request forgeing in the webFetch tool. This could allow remote attackers to access...

5.3CVSS5.5AI score0.00287EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

FlexRIC 安全漏洞

FlexRIC is an open-source RAN intelligent controller developed by Mosaic5G. Version FlexRIC v2.0.0 contains a security vulnerability. This vulnerability arises from the use of the assert function to enforce mapping relationships before sending the E2SETUPREQUEST message. This could allow remote...

7.5CVSS5.4AI score0.00347EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

Nextcloud Server 授权问题漏洞

NextCloud Server is an open-source NextCloud server program. Versions of NextCloud Server from 32.0.0 to 32.0.9 and from 33.0.0 to 33.0.3 had authorization-related vulnerabilities. These vulnerabilities stemmed from authentication bypasses, allowing attackers who know the user’s password to...

5.9CVSS5.3AI score0.0029EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

OTRS 安全漏洞

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X of OTRS, as well as versions before 2026.4.X. These vulnerabilities stem from improper handling of permissions in the document search...

3.5CVSS5.3AI score0.00143EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.13 views

Qualcomm Chipsets 代码问题漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have code-related vulnerabilities; these vulnerabilities arise from heap memory exhaustion during secure data initialization, leading to memory corruption when writing to invalid memory locations...

7.8CVSS5.6AI score0.00075EPSS
Exploits0References1
Total number of security vulnerabilities195539