365040 matches found
CVE-2026-56378
CVE-2026-56378 affects ImageMagick before 7.1.2-15 and 6.x before 6.9.13-40. The issue is a heap out-of-bounds read in the PCD decoder’s DecodeImage loop, where a crafted PCD file can cause a one-byte heap read, leading to denial of service and potential disclosure of an adjacent heap byte. Remed...
CVE-2026-56316
Cap-go before 12.128.2 contains an information disclosure vulnerability in the OPTIONS /build/upload/:jobId/* endpoint that allows unauthenticated attackers to enumerate valid builder job IDs by observing response discrepancies. Attackers can probe without authentication to distinguish valid job ...
CVE-2026-56367
ImageMagick is affected in versions prior to 7.1.2-15 and 6.9.x prior to 6.9.13-40, where an integer overflow in the PSB (PSD v2) RLE decoding path (ReadPSDChannelRLE in coders/psd.c) can cause a heap out-of-bounds read on 32-bit builds. Processing a crafted PSB file may lead to information discl...
CVE-2026-56299
CVE-2026-56299 (Capgo) affects Capgo prior to 12.128.2. An authentication bypass in the /build/upload/:jobId/* endpoint allows unauthenticated remote attackers to trigger repeated 500 errors by sending OPTIONS requests, bypassing authentication middleware and invoking tusProxy logic with invalid ...
CVE-2026-56265
CVE-2026-56265 affects Crawl4AI prior to 0.8.7 due to a hardcoded default JWT signing key in the Docker API server. The root cause is token forgery: an attacker who knows the default key can forge valid authentication tokens for any user, bypassing authentication and gaining full access to protec...
CVE-2026-56253
Capgo is affected by an improper access control vulnerability in the public.get_org_members RPC prior to version 12.128.2. unauthenticated attackers can enumerate organization members by calling the endpoint with a public sb_publishable_* key and an organization UUID, exposing emails, user IDs, r...
CVE-2026-56251
Capgo before 12.128.2 contains a broken row-level security policy in the org_users table that can let authenticated users elevate privileges from admin to super_admin due to insufficient RLS enforcement, enabling unauthorized super_admin access and system compromise. The issue is documented with ...
CVE-2026-56239
Capgo CVE-2026-56239 affects Capgo before 12.128.2. The vulnerability lies in the public.apply_usage_overage SECURITY DEFINER function, which performs billing operations without validating authorization (no auth.uid(), org membership, or check_min_rights). Because the function runs with the owner...
CVE-2026-56242
Technical details beyond the provided description are not publicly available in the supplied documents. Monitor for updates for vulnerability specifics, affected versions, impact, and remediations.
CVE-2026-56236
CVE-2026-56236 affects Capgo CLI prior to 12.128.2. The issue is arbitrary file overwrite in login and build credentials operations that follow symlinks without validation. An attacker can place malicious symlinks in a repository to overwrite arbitrary files or expose credentials with world-reada...
CVE-2026-56229
Capgo before 12.128.2 has an authorization bypass in /build/status and /build/logs that lets an attacker access build jobs from other apps by mixing app_id and job_id. Limited API keys scoped to one app can read status/logs across apps by using an authorized app_id with a job_id from another app,...
CVE-2025-71378
The CVE-2025-71378 entry concerns picklescan before 0.0.30 failing to detect cProfile.runctx calls in pickle file reduce methods. This allows a attacker-supplied, malicious pickle file to execute arbitrary code when loaded via pickle.load(), i.e., a remote code execution scenario. The issue is de...
CVE-2025-71357
CVE-2025-71357 affects the Python package picklescan older than 0.0.30. The vulnerability arises from using idlelib.pyshell.ModifiedInterpreter.runcommand in reduce methods, allowing attackers to embed code in pickle files that can execute remote commands when loaded by a victim. The connected so...
CVE-2025-71351
CVE-2025-71351 affects picklescan prior to version 0.0.25. The vulnerability arises because timeit.timeit() calls used in the reduce method are not detected by the tool, allowing crafted pickle payloads to bypass detection and trigger remote code execution when pickle.load() is performed. Attacke...
CVE-2025-71348
CVE-2025-71348 affects the picklescan utility (pre-0.0.28) where malicious pickle payloads can invoke torch.utils._config_module.load_config during unpickling, bypassing detection and enabling remote code execution in supply-chain contexts. Documents describe a bypass in reduce methods that allow...
CVE-2026-12799
The CVE-2026-12799 entry concerns BerriAI litellm up to version 1.82.2. The vulnerability affects the function ui_view_users in litellm/proxy/management_endpoints/internal_user_endpoints.py (component: Incomplete Fix CVE-2025-0628) and enables improper authorization. The issue can be exploited re...
CVE-2026-12798
CVE-2026-12798 affects BerriAI litellm up to 1.82.2, specifically the MCP OpenAPI Spec Loader’s load_openapi_spec_async function. The root cause is manipulation of the spec_path argument allowing server-side request forgery, which can be triggered remotely. The description notes that the exploit ...
CVE-2026-12797
Technical details about CVE-2026-12797 are not publicly available in the provided documents. Monitor for updates from official advisories and vendor notices to obtain affected products, vulnerable components, and remediation information.
CVE-2026-12796
Affected software/impact: BerriAI litellm (up to version 1.82.2), specifically the get_redirect_response_from_openid function in litellm/proxy/management_endpoints/ui_sso.py of the SSO Authentication Flow. Root cause / vulnerability detail: The description states that manipulation leads to sessio...
CVE-2026-12795
CVE-2026-12795 affects BerriAI litellm up to version 1.82.2 in the SSO Debug Flow component. The vulnerability concerns the function json.dumps within litellm/proxy/management_endpoints/ui_sso.py, where manipulation can lead to missing authentication. The issue is exploitable remotely and has had...
CVE-2026-12789
The CVE concerns ILIAS Learning Management System 11.0. The vulnerability affects the function ilTrQuery::executeQueries (file: components/ILIAS/Tracking/classes/class.ilTrQuery.php) in the Learning Progress Tracking component. The issue arises from manipulation of the troup_table_nav argument, l...
CVE-2026-12788
CVE-2026-12788 affects zhilink 智互联(深圳)科技有限公司的 ADP Application Developer Platform 1.0.0. A vulnerability exists in the XML Parser component, specifically in the file /adpweb/a/base/barcodeDetail/import, allowing an XML External Entity (XXE) reference. The issue could be triggered remotely, and the...
CVE-2026-12787
Technical details (affected product/version, root cause, remediation) are not provided in the supplied documents; monitor for updates.
CVE-2026-12786
The CVE-2026-12786 entry concerns Ezbsystems UltraISO Premium Edition up to version 9.76. It targets an issue in the kernel driver component bootpt64.sys where an unknown functionality allows improper access controls. The attack requires local access, and the exploit has been publicly disclosed. ...
CVE-2026-12784
CVE-2026-12784 affects IM-Magic Partition Resizer (kernel driver) up to version 7.9.0. A weakness in the MDA_NTDRV.sys library function leads to improper access controls. The vulnerability requires local access and has a publicly available exploit. The vendor was contacted but did not respond. No...
CVE-2026-52911
Technical details are not publicly available in the provided documents; monitor for updates.
CVE-2026-12782
The CVE-2026-12782 entry concerns EaseUS Partition Master (up to 14.5). The affected component is EUEDKEPM.sys (Kernel Driver); a flaw in an unknown function leads to improper access controls. It requires local access to exploit, and an exploit has been publicly released. Impact is described as h...
CVE-2026-12781
CVE-2026-12781 affects EaseUS Partition Master up to 14.5. The flaw is in the kernel driver epmntdrv.sys, in an unknown function, enabling local, low-privilege access to escalate due to improper access control. Exploitation is publicly available and has been demonstrated as a local-facing vulnera...
CVE-2026-12780
AOMEI Backupper Kernel Driver amwrtdrv.sys (library within the Kernel Driver) up to version 8.3.0 is affected. The vulnerability enables local privilege escalation via improper access control in amwrtdrv.sys. Exploitation is local and reportedly has public disclosure; no exploit vector details ar...
CVE-2026-12779
CVE-2026-12779 affects AOMEI Dynamic Disk Manager up to version 10.10.1, specifically its Kernel Driver component ddmdrv.sys. The issue arises from improper access controls in a local-processing path within the ddmdrv.sys library. The vulnerability is locally exploitable, with an exploit publicly...
CVE-2026-12778
The CVE-2026-12778 entry concerns AOMEI Partition Assistant up to version 10.10.1, specifically the kernel driver library ampa10.sys. The vulnerability is described as an improper access control issue in a kernel component, exploitable via a local attack. The description indicates that the exploi...
CVE-2026-12776
Montodel House-Rental-Management is affected by an SQL injection in /index.php?page=houses triggered by manipulating the ID parameter. The flaw affects the application as a whole with a remote-access exploit published and the vendor pursuing a rolling-release strategy, making exact affected versi...
CVE-2026-12775
CVE-2026-12775 affects Montodel House-Rental-Management, with the vulnerability in the /login.php script. The issue arises from manipulating the Username argument, which leads to an SQL injection. Attacks can be conducted remotely, and public exploitation is indicated. The affected software uses ...
CVE-2026-12774
CVE-2026-12774 affects BerriAI litellm up to 1.82.2. The vulnerability targets the function _execute_with_mcp_client in litellm/proxy/_experimental/mcp_server/rest_endpoints.py (MCP Server Connection Testing). It enables server‑side request forgery through manipulation of this component, with rem...
CVE-2026-12773
CVE-2026-12773 affects BerriAI litellm MCP Proxy up to version 1.59.8. The weakness lies in the UserAPIKeyAuth function (litellm/proxy/_experimental/mcp_server/auth/user_api_key_auth_mcp.py) of the MCP Proxy component, where improper authentication can be triggered by remote manipulation. The des...
CVE-2026-12772
CVE-2026-12772 affects BerriAI litellm up to 1.82.2, impacting the authenticate_user path in litellm/proxy/auth/login_utils.py for the PROXY_ADMIN database API Key Generator. Description indicates that manipulating input can cause session expiration and that the issue can be exploited remotely; e...
CVE-2026-12771
CVE-2026-12771 affects BerriAI litellm up to 1.82.2. The vulnerability is tied to an unknown function in litellm/proxy/auth/user_api_key_auth.py within the M2M JWT Handler and leads to improper authorization. It can be exploited remotely with high attack complexity (CVSS 4.0/AV:N/AC:H/PR:L/UI:N/S...
CVE-2026-12770
CVE-2026-12770 affects BerriAI litellm up to version 1.63.1. The vulnerability resides in an unknown function within litellm/proxy/management_endpoints/key_management_endpoints.py, in the Admin Key Handler component, causing improper authorization. It is exploitable remotely, and public exploitat...
CVE-2026-55888
Technical details for CVE-2026-55888 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-55889
Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-55889.
CVE-2026-12802
CVE-2026-12802 is a reserved entry that will be published in conjunction with Bouncy Castle 1.85. The PT-Security entry states that Bouncy Castle and GnuPG have acknowledged and fixed the reported issues; the vulnerability details are not provided here beyond the fix association. No exploit speci...
CVE-2026-32641
Technical details for CVE-2026-32641 are not publicly available in the provided documents. No affected products, versions, or fixes are disclosed; monitor for updates.
CVE-2026-77111
Technical details for CVE-2026-77111 are not publicly available in the provided documents; no affected products, root cause, or fix are stated. Monitor for updates.
CVE-2025-90081
Technical details for CVE-2025-90081 are not publicly available in the provided documents. The entry appears reserved with no disclosed impact, vectors, or fix. Monitor for updates from CIRCL sighting and any additional disclosures.
CVE-2026-56355
CVE-2026-56355 affects GNU Savannah Administration Savane up to version 3.17. The connected documents describe an authorization issue caused by using untrusted data in the authorization path. No explicit exploit vectors, impact details, or remediation/fixes are provided in the documents. Technica...
CVE-2026-56347
CVE-2026-56347 affects the AVideo TopMenu plugin up to version 26.0. The issue is a stored cross-site scripting vulnerability in menu item rendering caused by missing output encoding of icon classes, URLs, and text labels. Attackers can inject malicious JavaScript through unescaped menu item fiel...
CVE-2026-56346
CVE-2026-56346 affects AVideo up to version 25.0, with an authentication bypass in the decryptMessage.json.php endpoint that lets unauthenticated users decrypt PGP messages. Remote attackers can submit private keys, ciphertext, and passphrases to trigger server-side decryption without credentials...
CVE-2026-56345
AVideo 29.0 contains an authorization bypass via the Meet plugin's uploadRecordedVideo.json.php endpoint. The vulnerability derives the target users_id from the uploaded filename without verification, allowing a crafted file (e.g., filename like 1-anything.mp4) to trigger passwordless User->lo...
CVE-2026-56342
AVideo
CVE-2026-56340
vLLM versions >= 0.10.2 and