Lucene search
K
CvelistRecent

363414 matches found

Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-14628 NousResearch hermes-agent Live Webhook Endpoint base.py extract_media path traversal

A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...

6.9CVSS0.00551EPSS
Exploits1References5
Cvelist
Cvelist
added 2 days ago35 views

CVE-2025-13475 Cross-Tenant Access via Application Consent Mismanagement in Multiple WSO2 Products Allows Unauthorized Data Exposure

In multi-tenanted deployments, the application consent management mechanism fails to correctly isolate consent scopes between tenants. Consent granted by a user for a specific SaaS application within one tenant can be incorrectly applied to SaaS applications with the same name in other tenants,...

3.5CVSS0.00146EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-14627 NousResearch hermes-agent Discord Platform Integration discord.py DiscordAdapter._is_allowed_user improper authentication

A security vulnerability has been detected in NousResearch hermes-agent up to 0.15.2. This affects the function DiscordAdapter.isalloweduser of the file gateway/platforms/discord.py of the component Discord Platform Integration. Such manipulation leads to improper authentication. The attack can b...

6.3CVSS0.00369EPSS
Exploits0References5
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-12196 HestiaCP Admin Takeover

HestiaCP panel cronjob feature is affected by a broken access control vulnerability. Low privilege users can modify the panel cronjob to execute scripts HestiaCP management scripts with passwordless sudo. This could result in the takeover of administrator users in the application and the underlyi...

8.3CVSS0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-14626 NousResearch hermes-agent HTTP API run_agent.py AIAgent.run_conversation denial of service

A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. The impacted element is the function AIAgent.runconversation of the file runagent.py of the component HTTP API. This manipulation of the argument todos causes denial of service. The attack can be initiated remotely. The...

5.3CVSS0.00277EPSS
Exploits0References5
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-53362 ipv6: account for fraggap on the paged allocation path

In the Linux kernel, the following vulnerability has been resolved: ipv6: account for fraggap on the paged allocation path In ip6appenddata, when the paged-allocation branch is taken MSGMORE / NETIFFSG / large fraglen, alloclen and pagedlen are computed as alloclen = fragheaderlen + transhdrlen;...

0.00176EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-53361 af_unix: Set gc_in_progress to true in unix_gc().

In the Linux kernel, the following vulnerability has been resolved: afunix: Set gcinprogress to true in unixgc. Igor Ushakov reported that unixgc could run with gcinprogress being false if the work is scheduled while running: Thread 1 Thread 2 Thread 3 -------- -------- -------- unixschedulegc...

0.00171EPSS
Exploits0References4
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-53360 KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use As per the GHCB spec, when using GHCB v2+ require the software scratch area to reside in the GHCB's shared buffer. Note, things like Page State Change PSC requests rely...

0.00267EPSS
Exploits0References4
Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-53359 KVM: x86: Fix shadow paging use-after-free due to unexpected role

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected role Commit 0cb2af2ea66ad "KVM: x86: Fix shadow paging use-after-free due to unexpected GFN" fixed a shadow paging mismatch between stored and computed GFNs; the bug...

0.00176EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago31 views

CVE-2026-12195

myVesta is affected by an authenticated remote code execution vulnerability. Low privileged users can insert arbitrary commands as a part of the vftpuser parameter when deleting FTP usernames. This could result in the execution of commands as the admin user or takevoer of the admin user in myVest...

8.5CVSS0.00656EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-14625 NousResearch hermes-agent server.py shell.exec protection mechanism

A security flaw has been discovered in NousResearch hermes-agent up to 0.15.2. The affected element is the function shell.exec of the file tuigateway/server.py. The manipulation results in protection mechanism failure. It is possible to launch the attack remotely. The exploit has been released to...

6.5CVSS0.00224EPSS
Exploits0References5
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-14624 omec-project amf NGSetupRequest handler.go denial of service

A vulnerability was identified in omec-project amf up to 2.0.2/2.1.1. Impacted is an unknown function of the file /go/src/amf/ngap/handler.go of the component NGSetupRequest Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit is public...

5.3CVSS0.00317EPSS
Exploits0References8
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-14623 omec-project amf NGAP Message RRCInactiveTransitionReport denial of service

A vulnerability was determined in omec-project amf up to 2.1.1. This issue affects the function RRCInactiveTransitionReport of the component NGAP Message Handler. Executing a manipulation can lead to denial of service. The attack may be performed from remote. The exploit has been publicly disclos...

5.3CVSS0.00522EPSS
Exploits0References8
Cvelist
Cvelist
added 2 days ago37 views

CVE-2026-14622 jairiidriss restaurant-website-php-mysql AJAX Endpoint ajax_files missing authentication

A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajaxfiles of the component AJAX Endpoint. Performing a manipulation results in missing authentication. The attack is...

7.5CVSS0.00517EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago27 views

CVE-2026-14621 FederatedAI FATE OSX Broker QueuePushReqStreamObserver.java QueuePushReqStreamObserver.initEggroll wrong session

A vulnerability has been found in FederatedAI FATE up to 2.2.0. This affects the function QueuePushReqStreamObserver.initEggroll of the file java/osx/osx-broker/src/main/java/org/fedai/osx/broker/grpc/QueuePushReqStreamObserver.java of the component OSX Broker. Such manipulation of the argument...

3.1CVSS0.00299EPSS
Exploits0References7
Cvelist
Cvelist
added 2 days ago37 views

CVE-2026-12194 PHPIPAM Authenticated LFI

PHPIPAM is affected by an authenticated local file inclusion vulnerability that allows users with access to the API to execute/include arbitrary PHP files on the web server's file system. The API is not enabled by default on installations...

2.3CVSS0.00378EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-14619 itsourcecode Hospital Management System medicine.php sql injection

A flaw has been found in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /medicine.php. This manipulation of the argument editid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and ma...

6.5CVSS0.002EPSS
Exploits0References6
Cvelist
Cvelist
added 2 days ago39 views

CVE-2026-14618 Open5GS AMF nnrf-handler.c amf_nnrf_handle_nf_discover denial of service

A vulnerability was detected in Open5GS up to 2.7.7. Affected by this vulnerability is the function amfnnrfhandlenfdiscover of the file src/amf/nnrf-handler.c of the component AMF. The manipulation results in denial of service. The attack may be launched remotely. The exploit is now public and ma...

5.3CVSS0.00316EPSS
Exploits0References8
Cvelist
Cvelist
added 2 days ago36 views

CVE-2025-71375 picklescan - Undetected Remote Code Execution via _operator.methodcaller

picklescan before 0.0.34 fails to detect the operator.methodcaller built-in function when scanning pickle files for malicious code. Attackers can craft malicious pickle payloads using operator.methodcaller that evade detection and execute arbitrary code when loaded by pickle.load...

8.1CVSS0.00365EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago40 views

CVE-2025-71380 n8n - Arbitrary Command Execution via Execute Command Node

The Execute Command node in n8n allows authenticated users to execute arbitrary commands on the host system where n8n runs. Attackers with user access or compromised credentials can exploit this node to run malicious commands, potentially leading to data exfiltration, service disruption, or...

8.8CVSS0.00413EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago36 views

CVE-2025-71373 picklescan - Remote Code Execution via operator.methodcaller Detection Bypass

picklescan before 0.0.33 fails to detect operator.methodcaller function calls in pickle files, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle payloads using operator.methodcaller that execute arbitrary code when loaded, compromising systems relying on...

8.1CVSS0.00444EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago36 views

CVE-2025-71372 Picklescan - Arbitrary Code Execution via numpy.f2py.crackfortran.getlincoef Gadget

Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle reduce methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded, bypassing Picklescan's safety checks and enabling...

8.1CVSS0.00379EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago36 views

CVE-2025-71369 picklescan - Unsafe Deserialization via torch.utils.data.datapipes.utils.decoder.basichandlers

picklescan before 0.0.28 fails to detect malicious pickle files that use torch.utils.data.datapipes.utils.decoder.basichandlers in reduce methods, allowing attackers to bypass safety checks. Remote attackers can embed undetected malicious code in pickle files that executes during deserialization,...

8.1CVSS0.00445EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago31 views

CVE-2025-71367 picklescan - Remote Code Execution via _operator.attrgetter Detection Bypass

picklescan before 0.0.34 fails to detect operator.attrgetter function calls in pickle payloads, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle files using operator.attrgetter in reduce methods to execute arbitrary code when pickle.load processes the file...

8.1CVSS0.00445EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago35 views

CVE-2025-71366 picklescan - Arbitrary Code Execution via torch.utils.bottleneck.__main__.run_cprofile

picklescan before 0.0.28 fails to detect malicious torch.utils.bottleneck.main.runcprofile function calls in pickle files, allowing attackers to bypass safety checks. Remote attackers can embed undetected code in pickle files to achieve arbitrary code execution when victims load the files...

8.1CVSS0.00445EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago28 views

CVE-2025-71364 picklescan - Arbitrary Code Execution via Undetected asyncio.unix_events._UnixSubprocessTransport._start

picklescan before 0.0.30 fails to detect the asyncio.unixevents.UnixSubprocessTransport.start function in pickle reduce methods, allowing remote code execution. Attackers can craft malicious pickle files embedding this built-in function that evade detection but execute arbitrary commands when...

8.1CVSS0.00555EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago28 views

CVE-2025-71362 picklescan - Arbitrary Code Execution via Unsafe Deserialization in numpy.f2py.crackfortran

picklescan before 0.0.33 fails to detect unsafe deserialization when numpy.f2py.crackfortran functions call eval on arbitrary strings. Attackers can embed malicious code in pickle files that executes when loaded from untrusted sources...

8.1CVSS0.003EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago32 views

CVE-2025-71360 picklescan - Remote Code Execution via Undetected idlelib.calltip.get_entity

picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.calltip.getentity function in reduce methods. Attackers can embed undetected code in pickle files that executes remote commands when loaded by victims...

8.1CVSS0.003EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago40 views

CVE-2025-71359 picklescan - Unsafe Deserialization via lib2to3.pgen2.grammar.Grammar.loads

picklescan before 0.0.29 fails to detect malicious pickle payloads that utilize lib2to3.pgen2.grammar.Grammar.loads in the reduce method, allowing remote code execution. Attackers can craft pickle files embedding dangerous code that evades picklescan detection and executes during pickle.load...

8.1CVSS0.00427EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago32 views

CVE-2025-71356 picklescan - Arbitrary Code Execution via torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression

picklescan before 0.0.28 fails to detect malicious torch.fx.experimental.symbolicshapes.ShapeEnv.evaluateguardsexpression function calls in pickle files. Attackers can embed undetected code in pickle files that executes remote code when loaded by victims...

8.1CVSS0.003EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago35 views

CVE-2025-71353 picklescan - Remote Code Execution via torch._dynamo.guards.GuardBuilder.get

picklescan before 0.0.28 fails to detect malicious pickle files that exploit torch.dynamo.guards.GuardBuilder.get function in reduce methods. Attackers can craft pickle files with embedded code that evades picklescan detection and executes arbitrary commands when loaded...

8.1CVSS0.003EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago28 views

CVE-2025-71345 picklescan - Arbitrary Code Execution via torch.utils.bottleneck.__main__.run_autograd_prof

picklescan before 0.0.30 fails to detect malicious pickle files that invoke torch.utils.bottleneck.main.runautogradprof function. Attackers can embed undetected code in pickle files that executes during deserialization, enabling remote code execution...

8.1CVSS0.00427EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago32 views

CVE-2025-71347 picklescan - Undetected Remote Code Execution via numpy.f2py.crackfortran.param_eval

picklescan before 0.0.33 fails to detect malicious pickle files using numpy.f2py.crackfortran.parameval function in reduce methods, allowing attackers to bypass security checks. Remote attackers can embed undetected code in pickle files that executes during deserialization, enabling arbitrary cod...

8.1CVSS0.00445EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago35 views

CVE-2025-71343 picklescan - Arbitrary Code Execution via lib2to3.pgen2.pgen.ParserGenerator.make_label Detection Bypass

picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib2to3.pgen2.pgen.ParserGenerator.makelabel function in the reduce method. Attackers can craft malicious pickle files with embedded code that evades detection but executes arbitrary commands when pickle.load is called...

8.1CVSS0.003EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago35 views

CVE-2025-71342 picklescan - Undetected Remote Code Execution via idlelib.run.Executive.runcode

picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.run.Executive.runcode in reduce methods. Attackers can embed undetected code in pickle files that executes during pickle.load, enabling remote code execution in PyTorch models and supply chain attacks...

8.1CVSS0.00427EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago29 views

CVE-2026-12252 Untrusted JAR Code Execution in Multiple Stanford Interface Classes in nltk/nltk

In nltk/nltk versions 3.9.3 and earlier, five Stanford interface classes StanfordPOSTagger, StanfordNERTagger, StanfordParser, StanfordDependencyParser, and StanfordNeuralDependencyParser are vulnerable to untrusted JAR code execution. These classes accept user-controllable JAR paths and execute...

7.8CVSS0.0015EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-54424

An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through v2026-05-04.0. The patched version is Parsec for Windows version 150-104a. A user can generate a situation where there is an instance o...

8.4CVSS0.00245EPSS
Exploits1References4
Cvelist
Cvelist
added 3 days ago36 views

CVE-2026-14617 NousResearch hermes-agent Streaming Reasoning Tag Filter stream_consumer.py GatewayStreamConsumer._filter_and_accumulate case sensitivity

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer.filterandaccumulate of the file gateway/streamconsumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case...

3.1CVSS0.00237EPSS
Exploits0References8
Cvelist
Cvelist
added 3 days ago35 views

CVE-2026-58523 Microsoft Edge for Android Security Feature Bypass Vulnerability

...

6.5CVSS0.00497EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-14611 DeepMyst Mysti Per-Project Auto-Memory MemoryManager.ts initProjectMemory exposure of resource

A vulnerability has been found in DeepMyst Mysti up to 0.4.0. The affected element is the function initProjectMemory of the file src/managers/MemoryManager.ts of the component Per-Project Auto-Memory Handler. Such manipulation of the argument workspacePath leads to exposure of resource. The attac...

5.3CVSS0.00253EPSS
Exploits0References8
Cvelist
Cvelist
added 3 days ago47 views

CVE-2026-14355 ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS0.00276EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-58426 Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write

Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write...

9.6CVSS0.00177EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-58423 LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories

LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories...

7.7CVSS0.0031EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-58422 Improper authorization on OAuth sign-in callback silently re-enables administrator-disabled accounts

Improper authorization on OAuth sign-in callback silently re-enables administrator-disabled accounts...

0.00162EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago30 views

CVE-2026-58424 Permanent Fork PR Workflow Approval Gate Bypass

Permanent Fork PR Workflow Approval Gate Bypass...

8.9CVSS0.00201EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-58418 SSRF via HTTP Redirect in Repository Migration

SSRF via HTTP Redirect in Repository Migration...

6.5CVSS0.00243EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-58419 Notification API leaks private issue metadata after access revocation

Notification API leaks private issue metadata after access revocation...

0.00171EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-58421 Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service

Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service...

0.00162EPSS
Exploits0References4
Cvelist
Cvelist
added 3 days ago33 views

CVE-2026-14610 Open Asset Import Library Assimp CSM File CSMLoader.cpp InternReadFile heap-based overflow

A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local...

5.3CVSS0.00128EPSS
Exploits0References8
Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-12481 Deserialization of Untrusted Data in keras-team/keras

A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the Lambda layer. Specifically, the raiseforlambdadeserialization function fails to enforce the safe-mode guard when safemode is set to None, which is the default...

8.8CVSS0.00402EPSS
Exploits0References1
Total number of security vulnerabilities363414