Lucene search
K

417525 matches found

EUVD
EUVD
•added 20 hours ago•6 views

EUVD-2025-210415

picklescan before 0.0.28 fails to detect malicious torch.fx.experimental.symbolicshapes.ShapeEnv.evaluateguardsexpression function calls in pickle files. Attackers can embed undetected code in pickle files that executes remote code when loaded by victims...

8.1CVSS6.2AI score
Exploits0References2
EUVD
EUVD
•added 20 hours ago•6 views

EUVD-2025-210414

picklescan before 0.0.28 fails to detect malicious pickle files that exploit torch.dynamo.guards.GuardBuilder.get function in reduce methods. Attackers can craft pickle files with embedded code that evades picklescan detection and executes arbitrary commands when loaded...

8.1CVSS6.1AI score
Exploits0References2
EUVD
EUVD
•added 20 hours ago•5 views

EUVD-2025-210412

picklescan before 0.0.30 fails to detect malicious pickle files that invoke torch.utils.bottleneck.main.runautogradprof function. Attackers can embed undetected code in pickle files that executes during deserialization, enabling remote code execution...

8.1CVSS6.3AI score
Exploits0References2
EUVD
EUVD
•added 20 hours ago•5 views

EUVD-2025-210413

picklescan before 0.0.33 fails to detect malicious pickle files using numpy.f2py.crackfortran.parameval function in reduce methods, allowing attackers to bypass security checks. Remote attackers can embed undetected code in pickle files that executes during deserialization, enabling arbitrary cod...

8.1CVSS6.6AI score
Exploits0References2
EUVD
EUVD
•added 20 hours ago•5 views

EUVD-2025-210411

picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib2to3.pgen2.pgen.ParserGenerator.makelabel function in the reduce method. Attackers can craft malicious pickle files with embedded code that evades detection but executes arbitrary commands when pickle.load is called...

8.1CVSS6.1AI score
Exploits0References2
EUVD
EUVD
•added 20 hours ago•5 views

EUVD-2025-210410

picklescan before 0.0.30 fails to detect malicious pickle files using idlelib.run.Executive.runcode in reduce methods. Attackers can embed undetected code in pickle files that executes during pickle.load, enabling remote code execution in PyTorch models and supply chain attacks...

8.1CVSS6.6AI score
Exploits0References2
EUVD
EUVD
•added 20 hours ago•5 views

EUVD-2026-41656

In nltk/nltk versions 3.9.3 and earlier, five Stanford interface classes StanfordPOSTagger, StanfordNERTagger, StanfordParser, StanfordDependencyParser, and StanfordNeuralDependencyParser are vulnerable to untrusted JAR code execution. These classes accept user-controllable JAR paths and execute...

10CVSS7.8AI score0.00777EPSS
Exploits3References1
EUVD
EUVD
•added 21 hours ago•5 views

EUVD-2026-41655

An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through v2026-05-04.0. The patched version is Parsec for Windows version 150-104a. A user can generate a situation where there is an instance o...

8.4CVSS6AI score
Exploits1References4
EUVD
EUVD
•added 21 hours ago•7 views

EUVD-2026-41654

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. Affected is the function GatewayStreamConsumer.filterandaccumulate of the file gateway/streamconsumer.py of the component Streaming Reasoning Tag Filter. The manipulation leads to improper handling of case...

3.1CVSS5.1AI score
Exploits0References9
EUVD
EUVD
•added 21 hours ago•4 views

EUVD-2026-41653

Improper access control in Microsoft Edge for Android allows an unauthorized attacker to bypass a security feature over a network...

6.5CVSS5.9AI score
Exploits0References2
EUVD
EUVD
•added yesterday•4 views

EUVD-2026-41610

A vulnerability has been found in DeepMyst Mysti up to 0.4.0. The affected element is the function initProjectMemory of the file src/managers/MemoryManager.ts of the component Per-Project Auto-Memory Handler. Such manipulation of the argument workspacePath leads to exposure of resource. The attac...

5.3CVSS5.5AI score
Exploits0References8
EUVD
EUVD
•added yesterday•5 views

EUVD-2026-41609

In PHP versions 8.2. before 8.2.32, 8.3. before 8.3.32, 8.4. before 8.4.23, 8.5. before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without...

5.6CVSS6.1AI score
Exploits0References1
EUVD
EUVD
•added yesterday•5 views

EUVD-2026-41608

Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write...

9.6CVSS5.9AI score
Exploits0References4
EUVD
EUVD
•added yesterday•4 views

EUVD-2026-41605

Improper authorization on OAuth sign-in callback silently re-enables administrator-disabled accounts...

5.9AI score
Exploits0References4
EUVD
EUVD
•added yesterday•3 views

EUVD-2026-41607

Permanent Fork PR Workflow Approval Gate Bypass...

8.9CVSS5.9AI score
Exploits0References4
EUVD
EUVD
•added yesterday•4 views

EUVD-2026-41606

LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories...

7.7CVSS5.9AI score
Exploits0References4
EUVD
EUVD
•added yesterday•4 views

EUVD-2026-41604

Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service...

5.9AI score
Exploits0References4
EUVD
EUVD
•added yesterday•3 views

EUVD-2026-41603

Notification API leaks private issue metadata after access revocation...

5.9AI score
Exploits0References4
EUVD
EUVD
•added yesterday•4 views

EUVD-2026-41602

SSRF via HTTP Redirect in Repository Migration...

6.5CVSS5.9AI score
Exploits0References4
EUVD
EUVD
•added yesterday•3 views

EUVD-2026-41601

A flaw has been found in Open Asset Import Library Assimp up to 6.0.5. Impacted is the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. This manipulation causes heap-based buffer overflow. The attack is restricted to local...

5.3CVSS6.2AI score
Exploits0References8
EUVD
EUVD
•added yesterday•4 views

EUVD-2026-41600

A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the Lambda layer. Specifically, the raiseforlambdadeserialization function fails to enforce the safe-mode guard when safemode is set to None, which is the default...

8.8CVSS7.7AI score
Exploits0References1
EUVD
EUVD
•added yesterday•6 views

EUVD-2026-41599

Operation on a resource after expiration or release in Microsoft Edge Chromium-based allows an unauthorized attacker to disclose information over a network...

6.1CVSS5.9AI score
Exploits0References1
EUVD
EUVD
•added yesterday•7 views

EUVD-2026-41598

Microsoft Edge Chromium-based Spoofing Vulnerability...

6.5CVSS5.9AI score
Exploits0References1
EUVD
EUVD
•added yesterday•5 views

EUVD-2026-41597

Insufficient ui warning of dangerous operations in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

4.3CVSS6AI score
Exploits0References1
EUVD
EUVD
•added yesterday•5 views

EUVD-2026-41596

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

5.4CVSS6AI score
Exploits0References1
EUVD
EUVD
•added yesterday•6 views

EUVD-2026-41595

Absolute path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally...

6.2CVSS5.8AI score
Exploits0References1
EUVD
EUVD
•added yesterday•5 views

EUVD-2026-41594

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

7.2CVSS6AI score
Exploits0References1
EUVD
EUVD
•added yesterday•6 views

EUVD-2026-41592

Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network...

7.1CVSS5.9AI score
Exploits0References1
EUVD
EUVD
•added yesterday•6 views

EUVD-2026-41593

Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network...

7.1CVSS5.9AI score
Exploits0References1
EUVD
EUVD
•added yesterday•5 views

EUVD-2026-41591

Access of resource using incompatible type 'type confusion' in Microsoft Edge Chromium-based allows an unauthorized attacker to bypass a security feature over a network...

8.3CVSS5.9AI score
Exploits0References1
EUVD
EUVD
•added yesterday•6 views

EUVD-2026-41590

Use after free in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

7.5CVSS6.1AI score
Exploits0References1
EUVD
EUVD
•added yesterday•5 views

EUVD-2026-41589

External control of file name or path in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.1CVSS6.1AI score
Exploits0References1
EUVD
EUVD
•added yesterday•7 views

EUVD-2026-41588

Improper input validation in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

7.5CVSS6.1AI score
Exploits0References1
EUVD
EUVD
•added yesterday•5 views

EUVD-2026-41587

Access of resource using incompatible type 'type confusion' in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

7.5CVSS6.1AI score
Exploits0References1
EUVD
EUVD
•added yesterday•7 views

EUVD-2026-41586

Access of resource using incompatible type 'type confusion' in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

9CVSS6.1AI score
Exploits0References1
EUVD
EUVD
•added yesterday•7 views

EUVD-2026-41584

Improper access control in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

8.1CVSS6AI score
Exploits0References1
EUVD
EUVD
•added yesterday•5 views

EUVD-2026-41585

Use after free in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.3CVSS6.1AI score
Exploits0References1
EUVD
EUVD
•added yesterday•5 views

EUVD-2026-41583

Access of resource using incompatible type 'type confusion' in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.3CVSS6.1AI score
Exploits0References1
EUVD
EUVD
•added yesterday•7 views

EUVD-2026-41580

Use after free in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

7.5CVSS6.1AI score
Exploits0References1
EUVD
EUVD
•added yesterday•6 views

EUVD-2026-41581

Server-side request forgery ssrf in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

5.4CVSS6AI score
Exploits0References1
EUVD
EUVD
•added yesterday•6 views

EUVD-2026-41582

Improper authorization in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.3CVSS6.1AI score
Exploits0References1
EUVD
EUVD
•added yesterday•7 views

EUVD-2026-41579

Improper link resolution before file access 'link following' in Microsoft Edge Chromium-based allows an unauthorized attacker to disclose information over a network...

7.4CVSS5.9AI score
Exploits0References1
EUVD
EUVD
•added yesterday•5 views

EUVD-2026-41578

Use after free in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

7.5CVSS6.1AI score
Exploits0References1
EUVD
EUVD
•added yesterday•5 views

EUVD-2026-41577

Use after free in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.8CVSS6.1AI score
Exploits0References1
EUVD
EUVD
•added yesterday•3 views

EUVD-2026-41576

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

7.1CVSS6AI score
Exploits0References1
EUVD
EUVD
•added yesterday•4 views

EUVD-2026-41575

Integer overflow or wraparound in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.8CVSS6.1AI score
Exploits0References1
EUVD
EUVD
•added yesterday•4 views

EUVD-2026-41574

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

5.4CVSS6AI score
Exploits0References1
EUVD
EUVD
•added yesterday•6 views

EUVD-2026-41573

Relative path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally...

6.8CVSS5.8AI score
Exploits0References1
EUVD
EUVD
•added yesterday•6 views

EUVD-2026-41572

Time-of-check time-of-use toctou race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network...

7.5CVSS6.1AI score
Exploits0References1
EUVD
EUVD
•added yesterday•6 views

EUVD-2026-41571

Use after free in Microsoft Edge Chromium-based allows an unauthorized attacker to execute code over a network...

8.3CVSS6.1AI score
Exploits0References1
Total number of security vulnerabilities417525