Lucene search
K

420705 matches found

EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-44842

A flaw was found in libsolv. A stack-based buffer overflow vulnerability exists in the PGP verification component due to incorrect length handling when copying EdDSA 's' MPI into a stack buffer. A remote attacker could craft a malicious Ed25519 PGP signature with mismatched MPI lengths. Processin...

7.5CVSS6.2AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-44823

PlaywrightCapture stored capture-specific configuration and runtime data as mutable class-level variables rather than instance-level variables. Consequently, multiple Capture objects running within the same Python process could share state, including HTTP headers, cookies, browser storage, HTTP...

7.1CVSS6.1AI score
Exploits0References2
EUVD
EUVD
added 1 hour ago5 views

EUVD-2026-44837

A flaw has been found in H3C SecPath F1000-C8300 up to 20260522. This impacts an unknown function of the file /webui/?g=logfwnbcmailjsondata. Executing a manipulation of the argument subject can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be...

7.5CVSS6.7AI score
Exploits0References6
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-44841

A flaw was found in Keycloak. When the JSON Web Token JWT authorization grant preview feature is enabled and a user account is disabled, Keycloak fails to validate the user’s disabled status during JWT authorization grant processing. A remote attacker with low privileges can exploit this improper...

8.1CVSS6.1AI score
Exploits0References4
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-44840

A flaw was found in QEMU. This vulnerability allows a local attacker within a guest virtual machine to write data beyond its allocated memory. This occurs when cpuphysicalmemorymap returns a shorter length than expected, leading to an out-of-bounds write. Successful exploitation could result in...

7.8CVSS6.9AI score
Exploits0References2
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-44839

A vulnerability has been found in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected is an unknown function of the file proses/add.php. The manipulation of the argument kdcs leads to authorization bypass. The attack is possible to be carried out remotely. This produ...

6.5CVSS6.3AI score
Exploits0References4
EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-44838

A vulnerability was identified in the Feast Feature Server's /ws/chat endpoint that allows remote attackers to establish persistent WebSocket connections without any authentication. By opening a large number of simultaneous connections, an attacker can exhaust server resources—such as memory, CPU...

7.5CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added yesterday3 views

EUVD-2026-44824

WWBN AVideo is an open source video platform. Versions prior to 29.0 contain a stored DOM Cross-Site Scripting vulnerability in the YPTSocket plugin. Any unauthenticated remote attacker can execute arbitrary JavaScript in the authenticated origin of every administrator currently viewing a page th...

9.6CVSS6.3AI score
Exploits0References2
EUVD
EUVD
added yesterday3 views

EUVD-2026-44822

AdonisJS is a TypeScript-first web framework. From 10.1.3 until 10.1.5 and 11.0.3, AdonisJS @adonisjs/bodyparser incompletely fixed CVE-2026-25754 because nested multipart field payloads such as user.proto.polluted and constructor.prototype still caused lodash .set via @poppinss/utils to create...

8.6CVSS6.1AI score0.00148EPSS
Exploits0References5
EUVD
EUVD
added yesterday3 views

EUVD-2026-44821

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. Prior to 1.17.6, GuiServer::WndHookRegisterSlave in Sandboxie/core/svc/GuiServer.cpp stores attacker-supplied hthread and hproc fields from a GUIWNDHOOKREGISTER request without validating that the thread belongs to the...

7.7CVSS6.4AI score0.00014EPSS
Exploits0References2
EUVD
EUVD
added yesterday3 views

EUVD-2026-44820

Qinglong is a timed task management platform supporting Python3, JavaScript, Shell, and Typescript. Prior to 2.20.1, the init guard middleware in back/loaders/express.ts checks /api/user/init but not /open/user/init, while rewrite'/open/', '/api/$1' rewrites the whitelisted /open/ path after JWT...

9.3CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added yesterday2 views

EUVD-2026-44819

Anubis is a Web AI Firewall Utility that challenges users' connections in order to protect upstream resources from scraper bots. From 1.22.0 until 1.26.0-pre1, lib/policy/checker.go PathChecker.Check trusted the client-controlled X-Original-URI header before matching r.URL.Path, allowing an HTTP...

5.8CVSS6.1AI score
Exploits0References4
EUVD
EUVD
added yesterday3 views

EUVD-2026-44818

Node Version Manager nvm is a POSIX-compliant shell function for managing multiple node.js versions. In versions 0.32.1 through 0.40.5, nvm ls-remote and other commands that refresh remote LTS aliases, such as nvm install --lts parse the node.js mirror's index.tab and use each release's LTS...

3.1CVSS6.4AI score
Exploits0References2
EUVD
EUVD
added yesterday4 views

EUVD-2026-44817

Wekan is open source kanban built with Meteor. Prior to 9.46, header-login with HEADERLOGINTRUSTEDIPS uses getRequestIp in server/lib/headerLoginAuth.js to trust the client-supplied X-Forwarded-For header before the real socket address, allowing an unauthenticated attacker to send HEADERLOGINID f...

9.8CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added yesterday3 views

EUVD-2026-44816

Wekan is open source kanban built with Meteor. Prior to 9.37, Wekan DDP update allow rules in server/permissions/cards.js, server/permissions/lists.js, and server/permissions/swimlanes.js authorize against the stored source boardId and do not validate a new boardId in the update modifier. Any...

8.5CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-44836

WWBN AVideo is an open source video platform. Versions 29.0 and below contain a stored Cross-Site Scripting vulnerability in the YouTubeAPI plugin. The plugin renders the snippet.title field returned by the YouTube Data API into the homepage gallery markup with no HTML encoding. The title is set ...

4.7CVSS6AI score0.00031EPSS
Exploits0References2
EUVD
EUVD
added yesterday4 views

EUVD-2026-44835

Wekan is open source kanban built with Meteor. Prior to 9.35, the Wekan cloneBoard Meteor method in models/import.js uses caller-supplied sourceBoardId to build a board export through models/exporter.js without invoking canExport or checking source-board membership. Any authenticated user who kno...

6.5CVSS6.1AI score0.00026EPSS
Exploits0References3
EUVD
EUVD
added yesterday3 views

EUVD-2026-44834

Wekan is open source kanban built with Meteor. Prior to 9.32, the Wekan Accounts.onCreateUser hook in server/models/users.js merges OIDC logins into existing accounts when the OIDC email or username matches an existing Wekan user, without verifying ownership or checking emailverified. An attacker...

9.2CVSS6.1AI score0.00032EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-44833

Wekan is open source kanban built with Meteor. Prior to 9.32, Wekan OIDC-related Meteor methods in packages/wekan-oidc/oidcserver.js, server/models/org.js, and server/models/team.js are globally callable without the admin authorization checks used by their non-OIDC counterparts. Authenticated use...

7.6CVSS6.1AI score0.00022EPSS
Exploits0References3
EUVD
EUVD
added yesterday3 views

EUVD-2026-44832

Wekan is open source kanban built with Meteor. Prior to 9.32, the Wekan copyBoard Meteor DDP method in server/publications/boards.js copies a board by caller-supplied board ID without checking this.userId, membership, or admin access. Any authenticated user can copy a private board they are not a...

7.1CVSS6.1AI score0.00041EPSS
Exploits0References3
EUVD
EUVD
added yesterday3 views

EUVD-2026-44831

Wekan is open source kanban built with Meteor. Prior to 9.32, Wekan webhook integration URLs in models/integrations.js are stored from user input and later fetched by server/notifications/outgoing.js without applying the existing validateAttachmentUrl private-network checks from...

6.2CVSS6.1AI score0.00018EPSS
Exploits0References3
EUVD
EUVD
added yesterday3 views

EUVD-2026-44830

Wekan is open source kanban built with Meteor. Prior to 9.32, Wekan REST handlers in server/models/customFields.js use read-level Authentication.checkBoardAccess instead of write-level Authentication.checkBoardWriteAccess for mutating custom-field routes. A read-only board member can call POST,...

6.5CVSS6.1AI score0.00049EPSS
Exploits0References3
EUVD
EUVD
added yesterday3 views

EUVD-2026-44829

Wekan is open source kanban built with Meteor. Prior to 9.07, Wekan avatar upload functionality embeds user-supplied filenames into paths later passed to childprocess.exec for MIME-type detection. Because models/avatars.js and models/fileValidation.js used a shell command with the avatar filename...

9.9CVSS6.2AI score0.00257EPSS
Exploits0References3
EUVD
EUVD
added yesterday3 views

EUVD-2026-44828

Wekan is open source kanban built with Meteor. Prior to 9.31, Wekan allows a logged-in board member to insert an attachment document through the /attachments/insert DDP method with attacker-controlled versions.original.path and versions.original.storage fields. The server/permissions/attachments....

7.1CVSS6.2AI score0.00074EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-44827

WWBN AVideo is an open source video platform. Versions prior to 29.0 contain an unauthenticated Reflected XSS vulnerability through AVideo YouTubeAPI Gallery Pagination. The $GET'search' query parameter is concatenated directly into the href attribute of two pagination links in...

6.1CVSS6.3AI score0.00094EPSS
Exploits0References2
EUVD
EUVD
added yesterday3 views

EUVD-2026-44826

MaaAssistantArknights is a one-click tool for daily Arknights tasks. In the current dev-v2 workflow, .github/workflows/release-preparation.yml inlined attacker-controlled github.event.pullrequest.title into a run: shell command during the pullrequest opened, reopened, and readyforreview events, s...

8.8CVSS6.2AI score
Exploits0References2
EUVD
EUVD
added yesterday3 views

EUVD-2026-44825

WWBN AVideo is an open source video platform. Versions 29.0 and below contain a Stored XSS vulnerability through the autoEvalCodeOnHTML parameter in the MessageSQLite WebSocket Handler. The MessageSQLite.php handler only strips autoEvalCodeOnHTML from $json'msg', but msgToResourceId reads from...

7.7CVSS6.3AI score0.0013EPSS
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-44815

listmonk is a standalone, self-hosted, newsletter and mailing list manager. Prior to 6.2.0, listmonk’s GET /api/subscribers/export endpoint injects the user-controlled query parameter into QuerySubscribersForExport in internal/core/subscribers.go without calling validateQueryTables, unlike GET...

5.5CVSS6.2AI score
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-44814

9Router is an AI router & token saver. Prior to 0.5.2, 9Router allows a remote authenticated attacker to achieve arbitrary code execution on the host operating system by combining a Host header bypass of localhost-only routes with unvalidated MCP plugin args passed to childprocess.spawn, allowing...

8.8CVSS6.5AI score
Exploits0References3
EUVD
EUVD
added yesterday5 views

EUVD-2026-44813

9Router is an AI router & token saver. Prior to 0.5.6, the Kiro API-key validation endpoint POST /api/oauth/kiro/api-key builds an upstream URL using a user-controlled region value, allowing an authenticated attacker to supply a crafted region such as kiro-canary.local:8443 and cause 9Router to...

6.4CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added yesterday5 views

EUVD-2026-44812

9Router is an AI router & token saver. Prior to 0.5.4, the PATCH /api/settings endpoint writes the entire request body to persistent settings without a field whitelist, allowing an authenticated user to set security-critical fields such as requireLogin and disable authentication for the whole...

8.7CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added yesterday3 views

EUVD-2026-44811

9Router is an AI router & token saver. In 0.4.45 and earlier, 9Router's src/dashboardGuard.js local-only access gate used Host and Origin headers in isLocalRequest to protect /api/mcp/, /api/tunnel/, and /api/cli-tools/, allowing header spoofing in reverse proxy or tunnel deployments to reach MCP...

7.5CVSS6.1AI score0.00058EPSS
Exploits0References4
EUVD
EUVD
added yesterday4 views

EUVD-2026-44810

WWBN AVideo is an open source video platform. Prior to version 29.0, Privilege Escalation is possible through unguarded permission parameters in signUp API, which allows any user who can solve a CAPTCHA to self-grant elevated permissions during account registration. The setapisignUp method in the...

5.3CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added yesterday3 views

EUVD-2026-44809

9Router is an AI router & token saver. From 0.2.21 until 0.4.44, 9Router used the hardcoded fallback JWT secret 9router-default-secret-change-me in src/app/api/auth/login/route.js, src/middleware.js, and later src/lib/auth/dashboardSession.js, allowing attackers to forge an authtoken cookie when...

9.8CVSS6.1AI score0.0019EPSS
Exploits1References3
EUVD
EUVD
added yesterday3 views

EUVD-2026-44808

9Router is an AI router & token saver. From 0.4.30 until 0.4.37, 9Router's src/proxy.js middleware did not protect /api/cli-tools/ and /api/mcp/, allowing unauthenticated registration of customPlugins through src/app/api/cli-tools/cowork-settings/route.js and command execution through the MCP...

10CVSS6.2AI score0.00147EPSS
Exploits0References2
EUVD
EUVD
added yesterday3 views

EUVD-2026-44807

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.57.4, multi-tenant HTTP mode with ENABLEMULTITENANT=true could allow an authenticated tenant to access default-scope workflowversions backups instead of being confined to...

4.2CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added yesterday3 views

EUVD-2026-44806

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.56.1, in HTTP mode with multi-tenancy enabled through ENABLEMULTITENANT=true, n8n-mcp's local workflow version history backups were not isolated per tenant, allowing an...

9.9CVSS6.1AI score0.00043EPSS
Exploits0References2
EUVD
EUVD
added yesterday3 views

EUVD-2026-44805

CVE-2026-55399 is a resource exhaustion vulnerability in the Secure Access publisher prior to 14.55. Attackers with valid credentials to the Secure Access tunnel can create a non-persistent DoS against the publisher...

5.1CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-44804

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to 2.1.19, NocoBase @nocobase/plugin-backups restored PostgreSQL backups by interpolating the database.schema value from metadata.json into shell command strings executed with...

6.7CVSS6.2AI score
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-44803

CVE-2026-55398 is a memory management vulnerability in Secure Access clients and servers prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against the server...

6.9CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-44802

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to 2.0.61, NocoBase @nocobase/plugin-notification-in-app-message exposed GET /api/myInAppChannels:list, where the filterlatestMsgReceiveTimestamp$lt value was inserted into a...

10CVSS6.2AI score0.00048EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-44801

CVE-2026-33445 is a memory management vulnerability in Secure Access servers prior to 14.55. Attackers with an intimate knowledge of and total control over the tunnel protocol can create a persistent DoS against the server...

8.7CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-44800

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. In 2.0.59 and earlier, NocoBase @nocobase/plugin-collection-sql used the checkSQL function in packages/plugins/@nocobase/plugin-collection-sql/src/server/utils.ts with an incomplete...

6.8CVSS6.1AI score0.00048EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-44799

CVE-2026-33444 is a memory management vulnerability in Secure Access servers prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against the server...

6.9CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-44798

The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol MCP. Prior to 1.28.1, the deprecated mcp.server.websocket.websocketserver transport accepted WebSocket handshakes without applying Host or Origin header validation, leaving no SDK-level way to restric...

7.6CVSS6.1AI score
Exploits0References4
EUVD
EUVD
added yesterday4 views

EUVD-2026-44797

The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol MCP. From 1.23.0 until 1.27.2, default handlers installed by server.experimental.enabletasks for tasks/list, tasks/get, tasks/result, and tasks/cancel operate only on task identifiers without recordin...

7.6CVSS6.1AI score0.00043EPSS
Exploits0References4
EUVD
EUVD
added yesterday3 views

EUVD-2026-44796

CVE-2026-33443 is a memory management error in Secure Access servers prior to 14.55. Attackers with an intimate knowledge of and total control over the tunnel protocol can create a persistent DoS against the server...

7.1CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-44795

The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol MCP. Prior to 1.27.2, the SSE and stateful Streamable HTTP transports mcp.server.sse.SseServerTransport and mcp.server.streamablehttpmanager.StreamableHTTPSessionManager route requests to existing...

7.1CVSS6.1AI score0.00054EPSS
Exploits0References6
EUVD
EUVD
added yesterday2 views

EUVD-2026-44794

ncnn is a high-performance neural network inference framework optimized for the mobile platform. In commit e54f7b1f88434e1d844ea0551b880a1cfb079ce1 and earlier, ncnn allows an out-of-bounds heap write in ncnn::ParamDict::loadparam when Net::loadparam loads a malicious .param model file because th...

7.1CVSS6.1AI score0.00018EPSS
Exploits0References2
EUVD
EUVD
added yesterday3 views

EUVD-2026-44793

CVE-2026-40958 is a input validation error in Secure Access clients prior to 14.55. Attackers with intimate knowledge of and total control over the tunnel protocol can create a non-persistent DoS against their client...

2.3CVSS6.1AI score
Exploits0References1
Total number of security vulnerabilities420705