VYPR

CVEs

100,082 total · page 101 of 2,002

  • CVE-2026-41383HigApr 28, 2026
    risk 0.46cvss 8.1epss 0.00

    OpenClaw before 2026.4.2 contains an arbitrary directory deletion vulnerability in mirror mode that allows attackers to delete remote directories by influencing remoteWorkspaceDir and remoteAgentWorkspaceDir configuration values. Attackers can manipulate these OpenShell config…

  • CVE-2026-41380HigApr 28, 2026
    risk 0.40cvss 7.3epss 0.00

    OpenClaw before 2026.3.28 contains an execution approval vulnerability in exec-approvals-allowlist.ts that allows allow-always persistence to trust wrapper carrier executables instead of invoked targets. Attackers can exploit positional carrier executable routing through…

  • CVE-2026-41379HigApr 28, 2026
    risk 0.39cvss 7.1epss 0.00

    OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write permissions to access admin-class Talk Voice configuration persistence. Attackers with operator.write privileges can exploit the chat.send endpoint to reach and…

  • CVE-2026-41378HigApr 28, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.3.31 contains a privilege escalation vulnerability allowing paired nodes with role=node to dispatch node.event agent requests with unrestricted gateway-side tool access. Attackers with trusted paired node credentials can escalate privileges by leveraging…

  • CVE-2026-38949HigApr 28, 2026
    risk 0.58cvss 8.9epss 0.00

    Cross-Site Scripting (XSS) vulnerability exists in HTMLy version 3.1.1 in the content creation functionality at the /add/content?type=image endpoint. The application fails to properly sanitize user input, allowing injection of arbitrary code

  • CVE-2026-24222HigApr 28, 2026
    risk 0.56cvss 8.6epss 0.00

    NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly…

  • CVE-2026-24186HigApr 28, 2026
    risk 0.50cvss 8.8epss 0.00

    NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerability might lead to code execution.

  • CVE-2026-38651HigApr 28, 2026
    risk 0.46cvss 8.2epss 0.00

    Authentication Bypass vulnerability exists in Netmaker versions prior to 1.5.0. The VerifyHostToken function in logic/jwts.go fails to validate the JWT signature when verifying host tokens. An attacker can forge a JWT signed with any arbitrary key and use it to impersonate any…

  • CVE-2026-7324HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    Memory safety bugs present in Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.1 and Thunderbird…

  • CVE-2026-7323HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox…

  • CVE-2026-7322HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    Memory safety bugs present in Thunderbird ESR 140.10.0 and Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox…

  • CVE-2026-7320HigApr 28, 2026
    risk 0.49cvss 7.5epss 0.00

    Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, Firefox ESR 115.35.1, Thunderbird 150.0.1, and Thunderbird 140.10.1.

  • CVE-2026-7289HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub_414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url results in buffer overflow. The attack can be executed remotely. The exploit has been made public…

  • CVE-2026-7288HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in D-Link DIR-825M 1.1.12. This vulnerability affects the function sub_4151FC of the file /boafrm/formVpnConfigSetup. The manipulation of the argument submit-url leads to buffer overflow. Remote exploitation of the attack is possible. The exploit…

  • CVE-2026-27760HigApr 28, 2026
    risk 0.46cvss 8.1epss 0.22

    OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary code by injecting PHP statements into the databaseConnectivity action parameter. Attackers can break out of the…

  • CVE-2025-67223HigApr 28, 2026
    risk 0.49cvss 7.5epss 0.01

    The Aranda File Server (AFS) component in Aranda Software Aranda Service Desk before 8.3.12 stores daily activity logs with predictable names in a publicly accessible directory, which allows unauthenticated remote attackers to obtain direct virtual paths of uploaded files and…

  • CVE-2026-7272HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The affected element is the function generate_matlab_code/execute_matlab_code of the file src/index.ts of the component MCP Interface. Executing a manipulation of the…

  • CVE-2026-5944HigApr 28, 2026
    risk 0.53cvss 8.2epss 0.01

    An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment environment without authentication. …

  • CVE-2026-40551HigApr 28, 2026
    risk 0.55cvss epss 0.00

    mpGabinet performs client-side authentication. An attacker with access to any application instance connected to the backend server can bypass the login verification process by manipulating the application binary and authenticate as an arbitrary user. This issue affects…

  • CVE-2026-5781HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their privileges by sending an HTTP request with a manipulated 'identifier' field.…

  • CVE-2026-5780HigApr 28, 2026
    risk 0.53cvss 8.1epss 0.00

    An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically in the endpoint '/minerva/moUser/show/'. If this vulnerability is successfully exploited, an authenticated user can access the data of other registered users simply by modifying the…

  • CVE-2026-5779HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    An insecure direct object reference (IDOR) vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/user/updateUserProfile' endpoint. This allows an authenticated user to modify the information of other registered users. Successful exploitation of this…

  • CVE-2026-5435HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records.

  • CVE-2026-3323HigApr 28, 2026
    risk 0.49cvss 7.5epss 0.00

    An unsecured configuration interface on affected devices allows unauthenticated remote attackers to access sensitive information, including hashed credentials and access codes.

  • CVE-2026-7279HigApr 28, 2026
    risk 0.51cvss 7.8epss 0.00

    AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL.

  • CVE-2026-41636HigApr 28, 2026
    risk 0.42cvss 7.5epss 0.00

    Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

  • CVE-2026-41605HigApr 28, 2026
    risk 0.40cvss 7.3epss 0.01

    Integer Overflow or Wraparound vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

  • CVE-2026-41604HigApr 28, 2026
    risk 0.46cvss 8.2epss 0.01

    Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

  • CVE-2026-41603HigApr 28, 2026
    risk 0.41cvss 7.4epss 0.01

    Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

  • CVE-2026-41602HigApr 28, 2026
    risk 0.42cvss 7.5epss 0.01

    Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

  • CVE-2025-48431HigApr 28, 2026
    risk 0.42cvss 7.5epss 0.01

    Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Description: Specially crafted requests can crash an…

  • CVE-2026-7247HigApr 28, 2026
    risk 0.47cvss 7.2epss 0.01

    A vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected by this issue is the function file_exten_asp of the file file_exten.asp of the component File Extension Handler. The manipulation of the argument Name leads to buffer overflow. Remote exploitation of the…

  • CVE-2026-40978HigApr 28, 2026
    risk 0.57cvss 8.8epss 0.00

    SQL injection vulnerability in Spring AI's `CosmosDBVectorStore` allows attackers to execute arbitrary SQL queries via crafted document IDs. Affected versions: Spring AI: 1.0.0 - 1.0.5 (fixed in 1.0.6), 1.1.0 - 1.1.4 (fixed in 1.1.5)

  • CVE-2026-7237HigApr 28, 2026
    risk 0.40cvss 7.3epss 0.00

    A vulnerability was detected in AgiFlow scaffold-mcp up to 1.0.27. Affected by this issue is some unknown functionality of the file packages/scaffold-mcp/src/server/index.ts of the component write-to-file Tool. The manipulation of the argument file_path results in path…

  • CVE-2024-54013HigApr 28, 2026
    risk 0.57cvss epss 0.00

    Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to protected functions. The manufacturer has released patch firmware for the flaw,…

  • CVE-2024-54012HigApr 28, 2026
    risk 0.55cvss epss 0.00

    Penetration Testing engineers at Amazon discovered a vulnerability where the camera system failed to properly validate input, allowing specially crafted requests containing malicious commands to be executed on the device. The manufacturer has released patch firmware for the…

  • CVE-2026-7234HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in BrowserOperator browser-operator-core up to 0.6.0. Affected is the function startsWith of the file scripts/component_server/server.js. Executing a manipulation of the argument request.url can lead to path traversal. The attack can be launched…

  • CVE-2026-40967HigApr 28, 2026
    risk 0.56cvss 8.6epss 0.00

    In Spring AI, various FilterExpressionConverter implementations accept a filter expression object and translate them to specific vector store query languages. In several cases, keys and values are not properly escaped, leading to the ability to alter the query. Affected…

  • CVE-2026-7228HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function get_cart_count of the file /admin/ajax.php?action=get_cart_count. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out…

  • CVE-2026-7227HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function Login of the file /admin/ajax.php?action=login. The manipulation of the argument e-mail results in sql injection. The attack can be executed remotely. The exploit is now public…

  • CVE-2026-7226HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects the function login2 of the file /admin/ajax.php?action=login2. The manipulation of the argument e-mail leads to sql injection. Remote exploitation of the attack is…

  • CVE-2026-7225HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function delete_menu of the file /admin/ajax.php?action=delete_menu. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched…

  • CVE-2026-7224HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function delete_cart of the file /admin/ajax.php?action=delete_cart. Performing a manipulation of the argument ID results in sql injection. The attack may be initiated remotely.…

  • CVE-2026-7223HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was identified in BigSweetPotatoStudio HyperChat up to 2.0.0-alpha.63. Affected by this issue is the function fetch of the file packages/core/src/http/aiProxyMiddleware.mts of the component AI Proxy Middleware. Such manipulation of the argument baseurl leads to…

  • CVE-2026-7221HigApr 28, 2026
    risk 0.40cvss 7.3epss 0.00

    A vulnerability was found in TencentCloudBase CloudBase-MCP up to 2.17.0. Affected is the function openUrl of the file mcp/src/interactive-server.ts of the component open-url API Endpoint. The manipulation of the argument req.body.url results in server-side request forgery. It…

  • CVE-2026-7220HigApr 28, 2026
    risk 0.48cvss 7.3epss 0.01

    A vulnerability has been found in jackwrichards FastlyMCP up to 6f3d0b0e654fc51076badc7fa16c03c461f95620. This impacts an unknown function of the file fastly-mcp.mjs of the component fastly_cli Tool. The manipulation of the argument command leads to os command injection. It is…

  • CVE-2026-7219HigApr 28, 2026
    risk 0.47cvss 7.2epss 0.01

    A flaw has been found in Totolink N300RT 3.4.0-B20250430. This affects an unknown function of the file /boafrm/formIpQoS. Executing a manipulation of the argument entry_name can lead to buffer overflow. The attack may be performed from remote. The exploit has been published and…

  • CVE-2026-7218HigApr 28, 2026
    risk 0.47cvss 7.2epss 0.00

    A vulnerability was detected in Totolink N300RT 3.4.0-B20250430. The impacted element is the function is_cmd_string_valid of the file /boafrm/formWsc of the component libapmib.so. Performing a manipulation of the argument localPin results in buffer overflow. The attack is…

  • CVE-2026-7216HigApr 28, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in donchelo processing-claude-mcp-bridge up to e017b20a4b592a45531a6392f494007f04e661bd. Impacted is an unknown function of the file processing_server.py of the component create_sketch Tool. This manipulation of the argument sketch_name causes path…

  • CVE-2026-7215HigApr 28, 2026
    risk 0.48cvss 7.3epss 0.01

    A security flaw has been discovered in egtai gmx-vmd-mcp up to 0.1.0. This issue affects the function launch_vmd_gui_tool of the file mcp_server.py of the component VMD Launch Handler. The manipulation of the argument structure_file/trajectory_file results in command injection.…