|
71
|
7.7 |
HIGH
Network
|
-
|
-
|
In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data.
New
|
CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
|
CVE-2026-43824
|
2026-05-2 11:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
72
|
- |
|
-
|
-
|
Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated memory exhaustion via oversized HTTP/2 frames.
'Elixir.Bandit.HTTP2.Frame':deserialize/2 i…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-42788
|
2026-05-2 11:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
73
|
- |
|
-
|
-
|
Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion.
The fragment reassembly path in 'Elixir.Ba…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-42786
|
2026-05-2 11:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
74
|
- |
|
-
|
-
|
Reliance on Untrusted Inputs in a Security Decision vulnerability in mtrudel bandit allows unauthenticated transport-state spoofing on plaintext HTTP connections.
'Elixir.Bandit.Pipeline':determine_…
New
|
CWE-807
Reliance on Untrusted Inputs in a Security Decision
|
CVE-2026-39807
|
2026-05-2 11:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
75
|
- |
|
-
|
-
|
Inconsistent Interpretation of HTTP Requests vulnerability in mtrudel bandit allows HTTP request smuggling via duplicate Content-Length headers.
'Elixir.Bandit.Headers':get_content_length/1 in lib/b…
New
|
CWE-444
HTTP Request Smuggling
|
CVE-2026-39805
|
2026-05-2 11:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
76
|
- |
|
-
|
-
|
Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion when WebSocket permessage-deflate compressio…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-39804
|
2026-05-2 11:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
77
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in ArtMin96 yii2-mcp-server 1.0.2. This impacts the function yii_command_help/yii_execute_command of the file src/index.ts of the component MCP Interface. Executing a manipulati…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7600
|
2026-05-2 10:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
78
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in Dayoooun hwpx-mcp 0.2.0. This affects the function save_document/export_to_text/export_to_html of the file mcp-server/src/index.ts of the component MCP Interface. Perf…
New
|
CWE-22
Path Traversal
|
CVE-2026-7599
|
2026-05-2 07:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
79
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such manipulation of the argument username_len/p…
New
|
CWE-189
CWE-190
Numeric Errors
Integer Overflow or Wraparound
|
CVE-2026-7598
|
2026-05-2 07:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
80
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vector_stores/faiss.py. Performing a manipulation results in deserialization.…
New
|
CWE-20
CWE-502
Improper Input Validation
Deserialization of Untrusted Data
|
CVE-2026-7597
|
2026-05-2 07:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
