|
381
|
- |
|
-
|
-
|
Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion.
The fragment reassembly path in 'Elixir.Ba…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-42786
|
2026-05-2 11:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
382
|
- |
|
-
|
-
|
Reliance on Untrusted Inputs in a Security Decision vulnerability in mtrudel bandit allows unauthenticated transport-state spoofing on plaintext HTTP connections.
'Elixir.Bandit.Pipeline':determine_…
New
|
CWE-807
Reliance on Untrusted Inputs in a Security Decision
|
CVE-2026-39807
|
2026-05-2 11:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
383
|
- |
|
-
|
-
|
Inconsistent Interpretation of HTTP Requests vulnerability in mtrudel bandit allows HTTP request smuggling via duplicate Content-Length headers.
'Elixir.Bandit.Headers':get_content_length/1 in lib/b…
New
|
CWE-444
HTTP Request Smuggling
|
CVE-2026-39805
|
2026-05-2 11:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
384
|
- |
|
-
|
-
|
Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion when WebSocket permessage-deflate compressio…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-39804
|
2026-05-2 11:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
385
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in ArtMin96 yii2-mcp-server 1.0.2. This impacts the function yii_command_help/yii_execute_command of the file src/index.ts of the component MCP Interface. Executing a manipulati…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7600
|
2026-05-2 10:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
386
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in Dayoooun hwpx-mcp 0.2.0. This affects the function save_document/export_to_text/export_to_html of the file mcp-server/src/index.ts of the component MCP Interface. Perf…
New
|
CWE-22
Path Traversal
|
CVE-2026-7599
|
2026-05-2 07:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
387
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vector_stores/faiss.py. Performing a manipulation results in deserialization.…
New
|
CWE-20
CWE-502
Improper Input Validation
Deserialization of Untrusted Data
|
CVE-2026-7597
|
2026-05-2 07:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
388
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this vulnerability is the function _format_plugins of the file .claude/skills/ui-styling/scripts/tailwind_config…
New
|
CWE-74
CWE-94
Injection
Code Injection
|
CVE-2026-7595
|
2026-05-2 06:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
389
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function image_to_3d_async of the file src/index.ts of the component MCP Interface. The manipulation of the argument …
New
|
CWE-22
Path Traversal
|
CVE-2026-7594
|
2026-05-2 06:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
390
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in Sunwood-ai-labs command-executor-mcp-server up to 0.1.0. This impacts the function execute_command of the file src/index.ts of the component MCP Interfac…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7593
|
2026-05-2 06:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
