|
3871
|
8.8 |
HIGH
Network
|
jetbrains
|
teamcity
|
In JetBrains TeamCity before 2026.1 remote code execution was possible via Perforce connection settings
|
CWE-88
Argument Injection
|
CVE-2026-49373
|
2026-06-2 22:13 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3872
|
7.6 |
HIGH
Network
|
jetbrains
|
teamcity
|
In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters
|
CWE-862
Missing Authorization
|
CVE-2026-49374
|
2026-06-2 22:12 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3873
|
6.1 |
MEDIUM
Network
|
jetbrains
|
teamcity
|
In JetBrains TeamCity before 2026.1,
2025.11.5 reflected XSS was possible on the repository download page
|
CWE-79
Cross-site Scripting
|
CVE-2026-49375
|
2026-06-2 22:11 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3874
|
5.0 |
MEDIUM
Network
|
-
|
-
|
The DeepAI endpoint 'https://api.deepai.org/change_user_email' accepts POST requests without any CSRF protection. If an attacker can trick a logged-in user into clicking a malicious link, the attacke…
|
CWE-352
Origin Validation Error
|
CVE-2026-49433
|
2026-06-2 22:04 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3875
|
- |
|
-
|
-
|
Insufficient granularity of access control in ASP (AMD Secure Processor) may allow an attacker with an untrusted user space application to map sensitive SMN (System Management Network) apertures lead…
|
CWE-1220
Insufficient Granularity of Access Control
|
CVE-2021-46747
|
2026-06-2 22:04 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3876
|
8.4 |
HIGH
Local
|
-
|
-
|
In multiple locations, there is a possible way to achieve code execution due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. U…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2025-48595
|
2026-06-2 22:04 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3877
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in hekmon8 Jenkins-server-mcp 0.1.0. This vulnerability affects the function jobPath of the file src/index.ts of the component get_build_status/get_build_log/trigger_bu…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-10276
|
2026-06-2 22:03 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3878
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in ishayoyo excel-mcp up to 1.0.2. Impacted is an unknown function of the file src/index.ts of the component read_file/write_file. Executing a manipulation of the argum…
|
CWE-22
Path Traversal
|
CVE-2026-10278
|
2026-06-2 22:03 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3879
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in hiraishikentaro wezterm-mcp 0.1.0. The affected element is an unknown function of the file src/wezterm_executor.ts of the component switch_pane/write_to_specific_pan…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-10279
|
2026-06-2 22:03 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3880
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a267c4c. This issue affects the function saveToDisk of the file src/tools/gmail.ts of the component MCP G…
|
CWE-266
CWE-284
Incorrect Privilege Assignment
Improper Access Control
|
CVE-2026-10277
|
2026-06-2 22:03 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
