|
111
|
5.2 |
MEDIUM
Local
|
-
|
-
|
Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a prototype pollution vulnerability in the mailbox store module allows attackers to modify the behavior of all Ja…
New
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2026-42077
|
2026-05-7 00:16 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
112
|
- |
|
-
|
-
|
Stack-based Buffer Overflow vulnerability in the WatchGuard Agent discovery service on Windows allows Overflow Buffers. An unauthenticated attacker on the same local network could exploit this vulner…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-41287
|
2026-05-7 00:16 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
113
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Cross Site Scripting vulnerability in Juzaweb CMS v.5.0.0 allows a remote attacker via execute arbitrary code via a crafted script to the Add Banner Ads function
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-36358
|
2026-05-7 00:16 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
114
|
4.6 |
MEDIUM
Adjacent
|
-
|
-
|
HCL BigFix Service Management (SM) is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses…
New
|
CWE-200
Information Exposure
|
CVE-2025-52613
|
2026-05-7 00:16 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
115
|
3.7 |
LOW
Network
|
-
|
-
|
HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header. This could allow browsers to perform MIME-type sniffing, p…
New
|
CWE-200
Information Exposure
|
CVE-2025-31984
|
2026-05-7 00:16 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
116
|
3.7 |
LOW
Network
|
-
|
-
|
HCL BigFix Service Management (SM) is affected by a security misconfiguration vulnerability due to CSP header. This could allow attackers to inject malicious scripts increasing the risk of cross-sit…
New
|
CWE-358
Improperly Implemented Security Check for Standard
|
CVE-2025-31983
|
2026-05-7 00:16 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
117
|
3.7 |
LOW
Network
|
-
|
-
|
HCL BigFix Service Management (SM) had directories that were not linked or publicly visible but could be accessed directly. This could allow an increased risk of information disclosure or misuse of s…
New
|
CWE-200
Information Exposure
|
CVE-2025-31982
|
2026-05-7 00:16 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
118
|
4.6 |
MEDIUM
Network
|
-
|
-
|
HCL BigFix Service Management (SM) does not adequately sanitize or safely render spreadsheet files (CSV, XLS, XLSX) before processing or distributing them. An attacker could populate data fields whic…
New
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2025-31978
|
2026-05-7 00:16 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
119
|
4.8 |
MEDIUM
Network
|
-
|
-
|
HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to…
New
|
CWE-200
Information Exposure
|
CVE-2025-31976
|
2026-05-7 00:16 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
120
|
2.6 |
LOW
Adjacent
|
-
|
-
|
HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially a…
New
|
CWE-200
Information Exposure
|
CVE-2025-31975
|
2026-05-7 00:16 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
