|
281
|
5.6 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in vllm up to 0.19.0. The affected element is the function has_mamba_layers of the file vllm/v1/kv_cache_interface.py of the component KV Block Handler. Performing a manipul…
New
|
CWE-908
Use of Uninitialized Resource
|
CVE-2026-7141
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in Wooey up to 0.13.2. The impacted element is the function add_or_update_script of the file wooey/api/scripts.py of the component API Endpoint. Executing a manipulatio…
New
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-7142
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d. Affected by this vulnerability is the function axios of the file src/ser…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7146
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of the component LLM Models API. Performi…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7147
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in CodeAstro Online Classroom 1.0. This affects an unknown part of the file /addnewfaculty. Executing a manipulation of the argument fname can lead to sql injection. The attack …
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7148
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function prepare_kaggle_dataset of the file src/kaggle_mcp/server…
New
|
CWE-22
Path Traversal
|
CVE-2026-7149
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in dh1011 auto-favicon up to f189116a9259950c2393f114dbcb94dde0ad864b. This issue affects the function generate_favicon_from_url of the file src/auto_favicon/server.py of th…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7150
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc. Affected by this vulnerability is an unknown functionality of the file src/aider_mcp_server/server.py …
New
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7157
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function _validate_url_safe of the file src/mcp_url_downl…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7158
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in douinc mkdocs-mcp-plugin up to 0.4.1. This affects the function read_document/list_documents of the file server.py. Performing a manipulation of the argument docs_dir/fil…
New
|
CWE-22
Path Traversal
|
CVE-2026-7159
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
