|
5401
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function _get_context_file_path of the file src/execution_system_mcp/server.py of the component add_action Too…
|
CWE-22
Path Traversal
|
CVE-2026-7319
|
2026-04-29 10:00 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5402
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in eiliyaabedini aider-mcp up to 667b914301aada695aab0e46d1fb3a7d5e32c8af. Affected is an unknown function of the file aider_mcp.py of the component code_with_ai. The m…
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7316
|
2026-04-29 10:00 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5403
|
5.0 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Grav CMS up to 1.7.49.5/2.0.0-beta.1. Affected by this vulnerability is the function FileCache::doGet of the file system/src/Grav/Framework/Cache/Adapter/FileCache.php of…
|
CWE-20
CWE-502
Improper Input Validation
Deserialization of Untrusted Data
|
CVE-2026-7317
|
2026-04-29 10:00 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5404
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2026-5822
|
2026-04-29 08:16 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5405
|
4.7 |
MEDIUM
Local
|
-
|
-
|
Mojic is a CLI tool to transform readable C code into an unrecognizable chaotic stream of emojis. Prior to 2.1.4, the CipherEngine uses a standard equality operator (!==) to verify the HMAC-SHA256 in…
|
CWE-208
Information Exposure Through Timing Discrepancy
|
CVE-2026-41244
|
2026-04-29 06:18 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5406
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
NFC: nxp-nci: allow GPIOs to sleep
Allow the firmware and enable GPIOs to sleep.
This fixes a `WARN_ON' and allows the driver to…
|
NVD-CWE-noinfo
|
CVE-2026-31545
|
2026-04-29 05:53 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5407
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: bonding: fix NULL deref in bond_debug_rlb_hash_show
rlb_clear_slave intentionally keeps RLB hash-table entries on
the rx_has…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-31546
|
2026-04-29 05:48 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5408
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
media: vidtv: fix nfeeds state corruption on start_streaming failure
syzbot reported a memory leak in vidtv_psi_service_desc_init…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-31585
|
2026-04-29 05:47 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5409
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mm: blk-cgroup: fix use-after-free in cgwb_release_workfn()
cgwb_release_workfn() calls css_put(wb->blkcg_css) and then later acc…
|
CWE-416
Use After Free
|
CVE-2026-31586
|
2026-04-29 05:45 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5410
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ASoC: qcom: q6apm: move component registration to unmanaged version
q6apm component registers dais dynamically from ASoC toplolog…
|
CWE-416
Use After Free
|
CVE-2026-31587
|
2026-04-29 05:44 |
2026-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
