Threat Intelligence Feed

CVE-2026-7599 A vulnerability was detected in Dayoooun hwpx-mcp 0.2.0. This affects the function save_document/export_to_text/export_t CVE-2026-7598 A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_passwo CVE-2026-7597 A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem CVE-2026-7596 A vulnerability has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this issue is the functi CVE-2026-7595 A flaw has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this vulnerability is the functio CVE-2026-7594 A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function image_to_3d_async of the file CVE-2026-7593 A security vulnerability has been detected in Sunwood-ai-labs command-executor-mcp-server up to 0.1.0. This impacts the CVE-2026-42788 Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated memory exhau CVE-2026-42786 Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denia CVE-2026-39807 Reliance on Untrusted Inputs in a Security Decision vulnerability in mtrudel bandit allows unauthenticated transport-sta CVE-2026-39805 Inconsistent Interpretation of HTTP Requests vulnerability in mtrudel bandit allows HTTP request smuggling via duplicate CVE-2026-39804 Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denia CVE-2025-12993 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-67968. Reason: This candidate is a CVE-2026-7592 A weakness has been identified in itsourcecode Courier Management System 1.0. This affects an unknown function of the fi CVE-2025-8903 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-2052. Reason: This candidate is a r CVE-2026-7591 A security flaw has been discovered in TimBroddin astro-mcp-server up to 1.1.1. The impacted element is an unknown funct CVE-2026-7590 A vulnerability was identified in eyal-gor p_69_branch_monkey_mcp up to 69bc71874ce40050ef45fde5a435855f18af3373. The af CVE-2026-7589 A vulnerability was determined in ghantakiran splunk-mcp-integration up to 0b86b09d5e5adf0433acd43c975951224613a1a6. Imp CVE-2026-30363 flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function. CVE-2025-52347 An issue in the component DirectIo64.sys of PassMark BurnInTest v11.0 Build 1011, OSForensics v11.1 Build 1007, and Perf CVE-2026-7588 A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function get_style_guide/get_best_pract CVE-2026-37457 An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of F CVE-2026-35233 An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range sh_link f CVE-2026-26461 A Command Injection vulnerability in the web management interface in Aver PTC320UV2 0.1.0000.65 allows an unauthenticate CVE-2026-21996 An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an intege CVE-2025-69606 Cross-Site Scripting (XSS) vulnerability was discovered in the GSVoIP web panel version 2.0.90. The `msg` parameter in t CVE-2025-63548 An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a packet spe CVE-2025-63547 An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a crafted pa CVE-2026-7587 A vulnerability has been found in Open5GS up to 2.7.7. This vulnerability affects the function amf_nsmf_pdusession_handl CVE-2026-42485 AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The send_diagnostic_request functio CVE-2026-42469 Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_canswitch.cpp the parser CVE-2026-42468 Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_pcap.cpp , the parser's CVE-2026-42467 An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939 CVE-2026-37541 Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_gvret.cpp, the length fi CVE-2026-37540 OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elf_loader.c, it CVE-2026-37539 Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and dec CVE-2026-37538 Buffer overflow vulnerability in socketcand 0.4.2 in file socketcand.c in function main allows attackers to cause a deni CVE-2026-37537 collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 (2023-03-08) contains an integer underflow CVE-2026-37536 miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a (2016-10-05) contains a stack buffer overflow in send_diag CVE-2026-37535 openxc/isotp-c thru commit 5a5d19245f65189202719321facd49ce6f5d46ac (2021-08-09) contains an out-of-bounds read in the I CVE-2026-7599 A vulnerability was detected in Dayoooun hwpx-mcp 0.2.0. This affects the function save_document/export_to_text/export_t CVE-2026-7598 A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_passwo CVE-2026-7597 A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem CVE-2026-7596 A vulnerability has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this issue is the functi CVE-2026-7595 A flaw has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this vulnerability is the functio CVE-2026-7594 A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function image_to_3d_async of the file CVE-2026-7593 A security vulnerability has been detected in Sunwood-ai-labs command-executor-mcp-server up to 0.1.0. This impacts the CVE-2026-42788 Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated memory exhau CVE-2026-42786 Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denia CVE-2026-39807 Reliance on Untrusted Inputs in a Security Decision vulnerability in mtrudel bandit allows unauthenticated transport-sta CVE-2026-39805 Inconsistent Interpretation of HTTP Requests vulnerability in mtrudel bandit allows HTTP request smuggling via duplicate CVE-2026-39804 Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denia CVE-2025-12993 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-67968. Reason: This candidate is a CVE-2026-7592 A weakness has been identified in itsourcecode Courier Management System 1.0. This affects an unknown function of the fi CVE-2025-8903 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-2052. Reason: This candidate is a r CVE-2026-7591 A security flaw has been discovered in TimBroddin astro-mcp-server up to 1.1.1. The impacted element is an unknown funct CVE-2026-7590 A vulnerability was identified in eyal-gor p_69_branch_monkey_mcp up to 69bc71874ce40050ef45fde5a435855f18af3373. The af CVE-2026-7589 A vulnerability was determined in ghantakiran splunk-mcp-integration up to 0b86b09d5e5adf0433acd43c975951224613a1a6. Imp CVE-2026-30363 flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function. CVE-2025-52347 An issue in the component DirectIo64.sys of PassMark BurnInTest v11.0 Build 1011, OSForensics v11.1 Build 1007, and Perf CVE-2026-7588 A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function get_style_guide/get_best_pract CVE-2026-37457 An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of F CVE-2026-35233 An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range sh_link f CVE-2026-26461 A Command Injection vulnerability in the web management interface in Aver PTC320UV2 0.1.0000.65 allows an unauthenticate CVE-2026-21996 An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an intege CVE-2025-69606 Cross-Site Scripting (XSS) vulnerability was discovered in the GSVoIP web panel version 2.0.90. The `msg` parameter in t CVE-2025-63548 An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a packet spe CVE-2025-63547 An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a crafted pa CVE-2026-7587 A vulnerability has been found in Open5GS up to 2.7.7. This vulnerability affects the function amf_nsmf_pdusession_handl CVE-2026-42485 AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The send_diagnostic_request functio CVE-2026-42469 Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_canswitch.cpp the parser CVE-2026-42468 Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_pcap.cpp , the parser's CVE-2026-42467 An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939 CVE-2026-37541 Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_gvret.cpp, the length fi CVE-2026-37540 OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elf_loader.c, it CVE-2026-37539 Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and dec CVE-2026-37538 Buffer overflow vulnerability in socketcand 0.4.2 in file socketcand.c in function main allows attackers to cause a deni CVE-2026-37537 collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 (2023-03-08) contains an integer underflow CVE-2026-37536 miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a (2016-10-05) contains a stack buffer overflow in send_diag CVE-2026-37535 openxc/isotp-c thru commit 5a5d19245f65189202719321facd49ce6f5d46ac (2021-08-09) contains an out-of-bounds read in the I