|
311
|
7.1 |
HIGH
Network
|
-
|
-
|
LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.7.6, an Insecure Direct Object Reference (IDOR) vulnerability exists in the API keys mana…
New
|
CWE-862
Missing Authorization
|
CVE-2026-31942
|
2026-06-3 08:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312
|
- |
|
-
|
-
|
(*x509.Certificate).VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name (SAN) entries. This caused strings.Split(host, ".") to execute repeatedly on the sa…
New
|
-
|
CVE-2026-27145
|
2026-06-3 08:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313
|
5.9 |
MEDIUM
Network
|
-
|
-
|
QloApps through 1.7.0, fixed in commit 64e9722, contains a weak cryptographic algorithm vulnerability that allows attackers to compromise user credentials by exploiting the use of MD5 for password ha…
New
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2026-25861
|
2026-06-3 08:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314
|
- |
|
-
|
-
|
Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 extra byte outside of allocated memory which sets a val…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-10719
|
2026-06-3 08:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315
|
- |
|
-
|
-
|
Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 by…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-10718
|
2026-06-3 08:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316
|
- |
|
-
|
-
|
Out of bounds write and reads in openSeaChest’s --showSCSIDefects in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing defect information out of bounds for very large defe…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-10717
|
2026-06-3 08:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
317
|
5.5 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The impacted element is the function execute_blender_code of the file /src/blender_mcp/server.py…
New
|
CWE-74
CWE-94
Injection
Code Injection
|
CVE-2026-10688
|
2026-06-3 08:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
318
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The affected element is the function requests.get of the file src/blender_mcp/server.py of the compon…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-10662
|
2026-06-3 08:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
319
|
- |
|
-
|
-
|
Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event…
New
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-8936
|
2026-06-3 07:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
320
|
- |
|
-
|
-
|
Rejected reason: This CVE is a duplicate of another CVE.
New
|
-
|
CVE-2026-42029
|
2026-06-3 07:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
