Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.3 MEDIUM
CVE-2026-9373 — JeecgBoot OpenAPI Endpoint call improper authentication

A vulnerability has been found in JeecgBoot 3.9.1. This issue affects some unknown processing of the file /openapi/call/ of the component OpenAPI Endpoint. Such manipulation leads to improper authent…

jeecgboot | Remote | Authentication
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
7.5 HIGH
CVE-2026-9372 — ItzCrazyKns Vane Model Provider API route.ts server-side request forgery

A flaw has been found in ItzCrazyKns Vane up to 1.12.1. This vulnerability affects unknown code of the file src/app/api/providers/route.ts of the component Model Provider API. This manipulation of th…

vane | Remote | Server-Side Request Forgery
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
5.6 MEDIUM
CVE-2026-9371 — ItzCrazyKns Vane API route.ts missing authentication

A security vulnerability has been detected in ItzCrazyKns Vane up to 1.12.1. Affected by this issue is some unknown functionality of the file route.ts of the component API. The manipulation leads to …

vane | Remote | Authentication
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
3.7 LOW
CVE-2026-9370 — ulisesbocchio jasypt-spring-boot Password Hash SimpleGCMConfig.java getSecretKeySaltGener…

A weakness has been identified in ulisesbocchio jasypt-spring-boot up to 3.0.5/4.0.4. Affected by this vulnerability is the function getSecretKeySaltGenerator of the file jasypt-spring-boot/src/main/…

jasypt-spring-boot | Remote | Cryptography
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
5.3 MEDIUM
CVE-2026-9369 — NousResearch hermes-agent CLI web-dashboard web_server.py _discover_dashboard_plugins com…

A security flaw has been discovered in NousResearch hermes-agent 2026.4.23. Affected is the function _discover_dashboard_plugins of the file hermes_cli/web_server.py of the component CLI web-dashboar…

hermes-agent | Misconfiguration
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
7.5 HIGH
CVE-2026-9368 — NousResearch hermes-agent Environment Variable code_execution_tool.py execute_code sandbox

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This impacts the function execute_code of the file tools/code_execution_tool.py of the component Environment Variable Hand…

hermes-agent | Remote | Misconfiguration
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
7.5 HIGH
CVE-2026-9367 — NousResearch hermes-agent terminal_tool approval.py detect_dangerous_command os command i…

A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detect_dangerous_command of the file tools/approval.py of the com…

hermes-agent | Remote | Injection
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
7.5 HIGH
CVE-2026-9366 — NousResearch hermes-agent prompt_builder.py _scan_context_content injection

A vulnerability was found in NousResearch hermes-agent 2026.4.23. The impacted element is the function _scan_context_content of the file agent/prompt_builder.py. The manipulation results in injection…

hermes-agent | Remote | Injection
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
5.6 MEDIUM
CVE-2026-9365 — Ettercap GG Dissector ec_gg.c FUNC_DECODER heap-based overflow

A vulnerability has been found in Ettercap up to 0.8.3. The affected element is the function FUNC_DECODER of the file src/dissectors/ec_gg.c of the component GG Dissector. The manipulation of the arg…

ettercap | Remote | Memory Corruption
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
7.5 HIGH
CVE-2026-9364 — projectworlds Online Art Gallery Shop adminHome.php sql injection

A flaw has been found in projectworlds Online Art Gallery Shop 1.0. Impacted is an unknown function of the file /admin/adminHome.php. Executing a manipulation of the argument social_linked can lead t…

online_art_gallery_shop | Remote | Injection
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
Showing 20 of 7530 Results