CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
A code injection vulnerability in ChromaDB Python project version 0.4.17 and later. An authenticated attacker with UPDATE_COLLECTION permission can send a malicious model repository with trust_remote_code enabled, allowing arbitrary code execution on the server.
A vulnerability in ChromaDB allows bypassing authorization controls by using V1 endpoints, which pass None for tenant and database to the authorization layer.
The SimpleRBACAuthorizationProvider in versions 0.5.0 or later of the ChromaDB Python project has a vulnerability that allows evaluating user permissions without checking which tenant, database, or collection those permissions apply to.
In ChromaDB Python version 0.4.17 and later, a missing authorization validation allows any authenticated user to arbitrarily read, write, update, or delete data in any tenant's collection regardless of their tenant membership.
The use of insecure HTTP transport within AMD optional tools could allow an attacker to conduct a man-in-the-middle attack, potentially leading to arbitrary code execution.
The Yarbo cloud does not enforce per-device or per-user authorization. Any client with valid credentials can subscribe to wildcard topics covering all robots globally and publish to any robot's command topic using only the robot's serial number.
A vulnerability in WEOLL by Global IT Informatics Services Inc. allows unrestricted upload of files with dangerous types, leading to access to functionality not properly constrained by ACLs.
Nuxt is an open-source web development framework for Vue.js. From versions 3.11.0 to before 3.21.7 and 4.0.0 to before 4.4.7, there is a route-rule middleware bypass via case-sensitivity mismatch between vue-router and the routeRules matcher. This issue has been patched in versions 3.21.7 and 4.4.7.
In versions prior to 3.11.4, the vm2 library has a vulnerability in the BaseHandler.set method that ignores the receiver parameter and incorrectly writes to the target object. This leads to inherited properties leaking to the host object, creating an attack vector for dangerous cross-realm Symbol keys.
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM allowed excluding public network modules, but underscored internal HTTP modules like _http_client and _http_server were not blocked, enabling HTTP requests despite the exclusion of public modules.
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, Symbol.for override in setup-sandbox.js only intercepts 2 of 9 dangerous Node.js cross-realm symbols, allowing for the acquisition of real cross-realm symbols and control over host-side behavior.
In netty-transport-sctp prior to versions 4.1.135.Final and 4.2.15.Final, there is a resource exhaustion vulnerability. For each incomplete SctpMessage fragment, the handler creates a new CompositeByteBuf, leading to recursive complexity growth. An attacker can send small fragments without the 'complete' flag, causing unbounded structure growth and potential memory exhaustion.
A vulnerability in the Netty library allows an attacker to inject fake CNAME records into DNS responses because the DnsResolveContext component does not validate the origin (bailiwick) of these records. The issue affects versions prior to 4.1.135.Final and 4.2.15.Final.
A vulnerability in the Netty library allows an attacker to trigger excessive memory allocation by sending a crafted ClientHello message in TLS handshake. The buffer is allocated immediately and retained until the connection closes, potentially leading to resource exhaustion.
The vulnerability in the Netty library concerns the default QUIC token handler (NoQuicTokenHandler), which always returns 0 from validateToken(), interpreted as a valid token. An attacker can send an Initial packet with arbitrary token bytes and a spoofed victim source IP, causing the Netty server to treat the victim's address as validated and send full responses without the 3× amplification limit.
In the Netty library, in the netty-codec-haproxy component prior to versions 4.1.135.Final and 4.2.15.Final, a vulnerability was found where a buffer is not released after an IndexOutOfBoundsException during PP2_TYPE_SSL TLV decoding. An attacker can set the TLV length below 5 bytes, causing memory leak.
A security flaw has been discovered in PbootCMS up to version 3.2.12 in the retrieve function of the file apps/home/controller/MemberController.php of the Password Handler component. Manipulation of the arguments username/password/email/checkcode results in weak password recovery.
MobaXterm Personal Edition (Portable) version 26.3 (Build 5154) allows arbitrary code execution by loading a malicious DLL located in the same directory as the executable. The application automatically loads the winspool.drv library from that location during startup.
MobaXterm Personal Edition (Portable) version 26.3 (Build 5154) allows arbitrary code execution by loading malicious DLLs from a predictable temporary directory that can be modified by the user. The application searches this location for specific DLLs before checking secure system paths.
Quest Bot is an open-source Discord bot that prior to version 1.1.6 allowed moderators with the relevant permissions to moderate users above them in the Discord role hierarchy, as long as the bot itself outranked the target. This bypasses Discord's normal role hierarchy protections.

