Skip to main content
CVE-2023-36258 CRITICAL POC PATCH Act Now

An issue in LangChain before 0.0.236 allows an attacker to execute arbitrary code because Python code with os.system, exec, or eval can be used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Python Code Injection Langchain
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-26258 CRITICAL POC THREAT Act Now

Arcserve UDP through 9.0.6034 allows authentication bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Udp
NVD
CVSS 3.1
9.8
EPSS
37.7%
CVE-2023-35797 CRITICAL PATCH Act Now

Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Authentication Bypass Apache Airflow Providers Apache Hive
NVD GitHub
CVSS 3.1
9.8
EPSS
2.8%
CVE-2023-36817 CRITICAL Act Now

`tktchurch/website` contains the codebase for The King's Temple Church website. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure The King S Temple Church Website
NVD GitHub
CVSS 3.1
9.1
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy