Skip to main content
CVE-2024-0769 CRITICAL POC KEV THREAT Act Now

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Path Traversal Dir 859 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
82.7%
CVE-2024-23731 CRITICAL PATCH Act Now

The OpenAPI loader in Embedchain before 0.1.57 allows attackers to execute arbitrary code, related to the openapi.py yaml.load function argument. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Embedchain
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2024-23730 CRITICAL PATCH Act Now

The OpenAPI and ChatGPT plugin loaders in LlamaHub (aka llama-hub) before 0.0.67 allow attackers to execute arbitrary code because safe_load is not used for YAML. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Llamahub
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy