CVE-2026-11466EPSS p16.4%

CVE-2026-11466CVE-2026-11466

Description

A weakness has been identified in zilliztech deep-searcher up to 0.0.2. This affects the function CollectionRouter.invoke of the file deepsearcher/agent/collection_router.py. This manipulation of the argument kwargs causes improper access controls. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. The pull request to fix this issue awaits acceptance.

Scoring

CVSS 5.4 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
EPSS0.25% probability of exploitation · percentile 16.4% · 2026-06-18T12:00:27Z
Last modified2026-06-08

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-10812
CVE
CVE-2026-26216
CVE
CVE-2026-46526
CVE
CVE-2026-5584
CVE
CVE-2026-1160
CVE
CVE-2026-0768
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.