Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

57602 matches found

Snyk
Snykadded 3 days ago1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the redirect handling of unstable React Server Components RSC APIs. An attacker can execute arbitrary JavaScript code in the user's browser by supplying a crafted javascript: redirect target from an untrusted...

8CVSS5.6AI score0.00033EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 3 days ago7 views

CVE-2026-24754

Kiteworks is a private data network PDN. Prior to version 9.3.0, a stored XSS vulnerability in Kiteworks Secure Data Forms could allow an authenticated attacker to execute arbitrary JavaScript code in other users' sessions. Upgrade Kiteworks to version 9.3.0 or later to receive a patch...

5.4CVSS6.1AI score0.0003EPSS
Exploits0References1
NVD
NVDadded 3 days ago8 views

CVE-2026-10702

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3...

4.3CVSS0.00033EPSS
Exploits0References2
EUVD
EUVDadded 3 days ago8 views

EUVD-2026-33990

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3...

5.8AI score0.00033EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 3 days ago4 views

CVE-2026-10702 JIT miscompilation in the JavaScript Engine: JIT component

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3...

5.8AI score0.00033EPSS
Exploits0References2
Cvelist
Cvelistadded 3 days ago27 views

CVE-2026-10702 JIT miscompilation in the JavaScript Engine: JIT component

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3...

0.00033EPSS
Exploits0References2
CVE
CVEadded 3 days ago7 views

CVE-2026-10702

CVE-2026-10702 is a Firefox issue involving a JIT miscompilation in the JavaScript Engine (JIT component). The vulnerability was fixed in Firefox 151.0.3. The CVSS score is 4.3 (Medium) with network attack vector, user interaction required, and availability impact of Low. Affected product: Mozill...

4.3CVSS5.8AI score0.00033EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 3 days ago4 views

CVE-2026-10702

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3...

4.3CVSS5.8AI score0.00033EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 3 days ago5 views

CVE-2026-10702

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3...

5.8AI score0.00033EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 3 days ago8 views

CVE-2026-46509

deepobj provides get, set, delete deep objects in javascript. Prior to 1.0.3, prototype pollution is possible when property paths contain proto/constructor/prototype. The property path must not be exposed as user input. This vulnerability is fixed in 1.0.3...

8.2CVSS5.8AI score0.00055EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletinsadded 3 days ago5 views

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2026-44664 DESCRIPTION: fast-xml-builder builds XML from JSON. In 1.1.5, the fix for CVE-2026-41650 in fast-xml-parser sanitizes -- sequences in XML comment content using...

6.1CVSS5.9AI score0.00012EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 3 days ago6 views

Security Bulletin: IBM Application Modernization Accelerator is affected by multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2026-41238 DESCRIPTION: DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions 3.0.1 through 3.3.3 are vulnerable to a...

6.9CVSS5.8AI score0.00059EPSS
Exploits1Affected Software1
Nuclei
Nucleiadded 3 days ago41 views

Grafana 8.0.0 <= v.8.2.2 - Angularjs Rendering Cross-Site Scripting

Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the...

6.9CVSS7AI score0.87697EPSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletinsadded 3 days ago8 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty was affected by a prototype pollution vulnerability due to immutable (CVE-2026-29063)

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty was affected by prototype pollution vulnerability due to immutable CVE-2026-29063. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability...

9.8CVSS6.8AI score0.0008EPSS
Exploits1Affected Software1
NVD
NVDadded 3 days ago8 views

CVE-2026-10510

Cross-Site Scripting XSS in GeniexWebView component in Transsion AI Assistant Lifestyle application com.transsion.aiassistantlifestyle all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted webactiondata URL parameter...

6.1CVSS0.00035EPSS
Exploits0References1
EUVD
EUVDadded 3 days ago10 views

EUVD-2026-33874

Cross-Site Scripting XSS in GeniexWebView component in Transsion AI Assistant Lifestyle application com.transsion.aiassistantlifestyle all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted webactiondata URL parameter...

6.1CVSS6.1AI score0.00035EPSS
Exploits0References1
Mozilla
Mozillaadded 3 days ago16 views

Security Vulnerabilities fixed in Firefox 151.0.3 — Mozilla

CVE-2026-10701: Incorrect boundary conditions in the Graphics: Text component Reporter taiho kim Impact high References Bug 2038537 CVE-2026-10702: JIT miscompilation in the JavaScript Engine: JIT component Reporter Nebula Security Impact high References Bug 2040903...

7.5CVSS5.8AI score0.00033EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 3 days ago8 views

PT-2026-45967

These are all security issues fixed in the libmozjs-115-0-115.15.0-9.1 package on the GA media of openSUSE Tumbleweed...

7.3CVSS5.8AI score0.00055EPSS
Exploits0References2
OSV
OSVadded 3 days ago3 views

ALSA-2026:22643 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...

9.8CVSS5.9AI score0.00164EPSS
Exploits0References40
Positive Technologies
Positive Technologiesadded 3 days ago9 views

PT-2026-45823

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3...

5.8AI score0.00033EPSS
Exploits0References3
Rows per page
Query Builder