Lucene search
K

55910 matches found

EUVD
EUVD
added 2 hours ago3 views

EUVD-2026-42910

In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID handling was possible...

9.6CVSS6.4AI score
Exploits0References2
CVE
CVE
added 3 hours ago8 views

CVE-2026-38059

The CVE-2026-38059 entry concerns iDirect iQ200 devices where the /api/identity and /api/ REST endpoints are exposed without authentication. An unauthenticated attacker with network access can retrieve sensitive device data including serial number, Device ID (DID), Terminal Private Key (TPK) iden...

8.7CVSS6.1AI score
Exploits0References3
CVE
CVE
added 4 hours ago4 views

CVE-2026-22659

FlaskBB up to version 2.2.0 is vulnerable to an authorization bypass. The issue arises when an attacker manipulates a batch request with crafted topic ID lists, causing a low-ID topic from a permitted forum to be used as an anchor and bypass the permission check applied only to the first result. ...

8.1CVSS6.2AI score
Exploits0References3
Circl
Circl
added 6 hours ago4 views

CVE-2026-40454

creationtimestamp| type| source ---|---|--- 2026-07-10 11:11:00+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbz7ub5sf2f 2026-07-10 12:15:35+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-40454 2026-07-10 13:34:44+00:00| seen|...

7.5CVSS6.1AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 7 hours ago2 views

CVE-2026-59724

A flaw was found in Engine.IO. When Engine.IO servers have WebTransport enabled, a remote attacker can craft a session ID to resolve an inherited property of the clients object during WebTransport upgrade handling. This can lead to a TypeError, resulting in a denial of service DoS for the server...

7.5CVSS6.1AI score0.00339EPSS
Exploits0References6
NVD
NVD
added 8 hours ago4 views

CVE-2026-14475

The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

4.9CVSS
Exploits0References7
Chainguard
Chainguard
added 9 hours ago5 views

GHSA-5QWX-4Q7J-HWM2 vulnerabilities

Vulnerabilities for packages: linux-gcp...

6.1AI score
Exploits0
Wolfi
Wolfi
added 9 hours ago3 views

GHSA-X6W2-JPMX-X267 vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Wolfi
Wolfi
added 9 hours ago2 views

GHSA-RJCX-5J87-VP95 vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Wolfi
Wolfi
added 9 hours ago3 views

GHSA-MCCM-G2CW-25J9 vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Wolfi
Wolfi
added 9 hours ago3 views

CVE-2026-13785 vulnerabilities

Vulnerabilities for packages: chromium...

9.6CVSS6.1AI score0.00314EPSS
Exploits0
Wolfi
Wolfi
added 9 hours ago3 views

GHSA-X454-5847-5CWH vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Wolfi
Wolfi
added 9 hours ago3 views

GHSA-V598-MR98-5866 vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Wolfi
Wolfi
added 9 hours ago3 views

GHSA-2M65-XXR3-MHCV vulnerabilities

Vulnerabilities for packages: chromium...

6.1AI score
Exploits0
Wolfi
Wolfi
added 9 hours ago3 views

CVE-2026-14008 vulnerabilities

Vulnerabilities for packages: chromium...

6.5CVSS6.1AI score0.0025EPSS
Exploits0
Cvelist
Cvelist
added 9 hours ago5 views

CVE-2026-14475 Cookie Banner for GDPR / CCPA <= 4.3.6 - Authenticated (Administrator+) SQL Injection via 'scan_id' Parameter

The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

4.9CVSS
Exploits0References7
CVE
CVE
added 9 hours ago5 views

CVE-2026-14475

The CVE-2026-14475 entry relates to the WordPress plugin “WPLP Cookie Consent” (GDPR/CCPA banner) with a SQL Injection vulnerability via the scan_id parameter in all versions up to 4.3.6. The root cause is insufficient escaping of the user-supplied parameter and inadequate preparation of the exis...

4.9CVSS6.1AI score
Exploits0References7
EUVD
EUVD
added 9 hours ago4 views

EUVD-2026-42844

The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...

4.9CVSS6.1AI score
Exploits0References7
NVD
NVD
added 12 hours ago5 views

CVE-2026-15284

The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'formpageid' parameter in versions up to, and including, 51.1.62 This is due to insufficient input sanitization in the addtosubmissions function, which applies sanitizetextfield which preserves...

6.4CVSS
Exploits0References10
EUVD
EUVD
added 13 hours ago5 views

EUVD-2026-42798

The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to time-based SQL Injection via the ‘wpdevartid’ parameter in all versions up to, and including, 3.2.17 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin...

5.9CVSS6AI score
Exploits0References4
Rows per page
Query Builder