CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/06/11 6:28 p.m.•9 views

CVE-2026-47172

Quest Bot (open-source Discord bot) contains a privilege escalation in the deploy workflow prior to v1.0.3. The repository’s privileged deploy workflow runs after the unprivileged build, and when a PR from a main branch is opened, the deploy workflow can check out the PR head_sha, build it into a...

9.5CVSS5.5AI score0.00324EPSS

Snyk•added 2026/06/11 3:20 p.m.•4 views

Directory Traversal

Overview keras is a Keras is a high-level neural networks API for Python.. Affected versions of this package are vulnerable to Directory Traversal via the filtersafetarinfos and filtersafezipinfos functions in the archive extraction utilities. An attacker can write arbitrary files outside the...

8.6CVSS6.2AI score0.00449EPSS

RedhatCVE•added 2026/06/11 2:59 p.m.•9 views

CVE-2026-11859

An HTML injection vulnerability in the "fetch links" email sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross-Site Scripting XSS in emails clients that render HTML emails. This issue affects Canarytokens: from Docker tag sha-c0f3cf142 before sha-08c3f93d, from G...

5.1CVSS5.5AI score0.00258EPSS

Exploits0References1

Debian CVE•added 2026/06/11 1:31 p.m.•4 views

CVE-2026-11816

Keras versions prior to 3.14.0 are vulnerable to a path traversal issue in the archive extraction utilities located in keras/src/utils/fileutils.py. The functions filtersafetarinfos and filtersafezipinfos validate archive member paths against the process current working directory CWD instead of t...

8.1CVSS7.8AI score0.00449EPSS

GithubExploit•added 2026/06/11 11:54 a.m.•47 views

cybersec-bad-folio

DevFolio Application portfolio étudiant — Spring Boot 3.2 + V...

5.5AI score

GithubExploit•added 2026/06/11 9:41 a.m.•48 views

Exploit for Improper Input Validation in Nodeca Js-Yaml

Doceker bulid 취약환경으로 Docker 환경으로 빌드를 한다. docker build -f c...

6.8CVSS5.4AI score0.17186EPSS

Exploits7

GithubExploit•added 2026/06/11 6:36 a.m.•62 views

overflow_exploit_framework

kernel-research — Framework CVE overflow Usage éducatif uni...

7.8CVSS5.4AI score0.00317EPSS

Exploits1

Positive Technologies•added 2026/06/11 12:0 a.m.•7 views

PT-2026-48713

In Duck Site before version 1.0.1, the repository has a deploy workflow that runs after the build workflow completes. The build workflow runs on pull requests, while the deploy workflow runs with package-write permissions and deployment secrets. If an attacker can make a pull request build satisf...

9.5CVSS5.3AI score0.00312EPSS

Positive Technologies•added 2026/06/11 12:0 a.m.•7 views

PT-2026-48711

9.5CVSS5.5AI score0.00324EPSS

Exploits0References3

OSV•added 2026/06/10 1:39 p.m.•6 views

GHSA-5G86-85RP-F9HX Papra HTTP redirect bypass can lead to SSRF via webhook delivery system

Summary Papra's webhook delivery system contains an SSRF protection bypass that allows any authenticated organisation member to cause the server to make HTTP requests to internal addresses — loopback, link-local, and RFC-1918 ranges. The SSRF protection validates the registered webhook URL but...

3.5CVSS5.6AI score0.00025EPSS

Exploits0References3

Cvelist•added 2026/06/10 11:35 a.m.•35 views

CVE-2026-11859 HTML injection in the Canarytoken links email

5.1CVSS0.00258EPSS

Exploits0References1

GithubExploit•added 2026/06/10 3:12 a.m.•51 views

cve-research

CVE Research Personal repository for CVE analysis, proof-of-c...

10CVSS7.3AI score0.99999EPSS

Exploits630

CBLMariner•added 2026/06/10 2:46 a.m.•6 views

CVE-2026-39827 affecting package docker-compose for versions less than 2.27.0-13

CVE-2026-39827 affecting package docker-compose for versions less than 2.27.0-13. A patched version of the package is available...

6.5CVSS5.4AI score0.00204EPSS

CBLMariner•added 2026/06/10 2:46 a.m.•7 views

CVE-2026-39833 affecting package docker-compose for versions less than 2.27.0-13

CVE-2026-39833 affecting package docker-compose for versions less than 2.27.0-13. A patched version of the package is available...

9.1CVSS5.4AI score0.00299EPSS

6.1CVSS5.4AI score0.00236EPSS

CVE-2026-42502 affecting package docker-compose for versions less than 2.27.0-13

CVE-2026-42502 affecting package docker-compose for versions less than 2.27.0-13. A patched version of the package is available...

6.5CVSS5.4AI score0.00204EPSS

CVE-2026-39827 affecting package docker-buildx for versions less than 0.14.0-15

CVE-2026-39827 affecting package docker-buildx for versions less than 0.14.0-15. A patched version of the package is available...

6.5CVSS5.4AI score0.0034EPSS

CVE-2026-25680 affecting package docker-compose for versions less than 2.27.0-13

CVE-2026-25680 affecting package docker-compose for versions less than 2.27.0-13. A patched version of the package is available...

CBLMariner•added 2026/06/10 2:46 a.m.•6 views

CVE-2026-25680 affecting package docker-buildx for versions less than 0.14.0-15

CVE-2026-25680 affecting package docker-buildx for versions less than 0.14.0-15. A patched version of the package is available...

6.5CVSS5.4AI score0.0034EPSS

5.3CVSS5.4AI score0.00208EPSS

CVE-2026-39835 affecting package docker-buildx for versions less than 0.14.0-15

CVE-2026-39835 affecting package docker-buildx for versions less than 0.14.0-15. A patched version of the package is available...