Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20517 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2026/06/02 2:29 p.m.6 views

Security Bulletin: Multiple Vulnerabilities in IBM Bob

Summary Multiple vulnerabilities were addressed in IBM Bob V 1.0.3 Vulnerability Details CVEID:CVE-2026-40175 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Versions prior to 1.15.0 and 0.3.1 are vulnerable to a specific gadget-style attack chain in which prototype...

9.8CVSS6.8AI score0.00175EPSS
Exploits6Affected Software1
NVD
NVDadded 2026/06/02 2:16 p.m.7 views

CVE-2026-43965

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

5.6CVSS0.00018EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/06/02 2:15 p.m.6 views

CVE-2026-48861

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in elixir-mint Mint allows HTTP Request Splitting and HTTP Request Smuggling. In lib/mint/http1/request.ex, the encoderequestline/2 function splices the caller-supplied method and target arguments directly into the HTTP/1...

2.1CVSS6AI score0.00028EPSS
Exploits0References5Affected Software1
EUVD
EUVDadded 2026/06/02 2:15 p.m.8 views

EUVD-2026-33938

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in elixir-mint Mint allows HTTP Request Splitting and HTTP Request Smuggling. In lib/mint/http1/request.ex, the encoderequestline/2 function splices the caller-supplied method and target arguments directly into the HTTP/1...

2.1CVSS6AI score0.00028EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/06/02 2:15 p.m.33 views

CVE-2026-48861 CRLF injection in HTTP/1 request line via unvalidated method in Mint

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in elixir-mint Mint allows HTTP Request Splitting and HTTP Request Smuggling. In lib/mint/http1/request.ex, the encoderequestline/2 function splices the caller-supplied method and target arguments directly into the HTTP/1...

2.1CVSS0.00028EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/06/02 2:15 p.m.7 views

CVE-2026-48861 CRLF injection in HTTP/1 request line via unvalidated method in Mint

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in elixir-mint Mint allows HTTP Request Splitting and HTTP Request Smuggling. In lib/mint/http1/request.ex, the encoderequestline/2 function splices the caller-supplied method and target arguments directly into the HTTP/1...

2.1CVSS6AI score0.00028EPSS
Exploits0References4
CVE
CVEadded 2026/06/02 2:15 p.m.9 views

CVE-2026-48861

The CVE describes a CRLF injection risk in elixir-mint Mint through the HTTP/1 request line construction. Specifically, encode_request_line/2 directly embeds caller-supplied method and target into the line, allowing an attacker to terminate the line and inject headers, enabling HTTP request split...

2.1CVSS6AI score0.00028EPSS
Exploits0References4
OSV
OSVadded 2026/06/02 2:15 p.m.6 views

EEF-CVE-2026-48861 CRLF injection in HTTP/1 request line via unvalidated method in Mint

Summary Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in elixir-mint Mint allows HTTP Request Splitting and HTTP Request Smuggling. In lib/mint/http1/request.ex, the encoderequestline/2 function splices the caller-supplied method and target arguments directly into the...

2.1CVSS6AI score0.00028EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/06/02 1:41 p.m.35 views

CVE-2026-43965 Path Traversal in build/packages/packages.toml Allows Arbitrary Directory Deletion

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

5.6CVSS0.00018EPSS
Exploits0References4
EUVD
EUVDadded 2026/06/02 1:41 p.m.6 views

EUVD-2026-33926

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

5.6CVSS5.9AI score0.00018EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/06/02 1:41 p.m.8 views

CVE-2026-43965

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

5.6CVSS5.9AI score0.00018EPSS
Exploits0References5
CVE
CVEadded 2026/06/02 1:41 p.m.23 views

CVE-2026-43965

Gleam path traversal vulnerability CVE-2026-43965 allows arbitrary directory deletion via malicious build/packages/packages.toml content. During deps download, package keys read from build/packages/packages.toml are passed to path construction without validation, enabling absolute or relative tra...

5.6CVSS5.9AI score0.00018EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/06/02 1:41 p.m.6 views

CVE-2026-43965 Path Traversal in build/packages/packages.toml Allows Arbitrary Directory Deletion

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

5.6CVSS5.9AI score0.00018EPSS
Exploits0References4
OSV
OSVadded 2026/06/02 1:41 p.m.5 views

EEF-CVE-2026-43965 Path Traversal in build/packages/packages.toml Allows Arbitrary Directory Deletion

Summary Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to...

5.6CVSS5.9AI score0.00018EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletinsadded 2026/06/02 12:17 p.m.8 views

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl, axios-1.13.5.tgz, protobufjs-7.3.2.tgz and axios-1.15.0.tgz which are vulnerable to CVE-2026-34073, CVE-2026-39892, CVE-2025-62718, CVE-2026-40175, PSIRT-WS-2026-0004, CVE-2026-41242, CVE-2026-42033,...

7.5CVSS6.2AI score0.00096EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/06/02 11:26 a.m.11 views

Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by multiple axios vulnerabilities (CVE-2026-42033 through CVE-2026-42044).

Summary Multiple vulnerabilities in the axios HTTP client library CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042, CVE-2026-42043, CVE-2026-42044 used by IBM InfoSphere Optim Archive...

10CVSS6AI score0.00188EPSS
Exploits12Affected Software1
OSV
OSVadded 2026/06/02 10:16 a.m.5 views

DEBIAN-CVE-2026-5422

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

8.1CVSS5.8AI score0.00044EPSS
Exploits1References1
NVD
NVDadded 2026/06/02 10:16 a.m.11 views

CVE-2026-5422

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

8.1CVSS0.00044EPSS
Exploits1References1
OSV
OSVadded 2026/06/02 10:16 a.m.5 views

UBUNTU-CVE-2026-5422

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

8.1CVSS6.5AI score0.00044EPSS
Exploits1References3
Debian CVE
Debian CVEadded 2026/06/02 9:11 a.m.6 views

CVE-2026-5422

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

8.1CVSS6.7AI score0.00044EPSS
Exploits1
Rows per page
Query Builder