Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20940 matches found

ATTACKERKB
ATTACKERKBadded 2026/01/22 12:0 a.m.3 views

CVE-2025-69612

A path traversal vulnerability exists in TMS Management Console version 6.3.7.27386.20250818 from TMS Global Software. The "Download Template" function in the profile dashboard does not neutralize directory traversal sequences ../ in the filePath parameter, allowing authenticated users to read...

6.5CVSS5.5AI score0.00875EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2026/01/22 12:0 a.m.10 views

PT-2026-4308

Name of the Vulnerable Software and Affected Versions Copilot affected versions not specified Description An issue exists in Copilot where improper neutralization of escape, meta, or control sequences can allow an unauthorized attacker to disclose information over a network. The issue involves th...

7.4CVSS5.3AI score0.00503EPSS
Exploits0References6
CNNVD
CNNVDadded 2026/01/22 12:0 a.m.5 views

Microsoft 365 Word Copilot security vulnerabilities

Microsoft 365 Word Copilot is an AI assistant developed by the American company Microsoft. There is a security vulnerability in Microsoft 365 Word Copilot, which stems from improper handling of escaped sequences, meta-sequences, or control sequences. Attackers can exploit this vulnerability to le...

7.4CVSS5.8AI score0.00503EPSS
Exploits0References1
CVE
CVEadded 2026/01/22 12:0 a.m.13 views

CVE-2025-69612

A path traversal vulnerability exists in TMS Management Console (version 6.3.7.27386.20250818) from TMS Global Software. The Download Template function in the profile dashboard does not neutralize directory traversal sequences (../) in the filePath parameter, allowing authenticated users to read ...

6.5CVSS5.7AI score0.00875EPSS
Exploits1References3Affected Software1
Packet Storm
Packet Stormadded 2026/01/22 12:0 a.m.138 views

📄 Malwarebytes Anti-Malware 2.x Privilege Escalation

This advisory hosts useful analysis of older research from 2016, when Google's Project Zero discovered multiple security issues in MalwareBytes Anti-Malware version 2.x. The software suffered from a combination of security flaws that allowed attackers to remotely tamper with...

6.1AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/01/22 12:0 a.m.7 views

CONTEX-T: Contextual Privacy Exploitation Via Transformer Spectral Analysis for IoT Device Fingerprinting

The rapid expansion of internet of things IoT devices have created a pervasive ecosystem where encrypted wireless communications serve as the primary privacy and security protection mechanism. While encryption effectively protects message content, packet metadata and statistics inadvertently expo...

5.9AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: unbound (CVE-2024-43167)

The version of unbound installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43167 advisory. - DISPUTE NOTE: this issue does not pose a security risk as it according to analysis by the original software...

2.8CVSS5.6AI score0.00363EPSS
Exploits0References2
OpenVAS
OpenVASadded 2026/01/22 12:0 a.m.9 views

SUSE: Security Advisory (SUSE-SU-2026:20084-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.6CVSS7.1AI score0.66535EPSS
Exploits4References6
Tenable Nessus
Tenable Nessusadded 2026/01/22 12:0 a.m.4 views

CBL Mariner 2.0 Security Update: CBL-Mariner Releases (CVE-2025-65082)

The version of CBL-Mariner Releases installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-65082 advisory. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP...

6.5CVSS5.6AI score0.00758EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2025-65082)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-65082 advisory. - Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP...

6.5CVSS5.6AI score0.00758EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38236)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38236 advisory. - In the Linux kernel, the following vulnerability has been resolved: afunix: Don't leave consecutive consume...

7.8CVSS5.3AI score0.00247EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/01/22 12:0 a.m.7 views

Azure Linux 3.0 Security Update: util-linux (CVE-2024-28085)

The version of util-linux installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28085 advisory. - wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to...

3.3CVSS5.5AI score0.02242EPSS
Exploits3References2
Positive Technologies
Positive Technologiesadded 2026/01/22 12:0 a.m.10 views

PT-2026-3947

A path traversal vulnerability exists in TMS Management Console version 6.3.7.27386.20250818 from TMS Global Software. The "Download Template" function in the profile dashboard does not neutralize directory traversal sequences ../ in the filePath parameter, allowing authenticated users to read...

6.5CVSS5.7AI score0.00875EPSS
Exploits1References4
GithubExploit
GithubExploitadded 2026/01/21 7:6 p.m.154 views

gotham-recon

Documentation Complete du Systeme d'Agents CrewAI Guide t...

6.2AI score
Exploits0
SUSE CVE
SUSE CVEadded 2026/01/21 12:20 a.m.3 views

SUSE CVE-2026-23949

jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the jaraco.context.tarball function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow attackers to extract file...

7.4CVSS5.5AI score0.00527EPSS
Exploits1References4
OSV
OSVadded 2026/01/20 5:54 p.m.2 views

GHSA-54WQ-72MP-CQ7C Mailpit has an SMTP Header Injection via Regex Bypass

Vulnerability Report: SMTP Header Injection via Regex Bypass Vulnerable Code: mailpit/internal/smtpd/smtpd.go Executive Summary Mailpit's SMTP server is vulnerable to Header Injection due to an insufficient Regular Expression used to validate RCPT TO and MAIL FROM addresses. An attacker can injec...

5.3CVSS5.9AI score0.01441EPSS
Exploits4References5
Github Security Blog
Github Security Blogadded 2026/01/20 5:54 p.m.10 views

Mailpit has an SMTP Header Injection via Regex Bypass

Vulnerability Report: SMTP Header Injection via Regex Bypass Vulnerable Code: mailpit/internal/smtpd/smtpd.go Executive Summary Mailpit's SMTP server is vulnerable to Header Injection due to an insufficient Regular Expression used to validate RCPT TO and MAIL FROM addresses. An attacker can injec...

5.3CVSS5.8AI score0.01441EPSS
Exploits4References5Affected Software1
NVD
NVDadded 2026/01/20 1:15 a.m.5 views

CVE-2026-23949

jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the jaraco.context.tarball function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow attackers to extract file...

8.6CVSS0.00527EPSS
Exploits1References4
OSV
OSVadded 2026/01/20 1:15 a.m.5 views

DEBIAN-CVE-2026-23949

jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the jaraco.context.tarball function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow attackers to extract file...

8.6CVSS5.4AI score0.00527EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2026/01/20 1:15 a.m.4 views

CVE-2026-23949

jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the jaraco.context.tarball function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow attackers to extract file...

8.6CVSS7.2AI score0.00527EPSS
Exploits1References5
Rows per page
Query Builder