CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33 matches found

NVD•added 2026/05/29 6:17 p.m.•9 views

CVE-2026-47179

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.4, ProjectService.GetProjectFileContent returns the contents of any Docker Compose include directive declared in a project's compose file before any path-traversal validation runs. Because...

7.7CVSS0.00056EPSS

Exploits0References2

EUVD•added 2026/05/29 5:6 p.m.•8 views

EUVD-2026-33369

7.7CVSS6AI score0.00056EPSS

Exploits0References2

CVE•added 2026/05/29 5:6 p.m.•18 views

CVE-2026-47179

Summary: Arcane exposes an authenticated arbitrary host-file read via Docker Compose include directives. Prior to version 1.19.4, GetProjectFileContent could read any include file declared in a project’s compose file, even outside the project, because CreateProject bypassed include-path validatio...

7.7CVSS6AI score0.00056EPSS

Exploits0References2

CNNVD•added 2026/05/29 12:0 a.m.•5 views

arcane 路径遍历漏洞

Arcane is an open-source Docker management software developed by Arcane. Versions of Arcane prior to 1.19.4 contained a path traversal vulnerability. This vulnerability stemmed from ProjectService.GetProjectFileContent returning Docker Compose containing instructions before performing path...

7.7CVSS5.9AI score0.00056EPSS

Exploits0References2

RedHat Linux•added 2026/05/26 2:49 p.m.•11 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.19.4 security update

Important: Red Hat OpenShift GitOps v1.19.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions...

9.8CVSS6.6AI score0.00046EPSS

Exploits4References7

OSV•added 2026/05/21 8:13 a.m.•0 views

CLEANSTART-2026-BN28456 Security fixes for CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-32952, CVE-2026-33186, CVE-2026-33810, CVE-2026-33811, CVE-2026-33814, CVE-2026-34986, CVE-2026-39820, CVE-2026-39823, CVE-2026-39825, CVE-2026-39826, CVE-2026-39836, CVE-2026-39883, CVE-2026-42499, ghsa-78h2-9frx-2jm8, ghsa-p77j-4mvh-x3m3 applied in versions: 1.19.4-r0, 1.19.4-r1, 1.19.4-r2

Multiple security vulnerabilities affect the cert-manager package. These issues are resolved in later releases. See references for individual vulnerability details...

9.1CVSS6.8AI score0.0007EPSS

Exploits2References39

VulnCheck KEV•added 2026/04/23 12:0 a.m.•6 views

VulnCheck KEV: CVE-2026-23541

Missing Authorization vulnerability in WPFunnels Mail Mint mail-mint allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mail Mint: from n/a through = 1.19.4...

7.5CVSS5.2AI score0.00047EPSS

In wildExploits0References3

RedhatCVE•added 2026/02/20 1:26 p.m.•4 views

CVE-2026-23541

Missing Authorization vulnerability in WPFunnels Mail Mint mail-mint allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mail Mint: from n/a through = 1.19.4...

7.5CVSS5.5AI score0.00047EPSS

Exploits0References1

NVD•added 2026/02/19 9:16 a.m.•4 views

CVE-2026-23541

Missing Authorization vulnerability in WPFunnels Mail Mint mail-mint allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mail Mint: from n/a through = 1.19.4...

7.5CVSS0.00047EPSS

Exploits0References1

CVE•added 2026/02/19 8:26 a.m.•8 views

CVE-2026-23541

CVE-2026-23541 is a Missing Authorization vulnerability in the WordPress plugin Mail Mint (Mail Mint: 1.19.4 and earlier). The issue arises from functionality being accessible without proper ACL constraints, enabling access to previously restricted features. Documented impact indicates a broken a...

7.5CVSS5.5AI score0.00047EPSS

In wildExploits0References1

Positive Technologies•added 2026/02/19 12:0 a.m.•4 views

PT-2026-20659

Missing Authorization vulnerability in WPFunnels Mail Mint mail-mint allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mail Mint: from n/a through = 1.19.4...

5.5AI score0.00047EPSS

Exploits0References1

Patchstack•added 2026/02/18 8:56 a.m.•4 views

WordPress Mail Mint plugin <= 1.19.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Denver Jackson in WordPress Plugin Mail Mint versions = 1.19.4...

5.4AI score0.00047EPSS

Exploits0Affected Software1

RedHat Linux•added 2025/12/09 10:9 a.m.•3 views

Important: Red Hat Security Advisory: Red Hat OpenShift Pipelines Release 1.19.4

The 1.19.4 GA release of Red Hat OpenShift Pipelines Operator.. For more details see product documentation. The 1.19.4 release of Red Hat OpenShift Pipelines Operator...

9.1CVSS6.9AI score0.00416EPSS

Exploits3References7

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-5240

Malware in sbrugna...

7.8CVSS7.7AI score0.00127EPSS

Exploits0References13

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-2029

Malicious code in bioql PyPI...

4.4CVSS4AI score0.00113EPSS

Exploits1References5

RedhatCVE•added 2025/05/23 3:57 a.m.•5 views

CVE-2023-3515

Open Redirect in GitHub repository go-gitea/gitea prior to 1.19.4...

4.4CVSS6.7AI score0.00113EPSS

Exploits1

Tenable Nessus•added 2024/11/14 12:0 a.m.•6 views

Fedora 37 : golang (2022-3b4c68d85d)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-3b4c68d85d advisory. go1.19.4 released 2022-12-06 includes security fixes to the net/http and os packages, as well as bug fixes to the compiler, the runtime, and the crypto/x509,...

5.6AI score

Exploits0References1

OSV•added 2024/02/29 1:44 a.m.•2 views

AZL-35454 CVE-2024-26461 affecting package krb5 for versions less than 1.19.4-3

Kerberos 5 aka krb5 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c...

7.5CVSS6.7AI score0.00081EPSS

Exploits1References1