Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

117 matches found

AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.2 views

Astra Linux - уязвимость в containerd

Containerd is an open-source container runtime. A bug was discovered in the CRI implementation of Containerd, where programs within a container can cause the Containerd daemon to consume memory indefinitely during the invocation of the ExecSync API. This can result in Containerd consuming all...

5.5CVSS6.3AI score0.00158EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/04/13 7:24 p.m.0 views

CVE-2026-39606

Missing Authorization vulnerability in Foysal Imran BizReview bizreview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizReview: from n/a through = 1.5.13...

5.3CVSS5.8AI score0.0004EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/08 9:31 a.m.1 views

EUVD-2026-20238

Missing Authorization vulnerability in Foysal Imran BizReview bizreview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizReview: from n/a through = 1.5.13...

5.9AI score0.0004EPSS
Exploits0References2
NVD
NVDadded 2026/04/08 9:16 a.m.0 views

CVE-2026-39606

Missing Authorization vulnerability in Foysal Imran BizReview bizreview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizReview: from n/a through = 1.5.13...

5.3CVSS0.0004EPSS
Exploits0References1
CVE
CVEadded 2026/04/08 8:30 a.m.1 views

CVE-2026-39606

CVE-2026-39606 concerns the WordPress BizReview plugin (

5.3CVSS5.9AI score0.0004EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/08 8:30 a.m.0 views

CVE-2026-39606 WordPress BizReview plugin <= 1.5.13 - Broken Access Control vulnerability

Missing Authorization vulnerability in Foysal Imran BizReview bizreview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizReview: from n/a through = 1.5.13...

5.8AI score0.0004EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/08 12:0 a.m.1 views

PT-2026-31171

CVE-2026-39606 Missing Authorization vulnerability in Foysal Imran BizReview bizreview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Biz… https://t.co/TGgxdmzsNS...

5.8AI score0.0004EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/02/12 12:25 a.m.1 views

SUSE CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.4AI score0.00085EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/02/11 1:16 p.m.3 views

CVE-2026-25957

Cube is a semantic layer for building data applications. From 1.1.17 to before 1.5.13 and 1.4.2, it is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoint. This vulnerability is fixed in 1.5.13 and 1.4.2...

6.5CVSS5.5AI score0.0002EPSS
Exploits0References1
NVD
NVDadded 2026/02/11 5:16 a.m.4 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS0.00085EPSS
Exploits0References9
OSV
OSVadded 2026/02/11 5:16 a.m.2 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.4AI score
Exploits0References9
OSV
OSVadded 2026/02/11 5:16 a.m.1 views

UBUNTU-CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.8AI score0.00085EPSS
Exploits0References12
CVE
CVEadded 2026/02/11 4:27 a.m.14 views

CVE-2026-26079

CVE-2026-26079 affects Roundcube Webmail prior to 1.5.13 and 1.6 prior to 1.6.13. The issue is a CSS injection caused by mishandled comments, enabling styling-based manipulation. Affected component: Roundcube Webmail frontend codebase. Root cause: improper handling of comments leading to CSS inje...

4.7CVSS5.4AI score0.00085EPSS
Exploits0References9
Cvelist
Cvelistadded 2026/02/11 4:27 a.m.26 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS0.00085EPSS
Exploits0References9
Vulnrichment
Vulnrichmentadded 2026/02/11 4:27 a.m.1 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.4AI score0.00085EPSS
Exploits0References9
CNNVD
CNNVDadded 2026/02/11 12:0 a.m.3 views

Roundcube Webmail 安全漏洞

Roundcube Webmail is an open-source browser-based IMAP client developed by Roundcube. It supports address book management, information search, spelling checking, and more. Versions of Roundcube Webmail prior to 1.5.13 and 1.6.13 had security vulnerabilities, which were caused by improper handling...

4.7CVSS5.8AI score0.00085EPSS
Exploits0References9
UbuntuCve
UbuntuCveadded 2026/02/11 12:0 a.m.1 views

CVE-2026-26079

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13 allows Cascading Style Sheets CSS injection, e.g., because comments are mishandled...

4.7CVSS5.8AI score0.00085EPSS
Exploits0References11
OSV
OSVadded 2026/02/10 12:29 a.m.3 views

GHSA-9VPH-2HVM-X66G Cube Core is vulnerable to Denial of Service (DoS) via crafted request

Impact It is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoint. Affected Versions: = 1.1.17 Mitigation: Upgrade to a patched version: - 1.5.13 and later regular release - 1.4.2 active LTS release References The issue was reported by...

6.5CVSS5.5AI score0.0002EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2026/02/10 12:29 a.m.7 views

Cube Core is vulnerable to Denial of Service (DoS) via crafted request

Impact It is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoint. Affected Versions: = 1.1.17 Mitigation: Upgrade to a patched version: - 1.5.13 and later regular release - 1.4.2 active LTS release References The issue was reported by...

6.5CVSS5.5AI score0.0002EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVEadded 2026/02/10 12:23 a.m.1 views

SUSE CVE-2026-25916

Roundcube Webmail before 1.5.13 and 1.6 before 1.6.13, when "Block remote images" is used, does not block SVG feImage...

4.3CVSS5.5AI score0.00039EPSS
Exploits2References3
Rows per page
Query Builder