Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

RedhatCVE
RedhatCVEadded 2026/03/27 5:9 p.m.0 views

CVE-2026-26074

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::map corruption. The trigger is CSMS GetLog/UpdateFirmware request network with an EVSE fault event physical. This results in TSAN reports concurrent access data race to eventqueue...

7CVSS5.9AI score0.00047EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/26 4:19 p.m.1 views

CVE-2026-26074 EVerest: OCPP201 startup event_queue lock mismatch leads to std::map/std::queue data race

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to possible std::map corruption. The trigger is CSMS GetLog/UpdateFirmware request network with an EVSE fault event physical. This results in TSAN reports concurrent access data race to eventqueue...

7CVSS5.8AI score0.00047EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 10:42 a.m.5 views

CVE-2022-26074

Incomplete cleanup in a firmware subsystem for IntelR SPS before versions SPSE304.08.04.330.0 and SPSE304.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access...

4.4CVSS6.6AI score0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/07/02 12:16 a.m.3 views

CVE-2025-26074

Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS commands through unrestricted access to Java classes...

9.8CVSS8.3AI score0.00677EPSS
Exploits0References1
NVD
NVDadded 2025/06/30 5:15 p.m.2 views

CVE-2025-26074

Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS commands through unrestricted access to Java classes...

9.8CVSS0.00677EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/06/30 12:0 a.m.2 views

CVE-2025-26074

Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS commands through unrestricted access to Java classes...

7.7AI score0.00677EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/06/30 12:0 a.m.6 views

CVE-2025-26074

Orkes Conductor v3.21.11 allows remote attackers to execute arbitrary OS commands through unrestricted access to Java classes...

0.00677EPSS
Exploits0References3
Circl
Circladded 2025/02/14 10:6 a.m.4 views

CVE-2021-26074

creationtimestamp| type| source ---|---|--- 2025-02-14 10:06:00+00:00| seen| Telegram/Gy8l23wdPnFD1Pa76Ykcr9fObz0ut58GhtPOESYTUzhwVasv...

6.5CVSS4.8AI score0.00258EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/02/05 1:39 p.m.11 views

CVE-2020-26074

A vulnerability in system file transfer functions of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to gain escalated privileges on the underlying operating system. The vulnerability is due to improper validation of path input to the system file transfer functions. An...

7.8CVSS6.7AI score0.00083EPSS
Exploits0
Circl
Circladded 2024/11/18 4:0 p.m.4 views

CVE-2020-26074

creationtimestamp| type| source ---|---|--- 2024-11-18 16:00:24+00:00| seen| https://infosec.exchange/users/cve/statuses/113504788393702796...

7.8CVSS6.8AI score0.00083EPSS
Exploits0References1
CVE
CVEadded 2024/06/13 7:53 a.m.61 views

CVE-2024-26074

Adobe Experience Manager (AEM) 6.5.20 and earlier are affected by a stored XSS vulnerability (CVE-2024-26074) in vulnerable form fields, allowing injected JavaScript to run in a victim’s browser. Remediation: upgrade to 6.5.21 or later (per APSB24-28). The CVSS v3.1 base score is 5.4 (Medium). If...

5.4CVSS5.3AI score0.01615EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2024/06/13 7:53 a.m.19 views

CVE-2024-26074 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

5.4CVSS0.01615EPSS
Exploits0References1
Circl
Circladded 2023/03/13 3:53 p.m.4 views

CVE-2023-26074

creationtimestamp| type| source ---|---|--- 2023-03-13 15:53:17+00:00| seen| https://t.me/cibsecurity/59883 2023-03-16 18:07:00+00:00| seen| https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html 2023-03-16 22:39:30+00:00| published-proof-of-concept|...

9.8CVSS8.7AI score0.01357EPSS
Exploits0References3
CVE
CVEadded 2023/03/13 12:0 a.m.89 views

CVE-2023-26074

CVE-2023-26074 is a heap-based buffer overflow in the 5G MM message codec of Samsung Exynos mobile/baseband modems (including Exynos 850/980/1080/1280/2200 and Exynos Modem 5123/5300; Exynos Auto T5123 is mentioned in related material). Root cause: insufficient parameter validation when decoding ...

9.8CVSS9.6AI score0.01357EPSS
Exploits0References7Affected Software1
Circl
Circladded 2022/08/19 12:22 a.m.1 views

CVE-2022-26074

creationtimestamp| type| source ---|---|--- 2022-08-19 00:22:57+00:00| seen| https://t.me/cibsecurity/48413...

4.4CVSS4.6AI score0.0014EPSS
Exploits0References1
NVD
NVDadded 2022/08/18 8:15 p.m.12 views

CVE-2022-26074

Incomplete cleanup in a firmware subsystem for IntelR SPS before versions SPSE304.08.04.330.0 and SPSE304.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access...

4.4CVSS0.0014EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2022/08/18 7:56 p.m.3 views

CVE-2022-26074

Incomplete cleanup in a firmware subsystem for IntelR SPS before versions SPSE304.08.04.330.0 and SPSE304.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access...

6.6AI score0.0014EPSS
Exploits0References2
CVE
CVEadded 2022/08/18 7:56 p.m.54 views

CVE-2022-26074

CVE-2022-26074 concerns Intel SPS firmware: incomplete cleanup in a firmware subsystem may allow a privileged user to cause a local DoS. Affected products are Intel SPS before SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0. The Red Hat advisory and Intel INTEL-SA-00669 confirm the issue and reme...

4.4CVSS4.4AI score0.0014EPSS
Exploits0References2Affected Software1
Intel
Inteladded 2022/08/09 12:0 a.m.21 views

2022.2 IPU - Intel® Chipset Firmware Advisory

Summary: A potential security vulnerability in the Intel® Server Platform Services SPS firmware may allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2022-26074 Description: Incomplete cleanup in a firmware...

4.4CVSS4.5AI score0.0014EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2021/04/16 3:0 a.m.7 views

CVE-2021-26074

Broken Authentication in Atlassian Connect Spring Boot ACSB from version 1.1.0 before version 2.1.3: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a...

6.4AI score0.00258EPSS
Exploits0References2
Rows per page
Query Builder