Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

NVD
NVDadded 2025/09/04 6:15 p.m.3 views

CVE-2025-26450

In onInputEvent of IInputMethodSessionWrapper.java, there is a possible way for an untrusted app to inject key and motion events to the default IME due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...

7.8CVSS0.00008EPSS
Exploits0References2
Circl
Circladded 2025/09/04 5:26 p.m.2 views

CVE-2025-26450

creationtimestamp| type| source ---|---|--- 2025-09-04 17:26:06+00:00| seen| Telegram/Mnmg0Q7-YBYrNpfcny9B6KyKifoBE6HVymaPrHa3Fhgghm4...

7.8CVSS4.8AI score0.00008EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/23 5:37 a.m.4 views

CVE-2023-26450

The "OX Count" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker...

5.4CVSS7.3AI score0.00188EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 10:34 p.m.3 views

CVE-2022-26450

In apusys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07177801; Issue ID: ALPS07177801...

6.4CVSS7.2AI score0.00014EPSS
Exploits0References1
Circl
Circladded 2024/02/28 11:27 p.m.2 views

CVE-2024-26450

creationtimestamp| type| source ---|---|--- 2024-02-28 23:27:07+00:00| seen| https://t.me/ctinow/195976...

5.4CVSS4.8AI score0.00455EPSS
Exploits0References1
CVE
CVEadded 2024/02/28 12:0 a.m.6532 views

CVE-2024-26450

CVE-2024-26450 affects Piwigo versions prior to 14.2.0. The vulnerability chains a Cross-Site Request Forgery to trigger a Stored XSS payload in an Admin dashboard, enabling remote JavaScript execution and the upload of a PHP file under an administrator profile, which can be used to connect back ...

5.4CVSS6.2AI score0.00455EPSS
Exploits0References1Affected Software1
Circl
Circladded 2023/08/02 4:39 p.m.2 views

CVE-2023-26450

creationtimestamp| type| source ---|---|--- 2023-08-02 16:39:15+00:00| seen| https://t.me/cibsecurity/67577...

5.4CVSS5.5AI score0.00188EPSS
Exploits0References1
CVE
CVEadded 2023/08/02 12:23 p.m.2494 views

CVE-2023-26450

Open-Xchange CVE-2023-26450 affects the OX Count web service in Open-Xchange AppSuite. The root cause is that the OX Count service did not specify a media-type when processing responses from external resources, enabling malicious script code to execute in the victim’s context and potentially lead...

5.4CVSS5.8AI score0.00188EPSS
Exploits0References4Affected Software1
Circl
Circladded 2022/09/06 10:19 p.m.2 views

CVE-2022-26450

creationtimestamp| type| source ---|---|--- 2022-09-06 22:19:29+00:00| seen| https://t.me/cibsecurity/49355...

6.4CVSS6.3AI score0.00014EPSS
Exploits0References1
CVE
CVEadded 2022/09/06 5:19 p.m.50 views

CVE-2022-26450

CVE-2022-26450 affects MediaTek Apusys. The vulnerability is a use-after-free caused by a race condition in apusys that can lead to local escalation of privileges with System execution privileges required; exploitation does not require user interaction. The issue is documented across multiple sou...

6.4CVSS6.6AI score0.00014EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder