CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

Tenable Nessus•added 2026/06/03 12:0 a.m.•13 views

Linux Distros Unpatched Vulnerability : CVE-2026-44573

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. From 12.2.0 to before 15.5.16 and 16.2.5, Applications using the Pages Router with i18n...

7.5CVSS5.8AI score0.00351EPSS

Exploits1References2

Tenable Nessus•added 2026/05/15 12:0 a.m.•6 views

Next.js Framework 12.2.x < 15.5.16 / 16.x < 16.2.5 Information Disclosure

The Next.js Framework on the remote host is affected by an information disclosure vulnerability: - Applications using the Pages Router with i18n configured and middleware/proxy-based authorization can allow unauthorized access to protected page data through locale-less /next/data//.json requests...

7.5CVSS5.8AI score0.00351EPSS

Exploits1References2

Positive Technologies•added 2026/05/09 12:0 a.m.•18 views

PT-2026-39417

Name of the Vulnerable Software and Affected Versions Next.js versions 12.2.0 through 15.5.15 Next.js versions 16.0.0 through 16.2.4 Description An external client can send an x-nextjs-data header on a request to a path handled by middleware that returns a redirect. This causes the middleware or...

3.7CVSS5.8AI score0.00195EPSS

Exploits0References8

Positive Technologies•added 2026/05/09 12:0 a.m.•19 views

PT-2026-39412

Name of the Vulnerable Software and Affected Versions Next.js versions 13.0.0 through 15.5.15 Next.js versions 16.0.0 through 16.2.4 Description Applications using beforeInteractive scripts combined with untrusted content are susceptible to cross-site scripting XSS, a flaw where malicious scripts...

6.1CVSS5.8AI score0.00205EPSS

Exploits0References9

Positive Technologies•added 2026/05/09 12:0 a.m.•14 views

PT-2026-39418

Name of the Vulnerable Software and Affected Versions Next.js versions 14.2.0 through 15.5.15 Next.js versions 16.0.0 through 16.2.4 Description Applications using React Server Components RSC are susceptible to cache poisoning when shared caches fail to correctly partition response variants. An...

5.4CVSS5.8AI score0.0025EPSS

Exploits0References8

Positive Technologies•added 2026/05/09 12:0 a.m.•15 views

PT-2026-39411

Name of the Vulnerable Software and Affected Versions Next.js versions prior to 15.5.16 Next.js versions prior to 16.2.5 Description Applications utilizing Partial Prerendering via the Cache Components feature are susceptible to connection exhaustion. A crafted POST request to a server action can...

7.5CVSS5.5AI score0.00461EPSS

Exploits1References12

Circl•added 2026/05/08 12:9 p.m.•8 views

CVE-2026-44573

creationtimestamp| type| source ---|---|--- 2026-05-08 12:09:44+00:00| seen| https://www.acn.gov.it/portale/w/next.js-aggiornamenti-di-sicurezza-1 2026-05-11 06:42:58+00:00| published-proof-of-concept| https://t.me/htfgtps/1107 2026-06-05 13:43:59+00:00| seen|...

7.5CVSS5.3AI score0.00351EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•7 views

EUVD-2024-44573

Malicious code in bioql PyPI...

5.5CVSS7.2AI score0.00234EPSS

Exploits0References4

Circl•added 2024/09/11 7:32 p.m.•7 views

CVE-2024-44573

creationtimestamp| type| source ---|---|--- 2024-09-11 19:32:39+00:00| seen| https://t.me/cvedetector/5394...

4.7CVSS4.8AI score0.00267EPSS

Exploits0References1

RedhatCVE•added 2022/02/22 4:20 a.m.•33 views

CVE-2021-44573

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority for the following reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3200 Reason: This candidate is a duplicate of CVE-2021-3200. Notes: All CVE users should reference CVE-2021-3200 instead of this candidate. Al...

4.3CVSS6.7AI score0.01313EPSS

Exploits1References3