Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

59 matches found

Nuclei
Nucleiadded 10 hours ago7 views

Langflow <= 1.8.4 - Path Traversal to RCE via File Upload

The application contains a path traversal vulnerability caused by unsanitized 'filename' parameter in the 'POST /api/v2/files' multipart form data, letting attackers write files to arbitrary filesystem locations, exploit requires crafted request. id: CVE-2026-5027 info: name: Langflow = 1.8.4 -...

8.8CVSS6.2AI score0.02104EPSS
Exploits4References3
GithubExploit
GithubExploitadded 2026/06/10 7:18 p.m.115 views

Exploit for CVE-2026-5027

CV...

8.8CVSS5.7AI score0.02104EPSS
Exploits4
VulnCheck KEV
VulnCheck KEVadded 2026/06/08 12:0 a.m.18 views

VulnCheck KEV: CVE-2026-5027

The 'POST /api/v2/files' endpoint does not sanitize the 'filename' parameter from the multipart form data, allowing an attacker to write files to arbitrary locations on the filesystem using path traversal sequences '../'...

8.8CVSS5.6AI score0.02104EPSS
In wildExploits4References18
vulnersOsv
vulnersOsvadded 2026/03/27 5:31 p.m.24 views

langflow-nightly (=1.8.0.dev24) potentially affected by CVE-2026-5027 via langflow-base (=0.7.2)

langflow-base PYPI version =0.7.2 is affected by a known vulnerability. The following packages have a transitive dependency on langflow-base and may be impacted: - langflow-nightly =1.8.0.dev24 Source cves: CVE-2026-5027 Source advisory: SNYK:PYTHON-LANGFLOWBASE-15842030...

8.8CVSS5.8AI score0.02104EPSS
Exploits4
Circl
Circladded 2026/03/27 5:23 p.m.4 views

CVE-2026-5027

creationtimestamp| type| source ---|---|--- 2026-03-27 17:23:12+00:00| published-proof-of-concept| Telegram/kHfLfkapUcGKUVgufiQubAbscQMrKjcom26lkyfAO4Fyc 2026-03-27 18:20:00+00:00| seen| https://infosec.exchange/users/AAKL/statuses/116302518672297608 2026-03-27 23:00:43+00:00| seen|...

8.8CVSS6AI score0.02104EPSS
Exploits4References47
RedhatCVE
RedhatCVEadded 2025/05/23 4:29 a.m.5 views

CVE-2023-5027

A vulnerability classified as critical was found in SourceCodester Simple Membership System 1.0. Affected by this vulnerability is an unknown functionality of the file clubvalidator.php. The manipulation of the argument club leads to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS7.4AI score0.00533EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/05/22 6:21 a.m.6 views

CVE-2013-5027

Collabtive 1.0 has incorrect access control...

9.8CVSS7AI score0.01253EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2025/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2016-5027

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dwarfform.c in libdwarf 20160115 allows remote attackers to cause a denial of service crash via a crafted elf file. CVE-2016-5027 Note that Nessus relies on the...

5.5CVSS6.2AI score0.01505EPSS
Exploits0References3
Circl
Circladded 2024/06/01 10:7 p.m.3 views

CVE-2024-5027

creationtimestamp| type| source ---|---|--- 2024-06-01 22:07:36+00:00| seen| https://t.me/theninjaway1337/1639...

4.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2024/05/11 12:0 a.m.21 views

RHEL 7 : libdwarf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libdwarf: heap-based buffer over-read in dwarfformsdata CVE-2017-9055 - The dwarfreadciefdeprefix functio...

7.7AI score0.05111EPSS
Exploits24References38
Vulnrichment
Vulnrichmentadded 2023/09/17 4:31 p.m.12 views

CVE-2023-5027 SourceCodester Simple Membership System club_validator.php sql injection

A vulnerability classified as critical was found in SourceCodester Simple Membership System 1.0. Affected by this vulnerability is an unknown functionality of the file clubvalidator.php. The manipulation of the argument club leads to sql injection. The attack can be launched remotely. The exploit...

6.5CVSS7.4AI score0.00533EPSS
Exploits1References3
Cvelist
Cvelistadded 2023/09/17 4:31 p.m.24 views

CVE-2023-5027 SourceCodester Simple Membership System club_validator.php sql injection

A vulnerability classified as critical was found in SourceCodester Simple Membership System 1.0. Affected by this vulnerability is an unknown functionality of the file clubvalidator.php. The manipulation of the argument club leads to sql injection. The attack can be launched remotely. The exploit...

6.5CVSS8.1AI score0.00533EPSS
Exploits1References3
CVE
CVEadded 2023/09/17 4:31 p.m.43 views

CVE-2023-5027

CVE-2023-5027 affects SourceCodester Simple Membership System 1.0, due to an SQL injection in the club_validator.php file when manipulating the club parameter. The vulnerability allows remote exploitation and has had exploits publicly disclosed. All sources consistently describe it as a SQL injec...

7.5CVSS7AI score0.00533EPSS
Exploits1References3Affected Software1
OpenVAS
OpenVASadded 2022/08/26 12:0 a.m.17 views

Ubuntu: Security Advisory (USN-5027-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS7.1AI score0.73377EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/07/28 12:0 a.m.3 views

Synology DNS Server 路径遍历漏洞

Synology DNS Server is a DNS server from Synology China. A path traversal vulnerability exists in Synology DNS Server versions prior to 2.2.2-5027, which stems from an improper restriction of pathnames path traversal of restricted directories in the cgi component, and can be exploited by a remote...

8.1CVSS7.9AI score0.01022EPSS
Exploits0References2
Virtuozzo
Virtuozzoadded 2020/11/18 12:0 a.m.21 views

Virtuozzo Linux Errata and Bugfix Advisory 2020:5027

Upstream security update. Follow RHBA-2020:5027 for details...

2.4AI score
Exploits0
Circl
Circladded 2019/12/27 8:40 p.m.3 views

CVE-2013-5027

creationtimestamp| type| source ---|---|--- 2019-12-27 20:40:26+00:00| seen| https://t.me/cibsecurity/8889 2024-03-18 07:37:05+00:00| seen| https://t.me/ctinow/210240...

9.8CVSS7.3AI score0.01253EPSS
Exploits1References2
Cvelist
Cvelistadded 2019/12/27 5:2 p.m.27 views

CVE-2013-5027

Collabtive 1.0 has incorrect access control...

9.6AI score0.01253EPSS
Exploits1References1
CVE
CVEadded 2019/12/27 5:2 p.m.136 views

CVE-2013-5027

CVE-2013-5027 (Collabtive 1.0) is described in the HTB23169 advisory as an improper access control vulnerability. The root cause is insufficient access restrictions in the installation flow, allowing a remote attacker to abuse the /install.php script (action=step3) to create a new administrative ...

9.8CVSS9.4AI score0.01253EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2019/03/28 3:5 p.m.9 views

CVE-2019-5027

...

Exploits0
Rows per page
Query Builder