CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1445 matches found

CVE•added 2025/10/06 6:47 a.m.•7 views

CVE-2025-58578

The CVE-2025-58578 describes an API misuse where an authorized user can create an unlimited number of user accounts via a POST endpoint due to no quotas or validation. Public documents across Red Hat, NVD, CVE lists, and SICK-related advisories confirm the core issue (unbounded account creation) ...

4.3CVSS6.5AI score0.00292EPSS

Exploits0References6Affected Software1

Cvelist•added 2025/10/06 6:47 a.m.•4 views

CVE-2025-58578 Unlimited user creation by authorized users

A user with the appropriate authorization can create any number of user accounts via an API endpoint using a POST request. There are no quotas, checking mechanisms or restrictions to limit the creation...

3.8CVSS0.00292EPSS

Exploits0References6

EUVD•added 2025/10/06 6:47 a.m.•2 views

EUVD-2025-32501

3.8CVSS6.3AI score0.00292EPSS

Exploits0References7

Positive Technologies•added 2025/10/06 12:0 a.m.•4 views

PT-2025-40949

Name of the Vulnerable Software and Affected Versions YoSmart YoLink versions through 2025-10-02 Description The YoSmart YoLink API constructs an endpoint URL using a device's MAC address and an MD5 hash of non-secret information, including a key starting with cf50. The API endpoint is derived fr...

5.8CVSS6.4AI score0.00414EPSS

Exploits0References7

EUVD•added 2025/10/03 8:7 p.m.•22 views

EUVD-2025-24169

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00184EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-54903

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00616EPSS

Exploits0References3