CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/06/15 8:16 p.m.•6 views

CVE-2025-68713

8CVSS0.00284EPSS

CVE•added 2026/06/15 12:0 a.m.•10 views

CVE-2025-68713

Rakuten Send Anywhere for Android (com.estmob.android.sendanywhere, version 23.2.9) is affected. A vulnerability allows untrusted applications with no permissions to trigger arbitrary file downloads into the app’s scoped storage, with downloaded items appearing in the app’s trusted Received inter...

8CVSS6.1AI score0.00284EPSS

Cvelist•added 2026/06/15 12:0 a.m.•30 views

CVE-2025-68713

0.00284EPSS

Cvelist•added 2026/06/12 2:5 p.m.•32 views

CVE-2026-10557 Yarbo Android/iOS Mobile Application and Cloud Infrastructure Use of Hard-coded Credentials

The Yarbo Android and iOS applications contain hard-coded MQTT broker credentials that are identical for all users and all devices. These credentials are embedded in the application binary and are readily extractable via APK decompilation. The credentials provide access to cloud MQTT brokers...

9.8CVSS0.00529EPSS

Positive Technologies•added 2026/06/12 12:0 a.m.•12 views

PT-2026-48876

Name of the Vulnerable Software and Affected Versions Yarbo Android and iOS applications affected versions not specified Description The Android and iOS applications contain hard-coded MQTT broker credentials that are identical across all users and devices. These credentials, embedded in the...

9.8CVSS5.3AI score0.00529EPSS

Exploits0References6

CNNVD•added 2026/06/11 12:0 a.m.•10 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe 26.1 had a security vulnerability due to logging issues, which could allow applications access to sensitive user data...

5.5CVSS6.5AI score0.0013EPSS

CNNVD•added 2026/06/11 12:0 a.m.•9 views

Apple多款产品访问控制错误漏洞

Apple iOS, among others, are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple macOS is a specialized operating system designed for Mac computers. Apple iPadOS is an operating system for iPad tablets. Several of Apple’s products have...

5.3CVSS5.4AI score0.00302EPSS

CNNVD•added 2026/06/11 12:0 a.m.•9 views

Apple macOS 访问控制错误漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe 26.1 and earlier contained an access control error vulnerability. This vulnerability stemmed from an access issue that could allow malicious applications to acces...

5.5CVSS6.5AI score0.00112EPSS

RedhatCVE•added 2026/06/10 2:59 a.m.•8 views

CVE-2026-44754

The Remote Function Call RFC modules of the Operational Data Provisioning Data Replication API ODP-RFC are missing caller identification of permitted SAP-internal applications and are being used by customer or third-party applications in ways that are not aligned with its intended usage. Which...

Packet Storm News•added 2026/06/10 12:0 a.m.•7 views

Mind Your Key: An Empirical Study of LLM API Credential Leakage in IOS Apps

The rapid integration of large language models LLMs into mobile applications has introduced a new class of credential security risk: leaked credentials that grant unauthorized access to LLM inference services, causing financial damage to developers. Prior work on credential leakage has focused...

5.4AI score

Exploits0

IBM Security Bulletins•added 2026/06/09 2:53 p.m.•6 views

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution vulnerability (CVE-2026-9311, CVE-2026-9330)

Summary IBM WebSphere Application Server, which is bundled with IBM Cloud Pak for Applications, is affected by a remote code execution. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products and Versions|...

9CVSS6.3AI score0.00399EPSS

Exploits0Affected Software1

NVD•added 2026/06/09 1:16 a.m.•13 views

CVE-2026-44754

6.6CVSS0.00219EPSS

EUVD•added 2026/06/09 12:21 a.m.•10 views

EUVD-2026-35286

Vulnrichment•added 2026/06/09 12:21 a.m.•5 views

CVE-2026-44754 Missing caller identification check-in for ODP Data Replication APIs

Cvelist•added 2026/06/09 12:21 a.m.•38 views

CVE-2026-44754 Missing caller identification check-in for ODP Data Replication APIs

6.6CVSS0.00219EPSS

CVE•added 2026/06/09 12:21 a.m.•37 views

CVE-2026-44754

The CVE-2026-44754 issue affects SAP’s Operational Data Provisioning (ODP) RFC APIs, where RFC modules fail to perform caller identification for allowed SAP-internal applications. This allows customer/third-party applications to use ODP-RFC functionality in ways not aligned with its intended usag...

Positive Technologies•added 2026/06/09 12:0 a.m.•8 views

PT-2026-47537

CNNVD•added 2026/06/09 12:0 a.m.•11 views

Exploits0References3

Microsoft Office 安全漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There is a security vulnerability in Microsoft Office, which stems from a heap buffer overflow...

7.8CVSS7.6AI score0.00358EPSS

CNNVD•added 2026/06/09 12:0 a.m.•12 views

SAP ODP Data Replication APIs 安全漏洞

SAP ODP Data Replication APIs are a set of enterprise data replication interfaces provided by the German company SAP. There is a security vulnerability in SAP ODP Data Replication APIs, which stems from the lack of identification of callers for allowed internal SAP applications. If these APIs are...

6.6CVSS5.3AI score0.00219EPSS