Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

161260 matches found

NVD
NVDadded 2026/06/05 12:16 p.m.11 views

CVE-2026-11345

An Improper Authentication vulnerability in the /api/Cdn/GetFile endpoint of linqi allows unauthenticated, remote attackers to bypass file access controls. The ValidateAnonFileAccess function incorrectly grants access if an 'AnonFile' query parameter containing exactly 256 characters is provided...

6.9CVSS0.00414EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/05 11:29 a.m.42 views

CVE-2026-11345 Improper Authentication Bypass in linqi CDN File Access

An Improper Authentication vulnerability in the /api/Cdn/GetFile endpoint of linqi allows unauthenticated, remote attackers to bypass file access controls. The ValidateAnonFileAccess function incorrectly grants access if an 'AnonFile' query parameter containing exactly 256 characters is provided...

6.9CVSS0.00414EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/06/05 11:29 a.m.8 views

CVE-2026-11345 Improper Authentication Bypass in linqi CDN File Access

An Improper Authentication vulnerability in the /api/Cdn/GetFile endpoint of linqi allows unauthenticated, remote attackers to bypass file access controls. The ValidateAnonFileAccess function incorrectly grants access if an 'AnonFile' query parameter containing exactly 256 characters is provided...

6.9CVSS5.5AI score0.00414EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/05 11:29 a.m.11 views

EUVD-2026-34824

An Improper Authentication vulnerability in the /api/Cdn/GetFile endpoint of linqi allows unauthenticated, remote attackers to bypass file access controls. The ValidateAnonFileAccess function incorrectly grants access if an 'AnonFile' query parameter containing exactly 256 characters is provided...

6.9CVSS5.5AI score0.00414EPSS
Exploits0References1
CVE
CVEadded 2026/06/05 11:29 a.m.21 views

CVE-2026-11345

In CVE-2026-11345, the linqi web app exposes an improper authentication flaw in the /api/Cdn/GetFile endpoint. The ValidateAnonFileAccess check incorrectly grants access when an AnonFile query parameter is exactly 256 characters, allowing unauthenticated remote access to files. The exposed resour...

6.9CVSS5.6AI score0.00414EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2026/06/05 11:5 a.m.82 views

Exploit for OS Command Injection in Redhat Openshift_Container_Platform

CVE-2026-4480: Samba print-command %J injection PoC I...

9.8CVSS6AI score0.12797EPSS
Exploits7
GithubExploit
GithubExploitadded 2026/06/05 11:5 a.m.75 views

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

9.8CVSS6.4AI score0.72253EPSS
Exploits31
GithubExploit
GithubExploitadded 2026/06/05 10:55 a.m.63 views

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 — cPanel2Shell Interactive exploitation tool...

9.8CVSS6AI score0.981EPSS
Exploits64
GithubExploit
GithubExploitadded 2026/06/05 10:26 a.m.70 views

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

9.8CVSS6.1AI score0.72253EPSS
Exploits31
GithubExploit
GithubExploitadded 2026/06/05 9:17 a.m.66 views

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

9.8CVSS6.4AI score0.72253EPSS
Exploits31
NVD
NVDadded 2026/06/05 9:16 a.m.13 views

CVE-2026-6274

Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8...

9.8CVSS0.0046EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/05 9:1 a.m.8 views

CVE-2026-6274 Authentication Bypass in DTS Electronics' Redline WR3200

Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8...

9.8CVSS5.5AI score0.0046EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/05 9:1 a.m.42 views

CVE-2026-6274 Authentication Bypass in DTS Electronics' Redline WR3200

Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8...

9.8CVSS0.0046EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/06/05 9:1 a.m.6 views

CVE-2026-6274

Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8...

9.8CVSS5.5AI score0.0046EPSS
Exploits0References2Affected Software1
EUVD
EUVDadded 2026/06/05 9:1 a.m.12 views

EUVD-2026-34793

Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8...

9.8CVSS5.5AI score0.0046EPSS
Exploits0References1
CVE
CVEadded 2026/06/05 9:1 a.m.20 views

CVE-2026-6274

CVE-2026-6274 concerns an authentication weakness in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200, where improper/missing authentication for a critical function allows accessing functionality not properly constrained by ACLs. Affected firmware ranges are 7.1.3 through before 7.1.8. ...

9.8CVSS5.5AI score0.0046EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/06/05 7:28 a.m.11 views

CVE-2026-48526

A flaw was found in PyJWT, a Python library for JSON Web Token JWT implementation. When decoding JWTs, the library fails to validate the use of JSON Web Keys JWK in the HMAC algorithm while also supporting asymmetric algorithms. This allows a remote attacker to use the issuer's public key as the...

7.4CVSS5.5AI score0.00232EPSS
Exploits1References4
GithubExploit
GithubExploitadded 2026/06/05 7:27 a.m.62 views

Exploit for Missing Authentication for Critical Function in Mcpjam Inspector

cve-2026...

9.8CVSS5.4AI score0.38374EPSS
Exploits29
RedhatCVE
RedhatCVEadded 2026/06/05 6:14 a.m.14 views

CVE-2026-4035

A flaw was found in MLflow. This vulnerability allows an attacker to exfiltrate sensitive server-side environment credentials. It occurs because the AI Gateway secrets can resolve environment variables, which are then sent to an attacker-controlled endpoint. This could lead to unauthorized access...

9.1CVSS5.6AI score0.00376EPSS
Exploits1References5
OSV
OSVadded 2026/06/05 5:49 a.m.7 views

BIT-MLFLOW-2026-3198 Improper Access Control in mlflow/mlflow

MLflow 3.9.0 with basic-auth --app-name basic-auth fails to enforce authorization checks for multiple Gateway API 'list' endpoints. Specifically, the BEFOREREQUESTHANDLERS dictionary in mlflow/server/auth/init.py does not include entries for ListGatewaySecretInfos, ListGatewayEndpoints, and...

6.5CVSS5.5AI score0.00244EPSS
Exploits1References2
Rows per page
Query Builder