Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Cvelist
Cvelistadded 2026/06/16 9:24 p.m.18 views

CVE-2026-39598 WordPress Academy LMS Pro plugin < 3.5.2 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Kodezen LLC Academy LMS Pro allows Upload a Web Shell to a Web Server. This issue affects Academy LMS Pro: from n/a before 3.5.2...

8CVSS0.00221EPSS
Exploits0References1
CVE
CVEadded 2026/06/16 9:24 p.m.8 views

CVE-2026-39598

CVE-2026-39598 concerns WordPress Academy LMS Pro plugin (pre-3.5.2). The vulnerability is an Unrestricted Upload of File with a Dangerous Type, enabling an attacker to upload a web shell to the web server. Affected: Academy LMS Pro prior to 3.5.2. CVSS 3.1 metrics indicate NETWORK attack Vector,...

8CVSS5.2AI score0.00221EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/27 8:48 p.m.41 views

CVE-2026-45136 claude-code-cache-fix: Local code execution via Python triple-quote injection in tools/quota-statusline.sh

claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh introduced in v3.5.0 interpolates Claude Code's hook stdin payload directly into a Python triple-quoted string literal. A ''' byte sequence in any user-controlled field of th...

8.6CVSS0.00188EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2026/05/27 8:48 p.m.9 views

CVE-2026-45136

claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh introduced in v3.5.0 interpolates Claude Code's hook stdin payload directly into a Python triple-quoted string literal. A ''' byte sequence in any user-controlled field of th...

8.6CVSS5.9AI score0.00188EPSS
Exploits1References4Affected Software1
Microsoft CVE
Microsoft CVEadded 2024/11/28 8:0 a.m.3 views

An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations.

...

5.5CVSS5.5AI score0.00312EPSS
Exploits0
CNNVD
CNNVDadded 2024/06/16 12:0 a.m.4 views

iTerm2 Security Vulnerability

iTerm2 is a terminal emulation program written for Mac OS X. A security vulnerability exists in iTerm2 versions prior to 3.5.2, which stems from the possibility of remote code execution...

9.8CVSS7.9AI score0.01497EPSS
Exploits1References5
SUSE CVE
SUSE CVEadded 2023/02/15 5:59 a.m.5 views

SUSE CVE-2010-1635

The chainreply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service NULL pointer dereference and process crash via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request wit...

5CVSS6.8AI score0.038EPSS
Exploits1References3
OSV
OSVadded 2013/07/08 8:55 p.m.1 views

DEBIAN-CVE-2013-2203

WordPress before 3.5.2, when the uploads directory forbids write access, allows remote attackers to obtain sensitive information via an invalid upload request, which reveals the absolute path in an XMLHttpRequest error message...

4.3CVSS6.4AI score0.02026EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2009/09/09 11:22 p.m.1 views

Firefox 3.5.2 3.0.14 browser engine crashes

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

10CVSS6.2AI score0.05452EPSS
Exploits0References4
Rows per page
Query Builder