Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

663 matches found

SUSE CVE
SUSE CVEadded 2026/02/05 12:24 a.m.3 views

SUSE CVE-2026-23094

In the Linux kernel, the following vulnerability has been resolved: uacce: fix isolate sysfs check condition uacce supports the device isolation feature. If the driver implements the isolateerrthresholdread and isolateerrthresholdwrite callback functions, uacce will create sysfs files now. Users...

5.5CVSS5.2AI score0.00022EPSS
Exploits0References19
ATTACKERKB
ATTACKERKBadded 2026/02/04 4:8 p.m.2 views

CVE-2026-23094

In the Linux kernel, the following vulnerability has been resolved: uacce: fix isolate sysfs check condition uacce supports the device isolation feature. If the driver implements the isolateerrthresholdread and isolateerrthresholdwrite callback functions, uacce will create sysfs files now. Users...

5.2AI score0.00022EPSS
Exploits0References5Affected Software1
CNNVD
CNNVDadded 2026/02/04 12:0 a.m.2 views

WordPress plugin Xendit Payment 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

5.3CVSS5.9AI score0.00098EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2026/02/04 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-23094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - uacce: fix isolate sysfs check condition uacce supports the device isolation feature. If the driver implements the isolateerrthresholdread and...

5.5CVSS6.1AI score0.00022EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/02/02 12:0 a.m.3 views

Khoj 安全漏洞

Khoj is an open-source application developed by Khoj AI. It allows users to create personal artificial intelligence agents that are always available. Versions of Khoj prior to 2.0.0-beta.23 contained security vulnerabilities. These vulnerabilities stemmed from insecure direct object references in...

7.1CVSS5.8AI score0.00013EPSS
Exploits1References4
SUSE CVE
SUSE CVEadded 2026/02/01 12:24 a.m.3 views

SUSE CVE-2026-23017

In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the inittask on load If the inittask fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that state a subsequent reset will result in a crash as...

5.5CVSS5.7AI score0.00025EPSS
Exploits0References19
NVD
NVDadded 2026/01/31 12:16 p.m.4 views

CVE-2026-23017

In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the inittask on load If the inittask fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that state a subsequent reset will result in a crash as...

5.5CVSS0.00025EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2026/01/31 12:16 p.m.3 views

CVE-2026-23017

In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the inittask on load If the inittask fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that state a subsequent reset will result in a crash as...

5.5CVSS5.7AI score0.00025EPSS
Exploits0References4
OSV
OSVadded 2026/01/31 11:39 a.m.3 views

CVE-2026-23017 idpf: fix error handling in the init_task on load

In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the inittask on load If the inittask fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that state a subsequent reset will result in a crash as...

5.5CVSS5.7AI score0.00025EPSS
Exploits0References5
EUVD
EUVDadded 2026/01/31 11:39 a.m.3 views

EUVD-2026-5077

In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the inittask on load If the inittask fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that state a subsequent reset will result in a crash as...

5.7AI score0.00025EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/01/31 11:39 a.m.29 views

CVE-2026-23017 idpf: fix error handling in the init_task on load

In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the inittask on load If the inittask fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that state a subsequent reset will result in a crash as...

0.00025EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/01/31 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-23017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - idpf: fix error handling in the inittask on load If the inittask fails during a driver load, we end up without vports and netdevs, effectively failing the entir...

5.5CVSS5.8AI score0.00025EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/01/24 9:15 p.m.4 views

CVE-2025-14947

The All-in-One Video Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxcallbackcreatebunnystreamvideo, ajaxcallbackgetbunnystreamvideo, and ajaxcallbackdeletebunnystreamvideo functions in all versions up to, and including,...

6.5CVSS5.5AI score0.00058EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/01/23 12:0 a.m.6 views

PT-2026-4521

Name of the Vulnerable Software and Affected Versions All-in-One Video Gallery plugin for WordPress versions through 4.6.4 Description The All-in-One Video Gallery plugin for WordPress is susceptible to unauthorized data modification because of a missing capability check on the ajax callback crea...

6.5CVSS5.3AI score0.00058EPSS
Exploits0References7
Tenable Nessus
Tenable Nessusadded 2026/01/22 12:0 a.m.3 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-38278)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38278 advisory. - In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: QOS: Refactor...

5.5CVSS5.3AI score0.00077EPSS
Exploits0References2
CVE
CVEadded 2026/01/20 8:41 p.m.31 views

CVE-2026-21637

CVE-2026-21637 is a Node.js TLS handling issue where synchronous exceptions in PSK/ALPN callbacks can bypass tlsClientError/error paths, causing process termination or FD leaks and potential DoS. Connected advisories (ALAS2023-2026-1404, ALAS2023-2026-1402, ALAS2023-2026-1403, CBLMARINER) confirm...

7.5CVSS5.6AI score0.00056EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/01/20 8:41 p.m.12 views

CVE-2026-21637

A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when pskCallback or ALPNCallback are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths tlsClientError and error, causing either immediate...

5.9CVSS0.00056EPSS
Exploits0References1
NVD
NVDadded 2026/01/17 9:15 a.m.5 views

CVE-2025-14078

The PAYGENT for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.4.6. This is due to missing authorization checks on the paygentcheckwebhook function combined with the paygentpermissioncallback function unconditionally returning true ...

5.3CVSS0.00157EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/01/17 8:24 a.m.2 views

CVE-2025-14078 PAYGENT for WooCommerce <= 2.4.6 - Missing Authorization to Unauthenticated Payment Callback Manipulation

The PAYGENT for WooCommerce plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.4.6. This is due to missing authorization checks on the paygentcheckwebhook function combined with the paygentpermissioncallback function unconditionally returning true ...

5.3CVSS5.5AI score0.00157EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/01/17 7:15 a.m.4 views

CVE-2026-0939

The Rede Itaú for WooCommerce plugin for WordPress is vulnerable to order status manipulation due to insufficient verification of data authenticity in all versions up to, and including, 5.1.2. This is due to the plugin failing to verify the authenticity of payment callbacks. This makes it possibl...

5.3CVSS5.9AI score0.00051EPSS
Exploits0References1
Rows per page
Query Builder