Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1134 matches found

GithubExploit
GithubExploitadded 2026/03/28 8:39 a.m.123 views

Exploit for CVE-2025-31337

CVE-2025-31337 Security Advisory CVE ID: CVE-2025-313...

6.5AI score
Exploits1
RedhatCVE
RedhatCVEadded 2026/03/26 5:3 p.m.2 views

CVE-2026-32499

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a through = 7.7.9...

9.3CVSS5.9AI score0.00283EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/26 12:30 p.m.1 views

EUVD-2026-16150

Vulnerability of incorrect authorization in HiJiffy Chatbot allows an attacker to download private messages from other users via the parameter 'visitor' in '/api/v1/webchat/message'...

6.9CVSS5.8AI score0.0026EPSS
Exploits0References2
EUVD
EUVDadded 2026/03/26 12:30 p.m.4 views

EUVD-2026-16148

Vulnerability of incorrect authorization in HiJiffy Chatbot allows an attacker to download private messages from other users via the parameter 'ID' in '/api/v1/download//'...

6.9CVSS5.8AI score0.00239EPSS
Exploits0References2
NVD
NVDadded 2026/03/26 10:16 a.m.1 views

CVE-2026-4263

Vulnerability of incorrect authorization in HiJiffy Chatbot allows an attacker to download private messages from other users via the parameter 'visitor' in '/api/v1/webchat/message'...

6.9CVSS0.0026EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/26 9:12 a.m.25 views

CVE-2026-4263 Incorrect authorization in HiJiffy Chatbot

Vulnerability of incorrect authorization in HiJiffy Chatbot allows an attacker to download private messages from other users via the parameter 'visitor' in '/api/v1/webchat/message'...

6.9CVSS0.0026EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/26 9:12 a.m.2 views

CVE-2026-4263 Incorrect authorization in HiJiffy Chatbot

Vulnerability of incorrect authorization in HiJiffy Chatbot allows an attacker to download private messages from other users via the parameter 'visitor' in '/api/v1/webchat/message'...

6.9CVSS5.8AI score0.0026EPSS
Exploits0References1
CVE
CVEadded 2026/03/26 9:12 a.m.7 views

CVE-2026-4263

CVE-2026-4263 concerns an incorrect authorization flaw in the HiJiffy Chatbot. The vulnerability allows an attacker to download private messages from other users by abusing the parameter 'visitor' in the API endpoint /api/v1/webchat/message. The CVSS details indicate a network-based, low-complexi...

6.9CVSS5.8AI score0.0026EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/26 9:6 a.m.26 views

CVE-2026-4262 Incorrect authorization in HiJiffy Chatbot

Vulnerability of incorrect authorization in HiJiffy Chatbot allows an attacker to download private messages from other users via the parameter 'ID' in '/api/v1/download//'...

6.9CVSS0.00239EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/26 9:6 a.m.2 views

CVE-2026-4262 Incorrect authorization in HiJiffy Chatbot

Vulnerability of incorrect authorization in HiJiffy Chatbot allows an attacker to download private messages from other users via the parameter 'ID' in '/api/v1/download//'...

6.9CVSS5.8AI score0.00239EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/26 9:6 a.m.2 views

CVE-2026-4262

Vulnerability of incorrect authorization in HiJiffy Chatbot allows an attacker to download private messages from other users via the parameter 'ID' in '/api/v1/download//'...

6.9CVSS5.8AI score0.00239EPSS
Exploits0References2
CVE
CVEadded 2026/03/26 9:6 a.m.14 views

CVE-2026-4262

HiJiffy Chatbot contains an incorrect authorization vulnerability. An attacker can download private messages by manipulating the ID parameter in the API endpoint /api/v1/download//. The CVSS base score is 6.9 (Medium) with Network attack vector, low attack complexity, no privileges required, and ...

6.9CVSS5.8AI score0.00239EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/03/26 12:0 a.m.3 views

PT-2026-28641

Name of the Vulnerable Software and Affected Versions HiJiffy Chatbot affected versions not specified Description An incorrect authorization issue exists in HiJiffy Chatbot that allows an attacker to download private messages from other users. This is achieved by exploiting the visitor parameter...

6.9CVSS5.9AI score0.0026EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/03/26 12:0 a.m.4 views

HiJiffy Chatbot 安全漏洞

HiJiffy Chatbot is a customer communication and automated response system for the hospitality industry developed by HiJiffy. There is a security vulnerability in HiJiffy Chatbot, which stems from improper authorization. This vulnerability could allow attackers to download private messages from...

6.9CVSS5.8AI score0.0026EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/03/26 12:0 a.m.3 views

PT-2026-28640

Name of the Vulnerable Software and Affected Versions HiJiffy Chatbot affected versions not specified Description An incorrect authorization issue exists in HiJiffy Chatbot. This allows an attacker to download private messages belonging to other users. The issue is due to improper access control...

6.9CVSS5.9AI score0.00239EPSS
Exploits0References2
EUVD
EUVDadded 2026/03/25 6:31 p.m.6 views

EUVD-2026-15847

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a through = 7.7.9...

5.9AI score0.00283EPSS
Exploits0References2
NVD
NVDadded 2026/03/25 5:17 p.m.3 views

CVE-2026-32499

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a through = 7.7.9...

9.3CVSS0.00283EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/25 4:15 p.m.2 views

CVE-2026-32499 WordPress ChatBot plugin <= 7.7.9 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a through = 7.7.9...

9.3CVSS5.9AI score0.00283EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/25 4:15 p.m.8 views

CVE-2026-32499

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a through = 7.7.9...

5.9AI score0.00283EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/03/25 4:15 p.m.25 views

CVE-2026-32499 WordPress ChatBot plugin <= 7.7.9 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in QuantumCloud ChatBot chatbot allows Blind SQL Injection.This issue affects ChatBot: from n/a through = 7.7.9...

9.3CVSS0.00283EPSS
Exploits0References1
Rows per page
Query Builder