CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/09 8:59 p.m.•11 views

CVE-2026-25856

OpenBullet2 through version 0.3.2 contains an authenticated remote code execution vulnerability that allows authenticated users to execute arbitrary C code on the server host by creating or modifying job configurations. Attackers can leverage the plain C execution mode, which lacks reference...

8.8CVSS6.6AI score0.0085EPSS

RedhatCVE•added 2026/06/09 8:59 p.m.•13 views

CVE-2026-46442

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, POST /api/v1/node-custom-function lacks route-level authorization, allowing any authenticated user or API key to submit arbitrary JavaScript to the Custom JS Function node. When...

9.9CVSS6.5AI score0.00649EPSS

Exploits1References1

CVE•added 2026/06/09 8:59 p.m.•17 views

CVE-2026-48303

Adobe Campaign Classic (ACC) versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability (CWE-863) that could allow arbitrary code execution in the context of the current user. Exploitation does not require user interaction; the CVSS 3.1 vector is AV:N/AC:L/PR:N...

10CVSS6.2AI score0.00553EPSS

Vulnrichment•added 2026/06/09 8:59 p.m.•7 views

CVE-2026-48303 Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863)

Adobe Campaign Classic ACC versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS6.2AI score0.00553EPSS

Cvelist•added 2026/06/09 8:59 p.m.•35 views

CVE-2026-48303 Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863)

10CVSS0.00553EPSS

EUVD•added 2026/06/09 8:59 p.m.•9 views

EUVD-2026-35838

10CVSS6.2AI score0.00553EPSS

Qualys Blog•added 2026/06/09 8:52 p.m.•4 views

Microsoft and Adobe Patch Tuesday, June 2026 Security Update Review

Every Patch Tuesday presents a race between defenders applying fixes and attackers seeking opportunities. Microsoft’s June 2026 release is no exception, delivering security updates for vulnerabilities that could significantly impact enterprise environments if left unaddressed. Microsoft Patch...

9.8CVSS8.6AI score0.04297EPSS

Exploits2

Debian•added 2026/06/09 8:47 p.m.•7 views

[SECURITY] [DSA 6332-1] okular security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6332-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 09, 2026 https://www.debian.org/security/faq -...

5.8AI score

Exploits0

EUVD•added 2026/06/09 8:38 p.m.•9 views

EUVD-2026-35835

Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE•added 2026/06/09 8:38 p.m.•15 views

CVE-2026-48291

Affected software: Format Plugins, versions 1.1.2 and earlier. Root cause: Heap-based buffer overflow. Impact: Arbitrary code execution in the context of the current user. Exploit information: Requires user interaction; a victim must open a malicious file. Notes: Details are taken from the CVE en...

Vulnrichment•added 2026/06/09 8:38 p.m.•10 views

CVE-2026-48291 Format Plugins | Heap-based Buffer Overflow (CWE-122)

7.8CVSS7.8AI score0.00271EPSS

Cvelist•added 2026/06/09 8:38 p.m.•35 views

CVE-2026-48291 Format Plugins | Heap-based Buffer Overflow (CWE-122)

7.8CVSS0.00271EPSS

Cvelist•added 2026/06/09 8:38 p.m.•33 views

CVE-2026-48292 Format Plugins | Heap-based Buffer Overflow (CWE-122)

7.8CVSS0.00271EPSS

Vulnrichment•added 2026/06/09 8:38 p.m.•6 views

CVE-2026-48292 Format Plugins | Heap-based Buffer Overflow (CWE-122)

7.8CVSS7.8AI score0.00271EPSS

CVE•added 2026/06/09 8:38 p.m.•15 views

CVE-2026-48292

Format Plugins versions 1.1.2 and earlier are affected by a heap-based buffer overflow that could allow arbitrary code execution in the current user context. Exploitation requires user interaction (victim must open a malicious file). CVSSv3.1 base score 7.8 (HIGH); attack vector LOCAL, privileges...

EUVD•added 2026/06/09 8:38 p.m.•9 views

EUVD-2026-35834

CVE•added 2026/06/09 8:33 p.m.•16 views

CVE-2026-47929

CVE-2026-47929 affects Adobe ColdFusion versions 2023.19, 2025.8 and earlier. The issue is an incorrect authorization vulnerability that could enable arbitrary code execution in the context of the current user. Exploitation does not require user interaction, and the vulnerability could allow a hi...

9.1CVSS6.2AI score0.07535EPSS

Cvelist•added 2026/06/09 8:33 p.m.•32 views

CVE-2026-47929 ColdFusion | Incorrect Authorization (CWE-863)

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could exploit this vulnerability to gain elevated access or control over the victim...

8.4CVSS0.07535EPSS

Vulnrichment•added 2026/06/09 8:33 p.m.•5 views

CVE-2026-47929 ColdFusion | Incorrect Authorization (CWE-863)

8.4CVSS6.2AI score0.07535EPSS