CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2716 matches found

CVE-2026-36615

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 exposes an undocumented /agileconfigreset endpoint that returns internal buffer contents to unauthenticated attackers on the adjacent network...

4.3CVSS

Exploits0References1

CVE•added yesterday•5 views

CVE-2025-41259

SWUpdate (affected before 2026.05) suffers a TOCTOU race in the signed update process, enabling local unprivileged users to escalate to root or install untrusted contents. No exploitation vectors are detailed beyond this description; remediation/version details are not explicitly stated in the pr...

7.3CVSS5.8AI score

Exploits0References3

Cvelist•added yesterday•16 views

CVE-2025-41259 SWUpdate Untrusted Script Execution via Signed Update TOCTOU

SWUpdate before 2026.05 is affected by a time-of-check time-of-use TOCTOU race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using a signed update...

7.3CVSS

Exploits0References3

Vulnrichment•added yesterday•2 views

CVE-2026-36615

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 exposes an undocumented /agileconfigreset endpoint that returns internal buffer contents to unauthenticated attackers on the adjacent network...

5.9AI score

Exploits0References1

Nuclei•added 2 days ago•30 views

Drupal 11.x-dev - Full Path Disclosure

core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure even when error logging is None if the value of hashsalt is filegetcontents of a file that does not exist. id: CVE-2024-45440 info: name: Drupal 11.x-dev - Full Path Disclosure author: DhiyaneshDK severity: medium description: |...

5.3CVSS5.8AI score0.86689EPSS

Exploits4

EUVD•added 2 days ago•5 views

EUVD-2026-33905

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

6.8CVSS6.7AI score0.00046EPSS

Exploits1References1

ATTACKERKB•added 4 days ago•14 views

CVE-2026-49489

OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can inject malicious SQL via the sortDirection parameter in ajax/getDataGridPager.php to perform...

8.5CVSS5.9AI score0.00029EPSS

Exploits0References3

CNNVD•added 5 days ago•4 views

AiOPMSD Final SQL注入漏洞

AiOPMSD Final is a video stream download tool developed by AiOPMSD Corporation. Version 1.0.0 of AiOPMSD Final contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the ‘genre’ parameter, which may allow unauthenticated attackers to execute...

8.8CVSS6.2AI score0.00068EPSS

Exploits0References4

Vulnrichment•added 6 days ago•7 views

CVE-2026-10101 Assisted-service: assisted-service: infraenv status leaks referenced pull-secret contents to namespace view users

ACM/MCE assisted-service writes raw referenced pull-secret contents into InfraEnv.status.conditions.message when pull-secret validation fails. A namespace principal with the stock view ClusterRole cannot directly read Secrets, but can read InfraEnv objects and recover the referenced Secret's...

6.3CVSS5.8AI score0.00031EPSS

Exploits0References2

Positive Technologies•added 6 days ago•5 views

PT-2026-45053

Summary The fix for GHSA-9mqq-jqxf-grvw / CVE-2026-44336 is incomplete. The original advisory description named four vulnerable handlers in mcp server/adapters/cli tools.py: "registers four file-handling tools by default, praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and...

9.6CVSS6AI score0.00135EPSS

Exploits1References3

Nuclei•added 2026/05/28 5:39 a.m.•48 views

Palo Alto Expedition - SQL Injection

An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expeditio...

9.2CVSS7.7AI score0.94286EPSS

Exploits3References4

Tenable Nessus•added 2026/05/28 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-44898

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, rendertocul builds a table-of-contents tree from a list of level, id, text tuple...

6.1CVSS6AI score0.00031EPSS

Exploits1References3

NVD•added 2026/05/26 9:16 p.m.•6 views

CVE-2026-44898

Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, rendertocul builds a table-of-contents tree from a list of level, id, text tuples. Both the id value used as href="" and the text value used as the visible link label are inserted into tags via a plain Python format...

6.1CVSS0.00031EPSS

Exploits1References2