Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

219303 matches found

NVD
NVDadded 2026/05/27 5:16 p.m.14 views

CVE-2026-42459

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm Subscriber Data Management service. An unauthenticated attacker can inject control characters into the SUPI...

8.7CVSS0.00324EPSS
Exploits1References1
NVD
NVDadded 2026/05/27 5:16 p.m.20 views

CVE-2026-42083

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, PCF NpcfSMPolicyControl missing authentication middleware allows unauthenticated access to SM policy handlers and disclosure of subscriber SUPI. In NewServer, the smPolicyGroup route group is created and routes are...

8.2CVSS0.00323EPSS
Exploits1References4
NVD
NVDadded 2026/05/27 5:16 p.m.15 views

CVE-2022-41656

Missing Authorization vulnerability in Bizswoop Account Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Account Manager for WooCommerce: from n/a through 2.1.2...

4.3CVSS0.00218EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/27 3:56 p.m.40 views

CVE-2026-42083 free5GC: PCF Npcf_SMPolicyControl missing authentication middleware allows unauthenticated access to SM policy handlers and disclosure of subscriber SUPI

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, PCF NpcfSMPolicyControl missing authentication middleware allows unauthenticated access to SM policy handlers and disclosure of subscriber SUPI. In NewServer, the smPolicyGroup route group is created and routes are...

8.2CVSS0.00323EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2026/05/27 3:56 p.m.9 views

CVE-2026-42083 free5GC: PCF Npcf_SMPolicyControl missing authentication middleware allows unauthenticated access to SM policy handlers and disclosure of subscriber SUPI

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, PCF NpcfSMPolicyControl missing authentication middleware allows unauthenticated access to SM policy handlers and disclosure of subscriber SUPI. In NewServer, the smPolicyGroup route group is created and routes are...

8.2CVSS5.8AI score0.00323EPSS
Exploits1References4
EUVD
EUVDadded 2026/05/27 3:56 p.m.9 views

EUVD-2026-32555

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, PCF NpcfSMPolicyControl missing authentication middleware allows unauthenticated access to SM policy handlers and disclosure of subscriber SUPI. In NewServer, the smPolicyGroup route group is created and routes are...

8.2CVSS5.8AI score0.00323EPSS
Exploits1References4
CVE
CVEadded 2026/05/27 3:56 p.m.13 views

CVE-2026-42083

CVE-2026-42083 affects free5GC PCF Npcf_SMPolicyControl where missing router authorization middleware in the smPolicyGroup allowed unauthenticated access to SM policy endpoints (e.g., POST /npcf-smpolicycontrol/v1/sm-policies, GET /sm-policies/{id}, POST /sm-policies/{id}/update, POST /sm-policie...

8.2CVSS5.8AI score0.00323EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/05/27 3:53 p.m.6 views

CVE-2026-42459

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the free5GC UDM component fails to validate the supi path parameter in six GET handlers of the nudm-sdm Subscriber Data Management service. An unauthenticated attacker can inject control characters into the SUPI...

8.7CVSS5.8AI score0.00324EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2026/05/27 3:52 p.m.16 views

CVE-2026-44316

The CVE describes a nil-pointer dereference in free5GC PCF (POST /npcf-smpolicycontrol/v1/sm-policies) HandleCreateSmPolicyRequest. When a downstream OpenAPI (UDR) lookup returns 404 and the wrapper returns err != nil with a nil response, the code logs the error but does not return, then derefere...

7.5CVSS5.8AI score0.00404EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2026/05/27 3:52 p.m.41 views

CVE-2026-44316 free5GC: PCF npcf-smpolicycontrol POST /sm-policies panics on downstream UDR/OpenAPI 404 via nil pointer dereference

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's PCF POST /npcf-smpolicycontrol/v1/sm-policies handler HandleCreateSmPolicyRequest panics with a nil-pointer dereference when a downstream OpenAPI consumer call UDR lookup returns 404 Not Found and the...

7.5CVSS0.00404EPSS
Exploits1References4
EUVD
EUVDadded 2026/05/27 3:50 p.m.9 views

EUVD-2026-32551

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's PCF POST /npcf-policyauthorization/v1/app-sessions handler panics on a single authenticated request whose ascReqData.suppFeat == "1" enabling traffic-routing feature negotiation and whose medComponents...

6.5CVSS5.8AI score0.0035EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2026/05/27 3:50 p.m.6 views

CVE-2026-44317 free5GC: PCF npcf-policyauthorization POST /app-sessions panics on suppFeat=1 with missing AfRoutReq via nil pointer dereference

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's PCF POST /npcf-policyauthorization/v1/app-sessions handler panics on a single authenticated request whose ascReqData.suppFeat == "1" enabling traffic-routing feature negotiation and whose medComponents...

6.5CVSS5.8AI score0.0035EPSS
Exploits1References4
EUVD
EUVDadded 2026/05/27 3:33 p.m.17 views

EUVD-2026-32311

Missing Authorization vulnerability in WebToffee Product Import Export for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Product Import Export for WooCommerce: from n/a through 2.5.6...

4.3CVSS5.8AI score0.00231EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/27 3:33 p.m.12 views

EUVD-2026-32259

In the Linux kernel, the following vulnerability has been resolved: ublk: use READONCE to read struct ublksrvctrlcmd struct ublksrvctrlcmd is part of the iouringsqe, which may lie in userspace-mapped memory. It's racy to access its fields with normal loads, as userspace may write to them...

5.8AI score0.00107EPSS
Exploits0References3
EUVD
EUVDadded 2026/05/27 3:33 p.m.12 views

EUVD-2026-32236

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: Add validation for MTU changes Increasing the MTU beyond the HDS threshold causes the hardware to fragment packets across multiple buffers. If a single-buffer XDP program is attached, the driver will drop all multi-fr...

5.8AI score0.00126EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/27 3:33 p.m.9 views

EUVD-2026-32239

In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: fix percpuref not resurrected on suspend timeout When llbitmapsuspendtimeout times out waiting for percpuref to become zero, it returns -ETIMEDOUT without resurrecting the percpuref. The caller mdllbitmapdaemonfn...

5.8AI score0.00124EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/27 3:30 p.m.9 views

CVE-2022-41656

Missing Authorization vulnerability in Bizswoop Account Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Account Manager for WooCommerce: from n/a through 2.1.2...

4.3CVSS5.8AI score0.00218EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/27 3:30 p.m.10 views

CVE-2022-41656 WordPress Account Manager for WooCommerce plugin <= 2.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bizswoop Account Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Account Manager for WooCommerce: from n/a through 2.1.2...

4.3CVSS5.8AI score0.00218EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/27 3:30 p.m.43 views

CVE-2022-41656 WordPress Account Manager for WooCommerce plugin <= 2.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Bizswoop Account Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Account Manager for WooCommerce: from n/a through 2.1.2...

4.3CVSS0.00218EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/27 3:30 p.m.9 views

EUVD-2022-55994

Missing Authorization vulnerability in Bizswoop Account Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Account Manager for WooCommerce: from n/a through 2.1.2...

4.3CVSS5.8AI score0.00218EPSS
Exploits0References1
Rows per page
Query Builder