CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

219072 matches found

NVD•added 3 days ago•3 views

CVE-2026-40743

Unauthenticated Broken Access Control in Tutor LMS = 3.9.7 versions...

6.5CVSS0.00252EPSS

Exploits0References1

NVD•added 3 days ago•3 views

CVE-2026-40767

Unauthenticated Broken Access Control in wpForo Forum 3.0.2 versions...

7.5CVSS0.00287EPSS

Exploits0References1

NVD•added 3 days ago•6 views

CVE-2026-39594

Subscriber Broken Access Control in Ultra Addons for WPForms = 1.0.11 versions...

6.4CVSS0.00287EPSS

Exploits0References1

NVD•added 3 days ago•4 views

CVE-2026-40741

Unauthenticated Broken Access Control in Redsys for WooCommerce Light = 7.0.0 versions...

7.5CVSS0.00246EPSS

Exploits0References1

NVD•added 3 days ago•4 views

CVE-2026-39533

Unauthenticated Broken Access Control in AWP Classifieds = 4.4.4 versions...

7.5CVSS0.00304EPSS

Exploits0References1

NVD•added 3 days ago•6 views

CVE-2026-39584

Subscriber Broken Access Control in RepairBuddy = 4.1132 versions...

6.5CVSS0.00326EPSS

Exploits0References1

NVD•added 3 days ago•3 views

CVE-2026-39534

Unauthenticated Broken Access Control in WP Directory Kit = 1.5.0 versions...

7.5CVSS0.00306EPSS

Exploits0References1

NVD•added 3 days ago•3 views

CVE-2026-39515

Subscriber Broken Access Control in Motors 1.4.107 versions...

6.5CVSS0.00352EPSS

Exploits0References1

NVD•added 3 days ago•4 views

CVE-2026-39524

Unauthenticated Broken Access Control in Masteriyo - LMS = 2.1.5 versions...

7.5CVSS0.00246EPSS

Exploits0References1

NVD•added 3 days ago•4 views

CVE-2026-39503

Unauthenticated Broken Access Control in Easy Digital Downloads = 3.6.5 versions...

7.5CVSS0.00246EPSS

Exploits0References1

NVD•added 3 days ago•4 views

CVE-2026-39513

Unauthenticated Broken Access Control in Easy Appointments = 3.12.21 versions...

7.5CVSS0.00287EPSS

Exploits0References1

NVD•added 3 days ago•5 views

CVE-2026-34886

Unauthenticated Broken Access Control in Simple Membership = 4.7.1 versions...

7.5CVSS0.00251EPSS

Exploits0References1

NVD•added 3 days ago•5 views

CVE-2026-34892

Subscriber Broken Access Control in Rank Math SEO = 1.0.271 versions...

6.5CVSS0.00271EPSS

Exploits0References1

NVD•added 3 days ago•4 views

CVE-2026-34898

Unauthenticated Broken Access Control in Event Tickets Manager for WooCommerce = 1.5.3 versions...

7.5CVSS0.00246EPSS

Exploits0References1

NVD•added 3 days ago•5 views

CVE-2026-25425

Unauthenticated Broken Access Control in User Registration = 5.1.2 versions...

7.5CVSS0.00372EPSS

Exploits0References1

NVD•added 3 days ago•5 views

CVE-2025-69332

Subscriber Broken Access Control in Bookify = 1.1.1 versions...

6.5CVSS0.00326EPSS

Exploits0References1

NVD•added 3 days ago•4 views

CVE-2025-68049

Subscriber Broken Access Control in bunny.net = 2.3.6 versions...

6.3CVSS0.00242EPSS

Exploits0References1

OSSF Malicious Packages•added 3 days ago•7 views

Malicious code in lab-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bbde4e4075983db0c5aba255bc29f84fb2536681b13e8289412cce5c3ee7a2e On npm install, the package's postinstall hook runs seccheck.js, which enumerates the host's network interfaces and proceeds only if an IPv4 address...

Exploits0References1

EUVD•added 3 days ago•8 views

EUVD-2026-36468

Netty: HttpObjectDecoder skips arbitrary initial control characters when only initial CRLF characters are permitted...

5.3CVSS5.3AI score0.00232EPSS

Exploits0References4

Github Security Blog•added 3 days ago•5 views

Netty: HttpObjectDecoder skips arbitrary initial control characters when only initial CRLF characters are permitted

Summary Before reading the first request-line, HttpObjectDecoder skips every byte for which Character.isISOControlb is true 0x00–0x1F and 0x7F as well as all whitespace. RFC 9112 §2.2 only asks servers to ignore empty CRLF lines preceding the request-line — a carefully scoped robustness allowance...

5.3CVSS5.3AI score0.00232EPSS

Exploits0References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by