Lucene search
K

219841 matches found

CVE
CVE
added 2026/05/03 7:30 a.m.34 views

CVE-2026-7686

Eyeo Adblock Plus (Chrome) up to 4.36.2 contains a vulnerability in postMessage handling within premium.preload.js (Legacy Premium Activation). Exploitation allows improper access controls with remote execution; the attack is publicly disclosed. The vendor notes the legacy activation path is depr...

6.9CVSS5.7AI score0.00297EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/03 7:30 a.m.4 views

CVE-2026-7686 eyeo Adblock Plus Legacy Premium Activation premium.preload.js postMessage access control

A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activation. Performing a manipulation results in improper access controls. Remote exploitation of the...

6.9CVSS5.7AI score0.00297EPSS
Exploits0References5
OSV
OSV
added 2026/05/03 3:9 a.m.6 views

MAL-2026-3240 Malicious code in timesmcplib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 da06df6b9831a400bbf6f90e6ae20c8633f5ca98f71ca4927cbc0647ec6ccb17 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
CNNVD
CNNVD
added 2026/05/03 12:0 a.m.7 views

Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 访问控制错误漏洞

Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform is a power operation and maintenance cloud platform developed by Acrel Corporation. Version 1.3.0 of Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform contains an access control...

6.5CVSS6.7AI score0.00224EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/03 12:0 a.m.10 views

PT-2026-36730

Velociraptor versions prior to 0.76.4 contain a resource exhaustion vulnerability in the server's agent control channel. This allows a compromised or rogue Velociraptor client to crash the server via out-of-memory OOM by sending crafted messages through the normal client communication channel...

4.9CVSS5.8AI score0.00344EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/03 12:0 a.m.8 views

crmeb_java 访问控制错误漏洞

crmebjava is an open-source e-commerce system developed by CRMEB. Versions of crmebjava 1.3.4 and earlier contained a access control vulnerability. This vulnerability stemmed from unknown code in the Admin Upload component, specifically in the...

5.8CVSS5.9AI score0.00223EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/02 11:20 p.m.9 views

Malicious code in timermcplib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 999846a0fc964a7818742a15f547ddd0b154f6ca559902c048c3f478a681c64c During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/02 11:20 p.m.5 views

MAL-2026-3239 Malicious code in timermcplib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 999846a0fc964a7818742a15f547ddd0b154f6ca559902c048c3f478a681c64c During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/02 6:30 p.m.97 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

copy-success — CVE-2026-31431 Compensating Control A defensiv...

7.8CVSS5.8AI score0.96775EPSS
Exploits228
GithubExploit
GithubExploit
added 2026/05/02 10:0 a.m.79 views

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 - cPanel & WHM Authentication Bypass Proof of C...

9.8CVSS5.9AI score0.981EPSS
Exploits64
Microsoft CVE
Microsoft CVE
added 2026/05/02 8:4 a.m.10 views

ksmbd: use check_add_overflow() to prevent u16 DACL size overflow

...

7.5CVSS5.8AI score0.00117EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/02 8:4 a.m.6 views

crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed

...

7.1CVSS5.8AI score0.00126EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/05/02 6:52 a.m.87 views

Exploit for Insufficient Granularity of Access Control in Microsoft

CVE-20...

7.8CVSS5.8AI score0.06749EPSS
Exploits3
OSV
OSV
added 2026/05/02 3:40 a.m.6 views

MAL-2026-3230 Malicious code in currenttimerpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ccd5c81889e68b6ae8a0e8ef90b7c3a4dc447b08872ad6ac48ce94804985379d During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/02 3:14 a.m.8 views

Malicious code in timermcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a3fb8935c61e214bb5bdfe858c15d8d00fce16ae5a8ee00d88af7c1aa363e656 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/02 3:14 a.m.8 views

MAL-2026-3231 Malicious code in timermcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a3fb8935c61e214bb5bdfe858c15d8d00fce16ae5a8ee00d88af7c1aa363e656 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
Fedora
Fedora
added 2026/05/02 1:57 a.m.10 views

[SECURITY] Fedora 42 Update: openvpn-2.6.20-1.fc42

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...

6.9CVSS5.8AI score0.00317EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/02 1:25 a.m.11 views

SUSE CVE-2026-31709

In the Linux kernel, the following vulnerability has been resolved: smb: client: validate the whole DACL before rewriting it in cifsacl buildsecdesc and idmodetocifsacl derive a DACL pointer from a server-supplied dacloffset and then use the incoming ACL to rebuild the chmod/chown security...

8.8CVSS5.8AI score0.00259EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/05/02 1:25 a.m.11 views

SUSE CVE-2026-31712

In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smbcheckpermdacl Both ACE-walk loops in smbcheckpermdacl only guard against an under-sized remaining buffer, not against an ACE whose declared ace-size is smaller than the struct it claims to...

8.3CVSS5.7AI score0.00315EPSS
Exploits0References3
CloudLinux
CloudLinux
added 2026/05/02 1:1 a.m.11 views

cups: Fix of CVE-2026-34980

CVE-2026-34980: filter control characters from option values in the scheduler to prevent PPD keyword injection via Print-Job...

7.5CVSS6AI score0.00502EPSS
Exploits1
Rows per page
Query Builder