Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/05/21 12:0 a.m.4 views

Mattermost 安全漏洞

Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x have security vulnerabilities. These vulnerabilities stem from a failure to verify the team-level operating permissions for target teams,...

4.3CVSS5.8AI score0.00031EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/18 8:11 a.m.13 views

EUVD-2026-30753

Mattermost versions 11.5.x = 11.5.1 fail to verify channel membership when processing AI-assisted message rewrites which allows an authenticated attacker to read the content of threads in private channels and direct messages they do not have access to via a crafted request to the post rewrite...

6.5CVSS5.8AI score0.00043EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/18 8:7 a.m.5 views

CVE-2026-4286

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to check if teamid was being changed when updating playbooks, allowing users with only Manage Playbook Configurations permission to change a playbook's team, bypassing manage members restriction via PUT api. Mattermost Advisory ID:...

4.3CVSS5.8AI score0.00031EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/05/18 6:33 a.m.5 views

CVE-2026-6334

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13 fail to enforce client identity binding during the OAuth authorization code redemption flow which allows an authenticated OAuth client to redeem authorization codes issued to a different client via a crafted token exchange request.. Mattermo...

3.1CVSS5.9AI score0.00027EPSS
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2021/01/20 12:0 a.m.4 views

Cisco Data Center Network Manager SQL注入漏洞

Cisco Data Center Network Manager DCNM is a suite of data center network managers from Cisco that provides multiprotocol management of the network and troubleshooting of switch operating conditions and performance. A SQL injection vulnerability exists in the REST API endpoint of Cisco Data Center...

8.8CVSS7.4AI score0.00923EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2019/07/10 12:0 a.m.4 views

PT-2019-9860 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: Gitlab CE/EE versions 8.6 up to 11.3.10 Gitlab CE/EE versions 11.4 up to 11.4.7 Gitlab CE/EE versions 11.5 up to 11.5.0 Description: The issue concerns an incorrect access control vulnerability. This vulnerability can display the title and...

5.3CVSS6AI score0.00205EPSS
Exploits0References7
OSV
OSVadded 2017/07/04 12:29 a.m.2 views

CVE-2017-6702

A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. More Information: CSCve15285. Known Affected Releases: 11.51...

6.1CVSS5.7AI score
Exploits0References3
OSV
OSVadded 2016/11/03 9:59 p.m.2 views

CVE-2016-6454

A cross-site request forgery CSRF vulnerability in the web interface of the Cisco Hosted Collaboration Mediation Fulfillment application could allow an unauthenticated, remote attacker to execute unwanted actions. More Information: CSCva54241. Known Affected Releases: 11.51. Known Fixed Releases:...

6.5CVSS5.8AI score0.00155EPSS
Exploits0References2
Rows per page
Query Builder