CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

302 matches found

CVE-2026-41141 EspoCRM: IDOR in EmailTemplate Prepare Endpoint Leaks Entity Data via Email Address Lookup

EspoCRM is an open source customer relationship management application. Prior to 9.3.5, the POST /api/v1/EmailTemplate/:id/prepare endpoint accepts an emailAddress parameter and resolves the owning entity Contact, Lead, Account, or User without performing an ACL check. An authenticated user with...

6.5CVSS5.8AI score0.00032EPSS

Exploits0References1

EUVD•added last week•4 views

EUVD-2026-32947

6.5CVSS5.8AI score0.00032EPSS

Exploits0References1

CNNVD•added 2026/05/28 12:0 a.m.•4 views

EspoCRM 安全漏洞

EspoCRM is an open-source, web-based Customer Relationship Management system CRM developed by EspoCRM. This system offers features such as sales automation, community management, and customer support. Versions of EspoCRM prior to 9.3.5 contained security vulnerabilities. These vulnerabilities...

6.5CVSS5.8AI score0.00032EPSS

Exploits0References1

Positive Technologies•added 2026/05/28 12:0 a.m.•2 views

PT-2026-44407

6.5CVSS5.8AI score0.00032EPSS

Exploits0References2

RedhatCVE•added 2026/05/26 2:12 a.m.•4 views

CVE-2026-22678

Webmin before 2.641 contains a stored cross-site scripting vulnerability in the email template description field of the System and Server Status module that allows low-privileged authenticated attackers to execute arbitrary JavaScript in the browser context of administrators by injecting...

5.4CVSS5.9AI score0.00029EPSS

Exploits0References1

NVD•added 2026/05/21 10:16 p.m.•7 views

CVE-2026-22678

5.4CVSS0.00029EPSS

Exploits0References2

ATTACKERKB•added 2026/05/21 8:59 p.m.•2 views

CVE-2026-22678

5.4CVSS5.9AI score0.00029EPSS

Exploits0References3

Cvelist•added 2026/05/21 8:59 p.m.•23 views

CVE-2026-22678 Webmin < 2.641 Stored XSS via System and Server Status

5.4CVSS0.00029EPSS

Exploits0References2

Vulnrichment•added 2026/05/21 8:59 p.m.•4 views

CVE-2026-22678 Webmin < 2.641 Stored XSS via System and Server Status

5.4CVSS5.9AI score0.00029EPSS

Exploits0References2

CNNVD•added 2026/05/21 12:0 a.m.•2 views

Webmin 跨站脚本漏洞

Webmin is a set of web-based system management tools for Unix-like operating systems, developed by the Webmin community. Versions of Webmin prior to 2.641 contained a cross-site scripting vulnerability. This vulnerability stemmed from the email template description field in the System and Server...

5.4CVSS5.9AI score0.00029EPSS

Exploits0References3

NVD•added 2026/05/08 3:16 p.m.•5 views

CVE-2026-41576

Brave CMS is an open-source CMS. Prior to commit 6c56603, the contact form is publicly accessible no authentication required. User-supplied message text is passed through PHP's nl2br function, which converts newlines to tags but does not escape HTML. The resulting string is then passed to a Blade...

7.1CVSS0.0008EPSS

Exploits0References2

CVE•added 2026/05/08 2:50 p.m.•9 views

CVE-2026-41576

Brave CMS is affected by CVE-2026-41576 due to a public contact form that accepted user messages without authentication before commit 6c56603. The message text is passed through nl2br() (converting newlines to ) but is not HTML-escaped, and is then rendered in a Blade email template using the une...

7.1CVSS5.9AI score0.0008EPSS

Exploits0References2

RedhatCVE•added 2026/05/06 8:22 p.m.•4 views

CVE-2026-38432

ERPNext v15.103.1 and before is vulnerable to Cross Site Scripting XSS in the Email Template engine. An attacker with permission to create or edit email templates can inject malicious JavaScript code that are executed on the victim's browser when the template is applied...

6.1CVSS5.9AI score0.0003EPSS

Exploits1References1

OSV•added 2026/05/05 7:11 p.m.•2 views

GHSA-G9CM-RXP7-6GV5 AVideo: HTML Injection in notifySubscribers.json.php Allows Platform-Branded Phishing Emails to Channel Subscribers

Summary objects/notifySubscribers.json.php takes the raw message POST parameter and passes it into sendSiteEmail, which substitutes it directly into an HTML email template via strreplace on the message placeholder and renders it with PHPMailer::msgHTML. There is no HTML sanitization, character...

6.4CVSS5.9AI score0.00032EPSS

Exploits0References4

EUVD•added 2026/05/05 6:33 p.m.•3 views

EUVD-2026-27404

5.9AI score0.0003EPSS

Exploits1References2

NVD•added 2026/05/05 5:17 p.m.•2 views

CVE-2026-38432

6.1CVSS0.0003EPSS

Exploits1References1

Cvelist•added 2026/05/05 12:0 a.m.•33 views

CVE-2026-38432

0.0003EPSS

Exploits1References1

CVE•added 2026/04/07 6:17 p.m.•4 views

CVE-2026-39345

OrangeHRM Open Source versions 5.0–5.8 are affected by a path traversal vulnerability in the Email Template Loader that can allow an authenticated actor who can influence the template path to read arbitrary local files. Root cause: insufficient restriction of template file resolution to the inten...

4.9CVSS6AI score0.00056EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/04/07 6:17 p.m.•1 views

CVE-2026-39345 OrangeHRM Affected by Arbitrary File Read via Path Traversal in Email Template Loader

OrangeHRM is a comprehensive human resource management HRM system. From 5.0 to 5.8, OrangeHRM Open Source fails to restrict email template file resolution to the intended plugins directory, allowing an authenticated actor who can influence the template path to read arbitrary local files. This...

4.6CVSS6AI score0.00056EPSS

Exploits0References1

ATTACKERKB•added 2026/04/07 6:17 p.m.•0 views

CVE-2026-39345

4.6CVSS6AI score0.00056EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by