Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

25 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 9:33 a.m.7 views

CVE-2024-39924

An issue was discovered in Vaultwarden formerly BitwardenRS 1.30.3. A vulnerability has been identified in the authentication and authorization process of the endpoint responsible for altering the metadata of an emergency access. It permits an attacker with granted emergency access to escalate...

8.8CVSS7.3AI score0.0025EPSS
Exploits1References1
Malwarebytes
Malwarebytesadded 2025/10/27 2:15 p.m.4 views

Phishing scam uses fake death notices to trick LastPass users

LastPass has alerted users about a new phishing attack that claims the recipient has died. According to the message, a family member has submitted a death certificate to gain access to the recipient’s password vault. A link in the phishing email, supposedly to stop the request, leads to a fake pa...

6.9AI score
Exploits0
EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2024-38303

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.0025EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2025-29358

Malicious code in bioql PyPI...

3.2CVSS6.6AI score0.00019EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-42246

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00403EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/09/18 1:39 a.m.9 views

CVE-2025-59453

Click Studios Passwordstate before 9.9 Build 9972 has a potential authentication bypass for Passwordstate emergency access. By using a crafted URL while on the Emergency Access web page, an unauthorized person can gain access to the Passwordstate Administration section...

3.2CVSS7.1AI score0.00019EPSS
Exploits0References1
NVD
NVDadded 2025/09/16 6:16 a.m.0 views

CVE-2025-59453

Click Studios Passwordstate before 9.9 Build 9972 has a potential authentication bypass for Passwordstate emergency access. By using a crafted URL while on the Emergency Access web page, an unauthorized person can gain access to the Passwordstate Administration section...

3.2CVSS0.00019EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/09/16 12:0 a.m.3 views

PT-2025-37865

Name of the Vulnerable Software and Affected Versions: Passwordstate versions prior to 9.9 Build 9972 Description: Passwordstate emergency access may be bypassed by using a crafted URL while on the Emergency Access web page, potentially granting unauthorized access to the Administration section...

3.2CVSS6.4AI score0.00019EPSS
Exploits0References5
Cvelist
Cvelistadded 2025/09/16 12:0 a.m.6 views

CVE-2025-59453

Click Studios Passwordstate before 9.9 Build 9972 has a potential authentication bypass for Passwordstate emergency access. By using a crafted URL while on the Emergency Access web page, an unauthorized person can gain access to the Passwordstate Administration section...

3.2CVSS0.00019EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/09/16 12:0 a.m.2 views

CVE-2025-59453

Click Studios Passwordstate before 9.9 Build 9972 has a potential authentication bypass for Passwordstate emergency access. By using a crafted URL while on the Emergency Access web page, an unauthorized person can gain access to the Passwordstate Administration section...

3.2CVSS6.7AI score0.00019EPSS
Exploits0References2
CVE
CVEadded 2025/09/16 12:0 a.m.11 views

CVE-2025-59453

CVE-2025-59453 affects Click Studios Passwordstate before 9.9 Build 9972. A crafted URL during the Emergency Access page can bypass authentication and grant access to the Passwordstate Administration section. Root cause: likely an authentication bypass in the Emergency Access workflow. Affected p...

3.2CVSS6.7AI score0.00019EPSS
Exploits0References2
The Hacker News
The Hacker Newsadded 2025/08/29 9:58 a.m.2 views

Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page

Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address an authentication bypass vulnerability in its software. The high-severity issue, which is yet to be assigned a CVE identifier, has been addressed in...

7.5CVSS7.8AI score0.00121EPSS
Exploits1
GithubExploit
GithubExploitadded 2025/06/02 4:5 p.m.553 views

Exploit for Incorrect Default Permissions in Dani-Garcia Vaultwarden

PoC-CVE-2024-39924 PoC and lab setup for CVE-2024-39924 De...

8.8CVSS6.8AI score0.0025EPSS
Exploits1
NVD
NVDadded 2024/09/13 6:15 p.m.13 views

CVE-2024-39924

An issue was discovered in Vaultwarden formerly BitwardenRS 1.30.3. A vulnerability has been identified in the authentication and authorization process of the endpoint responsible for altering the metadata of an emergency access. It permits an attacker with granted emergency access to escalate...

8.8CVSS0.0025EPSS
Exploits1References3
OSV
OSVadded 2024/09/13 6:15 p.m.4 views

CVE-2024-39924

An issue was discovered in Vaultwarden formerly BitwardenRS 1.30.3. A vulnerability has been identified in the authentication and authorization process of the endpoint responsible for altering the metadata of an emergency access. It permits an attacker with granted emergency access to escalate...

8.8CVSS7.6AI score
Exploits0References3
CVE
CVEadded 2024/09/13 12:0 a.m.140 views

CVE-2024-39924

CVE-2024-39924 (Vaultwarden 1.30.3): A vulnerability in the emergency-access metadata endpoint allows a user with granted emergency access to escalate privileges by altering the access level and waitTimeDays, enabling full vault control while bypassing the required wait period. Public PoC/exploit...

8.8CVSS7.4AI score0.0025EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2024/09/13 12:0 a.m.15 views

CVE-2024-39924

An issue was discovered in Vaultwarden formerly BitwardenRS 1.30.3. A vulnerability has been identified in the authentication and authorization process of the endpoint responsible for altering the metadata of an emergency access. It permits an attacker with granted emergency access to escalate...

0.0025EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2024/09/13 12:0 a.m.4 views

PT-2024-28736 · Unknown · Vaultwarden

Name of the Vulnerable Software and Affected Versions: Vaultwarden formerly Bitwarden RS version 1.30.3 Description: A vulnerability has been identified in the authentication and authorization process of the endpoint responsible for altering the metadata of an emergency access. It permits an...

8.8CVSS6.5AI score0.0025EPSS
Exploits1References10
CNNVD
CNNVDadded 2024/09/13 12:0 a.m.3 views

Vaultwarden 安全漏洞

Vaultwarden is an alternative implementation of the Bitwarden server API written in Rust by Daniel García Personal Developer. A security vulnerability exists in Vaultwarden version 1.30.3, which originated from allowing an attacker with emergency access privileges to elevate their privileges by...

8.8CVSS6.5AI score0.0025EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2024/09/13 12:0 a.m.14 views

CVE-2024-39924

An issue was discovered in Vaultwarden formerly BitwardenRS 1.30.3. A vulnerability has been identified in the authentication and authorization process of the endpoint responsible for altering the metadata of an emergency access. It permits an attacker with granted emergency access to escalate...

7.8AI score0.0025EPSS
Exploits1References3
Rows per page
Query Builder