CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/02/12 12:0 a.m.•2 views

Filosoft Comerc32 安全漏洞

Filosoft Comerc32 is a commercial invoicing and management software developed by the Portuguese company Filosoft. Version Filosoft Comerc32 Commercial Invoicing 16.0.0.3 contains a security vulnerability. This vulnerability stems from a flaw in the comeinst.exe file, which may allow local attacke...

7.8CVSS6.1AI score0.00031EPSS

Positive Technologies•added 2026/02/12 12:0 a.m.•5 views

PT-2026-7880

Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to the Administrators...

8.5CVSS5.5AI score0.00019EPSS

Exploits1References4

CNNVD•added 2026/02/12 12:0 a.m.•2 views

Vm3Max NextVPN 安全漏洞

Vm3Max NextVPN is a VPN proxy application developed by Vm3Max Corporation. Version 4.10 of Vm3Max NextVPN contains a security vulnerability. This vulnerability stems from insecure file permissions, which may allow local users to modify executable files in order to obtain SYSTEM or Administrator...

8.5CVSS5.8AI score0.00013EPSS

Positive Technologies•added 2026/02/12 12:0 a.m.•2 views

PT-2026-7879

NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to modify executable files with full access rights. Attackers can replace system executables with malicious files to gain SYSTEM or Administrator privileges through unauthorized file modification...

8.5CVSS5.5AI score0.00013EPSS

OSV•added 2026/02/11 9:16 p.m.•1 views

CVE-2024-50620

Unrestricted Upload of File with Dangerous Type vulnerabilities exist in the rich text editor and document manage components in CIPPlanner CIPAce before 9.17. An authorized user can upload executable files when inserting images in the rich text editor, and upload executable files when uploading...

8.8CVSS5.8AI score0.00055EPSS

NVD•added 2026/02/11 9:16 p.m.•5 views

CVE-2024-50620

8.8CVSS0.00055EPSS

NVD•added 2026/02/11 3:16 p.m.•2 views

CVE-2019-25308

Mikogo 5.2.2.150317 contains an unquoted service path vulnerability in the Mikogo-Service Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific path locations...

8.5CVSS0.00007EPSS

Exploits1References3

OSV•added 2026/02/11 8:58 a.m.•4 views

MAL-2026-850 Malicious code in ntoctfutils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f65404ba7442c7d16e3f569b7c84afc4d1df23f9497ac3a6101d5ec3c168956f Importing the module downloads and runs a remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

OSSF Malicious Packages•added 2026/02/11 8:58 a.m.•5 views

Malicious code in ntoctfutils (PyPI)

ATTACKERKB•added 2026/02/11 12:0 a.m.•3 views

CVE-2024-50620

5.5AI score0.00055EPSS

Positive Technologies•added 2026/02/11 12:0 a.m.•4 views

PT-2026-7656

Name of the Vulnerable Software and Affected Versions CIPPlanner CIPAce versions prior to 9.17 Description The software contains flaws related to unrestricted file uploads with dangerous file types in the rich text editor and document management components. A user with authorization can upload...

8.8CVSS5.5AI score0.00055EPSS

Exploits0References5

Vulnrichment•added 2026/02/11 12:0 a.m.•2 views

CVE-2024-50620

5.5AI score0.00055EPSS

CVE•added 2026/02/11 12:0 a.m.•9 views

CVE-2024-50620

CVE-2024-50620 affects CIPPlanner CIPAce prior to 9.17, where Unrestricted Upload of File with Dangerous Type exists in the rich text editor and document management components. An authorized user can upload executable files when inserting images or during document uploads; such executables can be...

8.8CVSS5.5AI score0.00055EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/02/11 12:0 a.m.•21 views

CVE-2024-50620

0.00055EPSS

OSV•added 2026/02/10 7:14 p.m.•3 views

MAL-2026-843 Malicious code in requests-core-plugin (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f7d809caa4cb4961377b3c02a06f90ce19136a36297191248a8c6cd289a809f2 During installation, package loads obfuscated code that then downloads and starts an executable. The final executable is identified as malware and appears to...

5.8AI score

OSSF Malicious Packages•added 2026/02/10 7:2 p.m.•5 views

Malicious code in lyroxpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a9016ac99840c4d68028c7b724382974154c9bf75b410da9c6b4a75ff6d20b1f The package contains an embedded archive with an executable. When importing the module, the embedded archive is run as a module. Code inside extracts the...

OSV•added 2026/02/10 7:2 p.m.•2 views

MAL-2026-841 Malicious code in lyroxpy (PyPI)

OSSF Malicious Packages•added 2026/02/10 5:6 p.m.•7 views

Malicious code in search-savedsearch-podlet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 878a9c43dd8ff489c2771eb72e59389391267772d0e64b6dea94a657d0ca7b3a The package search-savedsearch-podlet was found to contain malicious code. Source: ossf-package-analysis...

OSV•added 2026/02/10 7:25 a.m.•3 views

Exploits0

MAL-2026-823 Malicious code in ntoutils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 15b6e8b1974bbd5ee6ee5e5abe0619080d87644b200fd8fc410f70a2f23213ff Importing the module downloads and runs a remote executable identified as malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like...