CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25953 matches found

ATTACKERKB•added 2026/02/26 7:55 p.m.•3 views

CVE-2026-27150

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, missing validatebeforecreate authorization in Data Explorer's QueryGroupBookmarkable allows any logged-in user to create bookmarks for query groups they don't have access to, enabling metadata...

5.3CVSS5.8AI score0.00153EPSS

Exploits0References2Affected Software1

EUVD•added 2026/02/26 7:55 p.m.•6 views

EUVD-2026-8889

5.3CVSS5.5AI score0.00153EPSS

Exploits0References1

Vulnrichment•added 2026/02/26 7:55 p.m.•3 views

CVE-2026-27150 Discourse doesn't ensure guardian check when creating QueryGroupBookmark

5.3CVSS6AI score0.00153EPSS

Exploits0References1

RedhatCVE•added 2026/02/26 4:15 a.m.•4 views

CVE-2026-27615

ADB Explorer is a fluent UI for ADB on Windows. In versions prior to Beta 0.9.26022, ADB-Explorer allows the ManualAdbPath settings variable, which determines the path of the ADB binary to be executed, to be set to a Universal Naming Convention UNC path in the application's settings file. This...

8.8CVSS5.8AI score0.00207EPSS

Exploits1References1

CNNVD•added 2026/02/26 12:0 a.m.•5 views

Discourse 安全漏洞

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from a security vulnerability that stems from a lack of validatebeforecreate authorization in Data Explorer's...

5.3CVSS5.8AI score0.00153EPSS

Exploits0References2

CNNVD•added 2026/02/26 12:0 a.m.•4 views

Discourse 访问控制错误漏洞

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse suffers from an Access Control Error vulnerability that stems from an open Access Control Failure in the Data Explorer plugin,...

5.4CVSS6AI score0.00151EPSS

Exploits0References1

Positive Technologies•added 2026/02/26 12:0 a.m.•4 views

PT-2026-22185

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2025.12.2 Discourse versions prior to 2026.1.1 Discourse versions prior to 2026.2.0 Description A missing validate before create authorization check in the Data Explorer's QueryGroupBookmarkable component allows any...

5.3CVSS5.9AI score0.00153EPSS

Exploits0References7

Positive Technologies•added 2026/02/26 12:0 a.m.•4 views

PT-2026-22195

Name of the Vulnerable Software and Affected Versions Discourse versions prior to 2025.12.2 Discourse versions prior to 2026.1.1 Discourse versions prior to 2026.2.0 Description Discourse is an open source discussion platform. A flaw exists in the Data Explorer plugin's access control mechanism...

5.4CVSS6.3AI score0.00151EPSS

Exploits0References6

ATTACKERKB•added 2026/02/25 2:33 a.m.•5 views

CVE-2026-27615

8.8CVSS5.8AI score0.00207EPSS

Exploits1References2

Vulnrichment•added 2026/02/25 2:33 a.m.•3 views

CVE-2026-27615 ADB-Explorer: UNC Path Support in ManualAdbPath Leads to Remote Code Execution (RCE)

8.8CVSS6.1AI score0.00207EPSS

Exploits1References1

CVE•added 2026/02/25 2:33 a.m.•10 views

CVE-2026-27615

CVE-2026-27615 affects ADB Explorer for Windows prior to Beta 0.9.26022. The vulnerability arises when ManualAdbPath is set to a UNC path, enabling an attacker to point the ADB binary to a remote, attacker-controlled network resource. If a user runs a shortcut that points to a crafted App.txt set...

8.8CVSS5.8AI score0.00207EPSS

Exploits1References1Affected Software1

OSV•added 2026/02/25 2:33 a.m.•5 views

CVE-2026-27615 ADB-Explorer: UNC Path Support in ManualAdbPath Leads to Remote Code Execution (RCE)

8.8CVSS6.1AI score0.00207EPSS

Exploits1References3

Positive Technologies•added 2026/02/25 12:0 a.m.•9 views

PT-2026-21842

Name of the Vulnerable Software and Affected Versions ADB Explorer versions prior to Beta 0.9.26022 Description ADB Explorer, a fluent UI for ADB on Windows, allows manipulation of the ManualAdbPath settings variable. This variable defines the path to the ADB binary. Setting this variable to a...

8.8CVSS6.5AI score0.00207EPSS

Exploits1References6

Packet Storm•added 2026/02/24 12:0 a.m.•157 views

📄 Windows File Explorer Information Disclosure

Proof of concept exploit that demonstrates how the Microsoft Windows File Explorer fails to properly restrict access to sensitive system locations. Exploit Title: Windows File Explorer Information Disclosure CVE-2026-20937 Date: 2026-02-24 Exploit Author: nu11secur1ty Vendor Homepage:...

5.5CVSS5.5AI score0.00466EPSS

Exploits1

RedhatCVE•added 2026/02/21 7:29 p.m.•5 views

CVE-2026-27115

ADB Explorer is a fluent UI for ADB on Windows. Versions 0.9.26020 and below have an unvalidated command-line argument that allows any user to trigger recursive deletion of arbitrary directories on the Windows filesystem. ADB Explorer accepts an optional path argument to set a custom data...

7.1CVSS5.9AI score0.00223EPSS

Exploits1References1

RedhatCVE•added 2026/02/21 1:28 a.m.•6 views

CVE-2026-26959

ADB Explorer is a fluent UI for ADB on Windows. Versions 0.9.26020 and below fail to validate the integrity or authenticity of the ADB binary path specified in the ManualAdbPath setting before executing it, allowing arbitrary code execution with the privileges of the current user. An attacker can...

7.8CVSS6.5AI score0.00175EPSS

Exploits0References1