CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/01/30 8:16 p.m.•1 views

UBUNTU-CVE-2025-11175

8.8CVSS5.8AI score0.00424EPSS

EUVD•added 2026/01/30 7:12 p.m.•4 views

EUVD-2025-206571

ATTACKERKB•added 2026/01/30 7:12 p.m.•3 views

CVE-2025-11175

Exploits0References5Affected Software1

Vulnrichment•added 2026/01/30 7:12 p.m.•4 views

CVE-2025-11175 DiscussionTools should use better regex

CVE•added 2026/01/30 7:12 p.m.•14 views

CVE-2025-11175

CVE-2025-11175 concerns the MediaWiki DiscussionTools extension (version 1.44 and 1.43 affected) and is caused by improper neutralization of certain expression language elements, enabling a Regular Expression exponential blowup. Public entries from NVD, Debian security tracker, and related OSV en...

Cvelist•added 2026/01/30 7:12 p.m.•25 views

CVE-2025-11175 DiscussionTools should use better regex

8.8CVSS0.00424EPSS

Positive Technologies•added 2026/01/30 12:0 a.m.•8 views

PT-2026-5489

Name of the Vulnerable Software and Affected Versions AirControl version 1.4.2 Description AirControl version 1.4.2 has a pre-authentication remote code execution issue. Unauthenticated attackers can execute arbitrary system commands by injecting malicious Java expressions. The issue is exploitab...

9.8CVSS6.5AI score0.01173EPSS

Exploits0References5

Veracode•added 2026/01/29 4:49 p.m.•8 views

Incorrect Regular Expression

Hono is vulnerable to Incorrect Regular Expression. The vulnerability is due to improper validation of IPv4 octet ranges in the IP Restriction Middleware, which allows an attacker to craft malformed IP addresses to bypass IP-based access controls...

6.5CVSS5.9AI score0.00315EPSS

Exploits0References4Affected Software1

SUSE Linux•added 2026/01/29 10:34 a.m.•5 views

Security update for python

This update for python fixes the following issues: Modified CVE-2025-6075 fix to not use re.ASCII flag not available in Python 2.7 bsc1257064. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you...

2.5CVSS7.2AI score0.00124EPSS

GithubExploit•added 2026/01/28 9:4 p.m.•144 views

Exploit for Expression Language Injection in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

MITRE ATT&CK Threat Detection with Splunk Detection engineeri...

10CVSS6AI score0.99999EPSS

Exploits347

Github Security Blog•added 2026/01/27 3:30 p.m.•14 views

n8n Unsafe Workflow Expression Evaluation Allows Remote Code Execution

n8n contains a critical Remote Code Execution RCE vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An...

Exploits2References6Affected Software1

NVD•added 2026/01/27 3:15 p.m.•11 views

CVE-2026-1470

9.9CVSS0.18071EPSS

Snyk•added 2026/01/27 2:48 p.m.•7 views

Eval Injection

Overview n8n-workflow is a Workflow base code of n8n Affected versions of this package are vulnerable to Eval Injection during the Expression evaluation workflow. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not...

9.9CVSS9.2AI score0.18071EPSS

Cvelist•added 2026/01/27 2:23 p.m.•58 views

CVE-2026-1470 Authenticated users can bypass the Expression sandbox mechanism to achieve full remote code execution on n8n’s main node.

9.9CVSS0.18071EPSS

EUVD•added 2026/01/27 2:23 p.m.•5 views

EUVD-2026-4839

Vulnrichment•added 2026/01/27 2:23 p.m.•3 views

CVE-2026-1470 Authenticated users can bypass the Expression sandbox mechanism to achieve full remote code execution on n8n’s main node.

CVE•added 2026/01/27 2:23 p.m.•32 views

CVE-2026-1470

CVE-2026-1470 affects n8n: a critical Remote Code Execution in the workflow Expression evaluation system where expressions from authenticated users are evaluated in a runtime context that isn’t sufficiently isolated. This allows an authenticated attacker to execute arbitrary code with the n8n pro...