CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

170 matches found

CVE-2026-50209

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

9.3CVSS

Exploits0References1

CVE•added 9 hours ago•6 views

CVE-2026-50209

CVE-2026-50209 describes a vulnerability where broadcast events allow malicious software to rewrite the device’s default Mobile Device Management (MDM) endpoint address, shifting administrative ownership to an external attacker. The issue is tied to the MDM registration/endpoint resolution flow a...

9.3CVSS5.8AI score

Exploits0References1

Cvelist•added 9 hours ago•6 views

CVE-2026-50209 MDM Server Registration Overriding

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

9.3CVSS

Exploits0References1

Positive Technologies•added 16 hours ago•7 views

PT-2026-46161

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management MDM endpoint address, shifting administrative ownership to an external attacker...

9.3CVSS5.8AI score

Exploits0References2

Positive Technologies•added 3 days ago•8 views

PT-2026-45648

Kiteworks is a private data network PDN. Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker to trick a user into executing arbitrary JavaScript code. Upgrade Kiteworks to version 9.3.0 or later to receive a patch...

8.2CVSS5.9AI score0.00033EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 10:51 a.m.•4 views

CVE-2022-42743

deep-parse-json version 1.0.2 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the 'proto' property to be edited...

5.3CVSS6.8AI score0.00329EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:50 a.m.•3 views

CVE-2022-42745

CandidATS version 3.0.0 allows an external attacker to read arbitrary files from the server. This is possible because the application is vulnerable to XXE...

7.5CVSS6.9AI score0.00565EPSS

Exploits1References1

EUVD•added 2025/11/29 2:24 a.m.•2 views

EUVD-2025-199897

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, this vulnerability could allow an external attacker to gain access to log information from the system by tricking an administrator into browsing a specifically crafted fake page of Kiteworks MFT. This issue has...

6.8CVSS6.3AI score0.00016EPSS

Exploits0References1

CVE•added 2025/10/22 8:14 a.m.•11 views

CVE-2025-41108

The CVE describes Ghost Robotics Vision 60 (v0.27.2) as vulnerable due to a lack of encryption and authentication in its MAVLink-based communication protocol. This enables an external attacker to impersonate the control station and issue arbitrary commands to the robot, potentially gaining unauth...

9.8CVSS7AI score0.00037EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2005-2472

Malware in sbrugna...

7.5CVSS6AI score0.02055EPSS

Exploits0References17

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-22161

Malware in sbrugna...

5.3CVSS5.3AI score0.00614EPSS

Exploits0References6