CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

212 matches found

ATTACKERKB•added 2026/04/01 1:6 a.m.•1 views

CVE-2026-4374

Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional Routing Service,Observability Collector,Recording Service,Queueing Service,Cloud Discovery Service allows Serialized Data External Linking, Data Serializat...

8.8CVSS5.9AI score0.0004EPSS

Exploits0References2Affected Software1

EUVD•added 2026/03/02 1:32 a.m.•3 views

EUVD-2026-9137

A flaw has been found in thinkgem JeeSite up to 5.15.1. Impacted is an unknown function of the file /com/jeesite/common/shiro/cas/CasOutHandler.java of the component Endpoint. Executing a manipulation can lead to xml external entity reference. The attack may be performed from remote. Attacks of...

5CVSS5.2AI score0.00044EPSS

Exploits1References4

NVD•added 2026/01/06 5:15 p.m.•2 views

CVE-2025-36589

Dell Unisphere for PowerMax, versions 9.2.4.x, contains an Improper Restriction of XML External Entity Reference vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access to data and resources outside of the intended...

7.6CVSS0.00097EPSS

Exploits0References1

Cvelist•added 2026/01/06 4:20 p.m.•21 views

CVE-2025-36589

7.6CVSS0.00097EPSS

Exploits0References1

CVE•added 2025/12/30 2:2 p.m.•2 views

CVE-2025-15251

The CVE-2025-15251 entry describes a vulnerability in beecue FastBee (SIP Message Handler) up to version 2.1. The issue is in getRootElement (springboot/fastbee-server/sip-server/src/main/java/com/fastbee/sip/handler/req/ReqAbstractHandler.java) and manifests as an XML External Entity (XXE) refer...

6.3CVSS6.4AI score0.00024EPSS

Exploits0References4

CISA•added 2025/12/11 12:0 p.m.•4 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-58360link is external OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability This type of vulnerability is a frequent attack...

9.8CVSS6.9AI score0.81395EPSS

In wildExploits4References6

GithubExploit•added 2025/11/04 2:16 p.m.•178 views

Exploit for Improper Restriction of XML External Entity Reference in Jetbrains Ktor

ktor-xxe This project was created using the Ktor Project Gen...

9.8CVSS6.7AI score0.00003EPSS

Exploits6

CVE•added 2025/10/06 5:2 p.m.•14 views

CVE-2025-11341

CVE-2025-11341 affects Jinher OA (versions up to 2.0) via an XML External Entity (XXE) vulnerability in the function handling a request to /c6/Jhsoft.Web.module/eformaspx/WebDesign.aspx/?type=SystemUserInfo&style=1. The issue arises from manipulating an unknown function in that file, enabling rem...

9.8CVSS6.2AI score0.0005EPSS

Exploits1References4Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-9727

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00294EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-34259

Malicious code in bioql PyPI...

8.8CVSS6AI score0.00048EPSS

Exploits1References3