CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

8766 matches found

CNNVD•added 2026/02/24 12:0 a.m.•4 views

SourceCodester Modern Image Gallery App 代码注入漏洞

SourceCodester Modern Image Gallery App is an open-source modern image gallery application developed by SourceCodester. Version 1.0 of the SourceCodester Modern Image Gallery App contains a code injection vulnerability, which stems from incorrect handling of the parameter filename in the upload.p...

6.1CVSS5.7AI score0.00264EPSS

Exploits1References5

UbuntuCve•added 2026/02/24 12:0 a.m.•2 views

CVE-2026-25965

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick’s path security policy is enforced on the raw filename string before the filesystem resolves it. As a result, a policy rule such as /etc/ can be...

8.6CVSS5.8AI score0.00751EPSS

Exploits0References3

UbuntuCve•added 2026/02/24 12:0 a.m.•3 views

CVE-2026-25966

ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard streams. However, ImageMagick also supports fd: pseudo-filenames e.g., fd:0, fd:1. Prior to version...

7.8CVSS5.9AI score0.00135EPSS

Exploits0References2

Packet Storm•added 2026/02/23 12:0 a.m.•123 views

📄 SuiteCRM 7.11.18 Log File Remote Code Execution

SuiteCRM version 7.11.18 allows modification of the logging configuration. The log filename extension is not validated properly .pHp accepted, causing the log to be interpreted as PHP. Then attacker injects PHP payload into the logs changing username lastname field resulting in the log file...

9CVSS5.6AI score0.64094EPSS

RedhatCVE•added 2026/02/21 7:31 p.m.•2 views

CVE-2025-69399

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Cobble cobble allows PHP Local File Inclusion.This issue affects Cobble: from n/a through = 1.7...

8.1CVSS5.5AI score0.00512EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:30 p.m.•3 views

CVE-2025-69408

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes HealthFirst healthfirst allows PHP Local File Inclusion.This issue affects HealthFirst: from n/a through = 1.0.1...

8.1CVSS5.5AI score0.00512EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:30 p.m.•3 views

CVE-2025-67981

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Besa besa allows PHP Local File Inclusion.This issue affects Besa: from n/a through = 2.3.15...

8.1CVSS5.5AI score0.00602EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:30 p.m.•1 views

CVE-2025-68545

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in thembay Nika nika allows PHP Local File Inclusion.This issue affects Nika: from n/a through = 1.2.14...

8.1CVSS5.5AI score0.00504EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:29 p.m.•2 views

CVE-2026-22344

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes FiveStar fivestar allows PHP Local File Inclusion.This issue affects FiveStar: from n/a through = 1.7...

8.1CVSS5.5AI score0.00512EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:29 p.m.•3 views

CVE-2026-22379

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Netmix netmix allows PHP Local File Inclusion.This issue affects Netmix: from n/a through = 1.0.10...

8.1CVSS5.5AI score0.0045EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:29 p.m.•2 views

CVE-2026-22376

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Parkivia parkivia allows PHP Local File Inclusion.This issue affects Parkivia: from n/a through = 1.1.9...

8.1CVSS5.5AI score0.00417EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:29 p.m.•1 views

CVE-2026-22367

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Coworking coworking allows PHP Local File Inclusion.This issue affects Coworking: from n/a through = 1.6.1...

8.1CVSS5.5AI score0.00561EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:29 p.m.•2 views

CVE-2026-22381

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows PHP Local File Inclusion.This issue affects PawFriends - Pet Shop and Veterinary WordPress...

8.1CVSS5.5AI score0.00327EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:29 p.m.•4 views

CVE-2026-22365

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Soleng soleng allows PHP Local File Inclusion.This issue affects Soleng: from n/a through = 1.0.5...

8.1CVSS5.5AI score0.00403EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:29 p.m.•2 views

CVE-2026-22370

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Marveland marveland allows PHP Local File Inclusion.This issue affects Marveland: from n/a through = 1.3.0...

8.1CVSS5.5AI score0.00412EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:29 p.m.•2 views

CVE-2026-22378

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Blabber blabber allows PHP Local File Inclusion.This issue affects Blabber: from n/a through = 1.7.0...

8.1CVSS5.5AI score0.00334EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 1:31 a.m.•10 views

CVE-2026-27343

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in VanKarWai Airtifact airtifact allows PHP Local File Inclusion.This issue affects Airtifact: from n/a through = 1.2.91...

7.5CVSS5.5AI score0.00423EPSS

Exploits0References1

NVD•added 2026/02/20 4:22 p.m.•7 views

CVE-2026-22381

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows PHP Local File Inclusion.This issue affects PawFriends - Pet Shop and Veterinary WordPress...

8.1CVSS0.00327EPSS

Exploits0References1

NVD•added 2026/02/20 4:22 p.m.•3 views

CVE-2026-22378

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Blabber blabber allows PHP Local File Inclusion.This issue affects Blabber: from n/a through = 1.7.0...

8.1CVSS0.00334EPSS

Exploits0References1

NVD•added 2026/02/20 4:22 p.m.•3 views

CVE-2026-22373

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Fooddy fooddy allows PHP Local File Inclusion.This issue affects Fooddy: from n/a through = 1.3.10...

8.1CVSS0.00426EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by