Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded yesterday2 views

CVE-2026-40567

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can inject arbitrary HTML into outgoing emails generated by FreeScout by sending an email with a crafted From display name. The name is stored in the database without sanitization a...

5.8CVSS5.6AI score0.00066EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/21 4:6 p.m.25 views

CVE-2026-40567 FreeScout has HTML Injection in Outgoing Emails via Unsanitized Customer Name in Signature Variables

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can inject arbitrary HTML into outgoing emails generated by FreeScout by sending an email with a crafted From display name. The name is stored in the database without sanitization a...

5.8CVSS0.00066EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/04/21 4:6 p.m.0 views

CVE-2026-40567

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can inject arbitrary HTML into outgoing emails generated by FreeScout by sending an email with a crafted From display name. The name is stored in the database without sanitization a...

5.8CVSS5.9AI score0.00066EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/04/21 4:6 p.m.0 views

EUVD-2026-24168

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can inject arbitrary HTML into outgoing emails generated by FreeScout by sending an email with a crafted From display name. The name is stored in the database without sanitization a...

5.8CVSS5.9AI score0.00066EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/21 4:6 p.m.0 views

CVE-2026-40567 FreeScout has HTML Injection in Outgoing Emails via Unsanitized Customer Name in Signature Variables

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, an unauthenticated attacker can inject arbitrary HTML into outgoing emails generated by FreeScout by sending an email with a crafted From display name. The name is stored in the database without sanitization a...

5.8CVSS5.9AI score0.00066EPSS
Exploits0References3
CVE
CVEadded 2026/04/06 4:10 p.m.6 views

CVE-2026-34975

The CVE describes a CRLF header injection vulnerability in Plunk’s SESService.ts prior to version 0.8.0. An authenticated API user could inject arbitrary email headers (e.g., Bcc, Reply-To) by embedding CRLF characters in from.name, subject, custom header keys/values, or attachment filenames, bec...

8.5CVSS6.1AI score0.00043EPSS
Exploits2References1Affected Software1
OSV
OSVadded 2019/12/13 6:15 p.m.2 views

CVE-2019-17123

The eGain Web Email API 11+ allows spoofed messages because the fromName and message fields to /system/ws/v11/ss/email are mishandled, as demonstrated by fromName header injection with a %0a or %0d character. Also, the message parameter can have initial HTML comment characters...

7.5CVSS7.1AI score0.0037EPSS
Exploits1References2
CNVD
CNVDadded 2016/04/28 12:0 a.m.7 views

PHP ZipArchive::getFrom* Integer Overflow Vulnerability

PHP PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community.PHP ZipArchive is an extension class that comes with PHP that enables compression and decompression of ZIP files. An...

9.8CVSS9.3AI score0.48113EPSS
Exploits5References1
Rows per page
Query Builder