Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2025/09/10 9:2 p.m.8 views

CVE-2025-10216

GrandNode (versions up to 2.3.0) is affected by a race condition in the Voucher Handler, specifically in the /checkout/ConfirmOrder/ path where manipulating the giftvouchercouponcode argument can trigger the issue. The description across multiple sources indicates remote exploitation is possible ...

2.6CVSS3.6AI score0.00031EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/09/10 9:2 p.m.6 views

CVE-2025-10216 GrandNode Voucher ConfirmOrder race condition

A vulnerability was detected in GrandNode up to 2.3.0. The impacted element is an unknown function of the file /checkout/ConfirmOrder/ of the component Voucher Handler. The manipulation of the argument giftvouchercouponcode results in race condition. The attack may be launched remotely. The attac...

2.6CVSS0.00031EPSS
Exploits0References3
CNNVD
CNNVDadded 2025/09/10 12:0 a.m.1 views

GrandNode 竞争条件问题漏洞

GrandNode is a GrandNode open source, cross-platform, open source e-commerce solution based on ASP.NET CORE and MongoDB. A Competitive Condition Issue vulnerability exists in GrandNode 2.3.0 and earlier versions, which stems from a competitive condition due to incorrect manipulation of the...

2.6CVSS4.1AI score0.00031EPSS
Exploits0References3
Rows per page
Query Builder