CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/12 6:17 p.m.•14 views

CVE-2026-41109

Improper neutralization of special elements in output used by a downstream component 'injection' in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network...

8.8CVSS0.00861EPSS

NVD•added 2026/05/12 11:16 a.m.•11 views

CVE-2026-45213

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a through = 1.1.7.1...

7.6CVSS0.00226EPSS

ATTACKERKB•added 2026/05/12 11:2 a.m.•9 views

CVE-2026-45214

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Blind SQL Injection.This issue affects Xpro Elementor Addons: from n/a through = 1.5.1...

8.5CVSS5.8AI score0.00223EPSS

ATTACKERKB•added 2026/05/12 11:2 a.m.•8 views

CVE-2026-45213

7.6CVSS5.8AI score0.00226EPSS

Positive Technologies•added 2026/05/12 12:0 a.m.•9 views

PT-2026-40244

8.8CVSS5.8AI score0.00861EPSS

Positive Technologies•added 2026/05/12 12:0 a.m.•10 views

PT-2026-40141

Name of the Vulnerable Software and Affected Versions Azure Machine Learning affected versions not specified Description Improper neutralization of special elements in output used by a downstream component allows an unauthorized attacker to perform spoofing over a network. This issue can lead to...

8.5CVSS5.8AI score0.00498EPSS

Exploits0References5

Positive Technologies•added 2026/05/12 12:0 a.m.•10 views

PT-2026-40261

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to perform tampering over a network...

7.4CVSS5.8AI score0.00399EPSS

Microsoft CVE•added 2026/05/11 2:0 p.m.•16 views

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Improper neutralization of special elements in output used by a downstream component 'injection' in Microsoft Edge Chromium-based allows an unauthorized attacker to elevate privileges over a network...

5.4CVSS5.8AI score0.0024EPSS

Exploits0

Positive Technologies•added 2026/05/11 12:0 a.m.•7 views

PT-2026-40259

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Improper neutralization of special elements in output used by a downstream component injection allows an unauthorized attacker to elevate privileges over a network...

5.4CVSS5.8AI score0.0024EPSS

Exploits0References8

OSV•added 2026/05/08 8:41 a.m.•3 views

BIT-DOTNET-SDK-2026-32178 .NET Spoofing Vulnerability

Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network...

7.5CVSS6.2AI score0.0111EPSS

OSV•added 2026/05/08 8:41 a.m.•6 views

BIT-DOTNET-2026-32178 .NET Spoofing Vulnerability

Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network...

7.5CVSS6.2AI score0.0111EPSS

EUVD•added 2026/05/08 12:31 a.m.•21 views

EUVD-2026-28449

Improper neutralization of special elements used in a command 'command injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...

EUVD•added 2026/05/08 12:31 a.m.•18 views

EUVD-2026-28445

Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to disclose information over a network...

EUVD•added 2026/05/08 12:31 a.m.•7 views

EUVD-2026-28446

Improper neutralization of special elements in output used by a downstream component 'injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.8AI score0.00799EPSS

Positive Technologies•added 2026/05/08 12:0 a.m.•9 views

PT-2026-39157

Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network...

7.5CVSS6.2AI score0.0111EPSS

Exploits0References3

NVD•added 2026/05/07 10:16 p.m.•18 views

CVE-2026-35428

Improper neutralization of special elements used in a command 'command injection' in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over a network...

9.6CVSS0.00933EPSS

ATTACKERKB•added 2026/05/07 8:58 p.m.•3 views

CVE-2026-26129

Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to disclose information over a network...

Microsoft CVE•added 2026/05/07 2:0 p.m.•11 views

M365 Copilot Information Disclosure Vulnerability

Improper neutralization of special elements used in a command 'command injection' in M365 Copilot allows an unauthorized attacker to disclose information over a network...

Positive Technologies•added 2026/05/07 12:0 a.m.•12 views

Exploits0

PT-2026-38353

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WPMart Team Member allows Blind SQL Injection. This issue affects Team Member: from n/a through 8.5...

7.6CVSS5.8AI score0.0022EPSS