CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

Canvas LMS v2020-07-29 - Blind Server-Side Request Forgery

Canvas version 2020-07-29 is susceptible to blind server-side request forgery. An attacker can cause Canvas to perform HTTP GET requests to arbitrary domains and thus potentially access sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2020-5775 info: name: Canva...

5.8CVSS6.4AI score0.65827EPSS

Exploits1References4

HackRead•added 2026/05/13 9:10 p.m.•3 views

Instructure Reaches Deal with ShinyHunters to Prevent Canvas Data Leak

Instructure has reached an agreement with the ShinyHunters group to return and destroy stolen Canvas data, protecting millions of student records from a public leak...

5.8AI score

Exploits0

The Hacker News•added 2026/05/12 7:37 a.m.•7 views

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

American educational technology company Instructure, the parent company of Canvas, said it reached an "agreement" with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities. In an update shared...

5.8AI score

Exploits0

Trend Micro Simply Security•added 2026/05/10 12:0 a.m.•3 views

What Is the Instructure Canvas Breach? Impact, Risks, and What Institutions Should Do

The Instructure Canvas breach affects universities, K–12 school districts, and teaching hospitals globally. This blog entry intends to provide context and practical guidance...

5.8AI score

Exploits0

Malwarebytes•added 2026/05/08 12:0 p.m.•7 views

ShinyHunters escalates Canvas attacks with school login defacements

Days after confirming a major data breach, Instructure is now facing a second blow. Earlier this week, Instructure confirmed a major data breach affecting its cloud‑hosted Canvas environment, with the ShinyHunters group claiming it stole hundreds of millions of records tied to thousands of school...

5.8AI score

Exploits0

Wired Threat Level•added 2026/05/08 5:2 a.m.•6 views

The Canvas Hack Is a New Kind of Ransomware Debacle

Thousands of schools around the US were paralyzed on Thursday after education tech firm Instructure shut down access to its Canvas platform following a breach by hackers going by the name ShinyHunters...

5.8AI score

Exploits0

Krebs on Security•added 2026/05/08 2:58 a.m.•5 views

Canvas Breach Disrupts Schools & Colleges Nationwide

An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service's login page with a ransom demand that threatened to...

5.7AI score

Exploits0

HackRead•added 2026/05/07 11:55 p.m.•10 views

ShinyHunters Defaces Canvas LMS Portal, Hundreds of Universities Affected

ShinyHunters hackers defaced the official Canvas LMS portal after breaching Instructure systems, disrupting university access worldwide...

5.8AI score

Exploits0

HackRead•added 2026/05/06 5:28 p.m.•6 views

ShinyHunters’ Instructure Canvas LMS and Vimeo Breaches Impact Millions of Users

ShinyHunters breached Instructure and Vimeo, exposing millions of student and user records through direct and supply chain attacks...

5.8AI score

Exploits0

Malwarebytes•added 2026/05/06 12:45 p.m.•4 views

Millions of students’ personal data stolen in major education breach

Instructure, the company behind the Canvas learning management system LMS, confirmed a cyber incident and subsequent data breach affecting its cloud‑hosted environment. The ShinyHunters ransomware group claims it is behind the attack and says it stole roughly 275 million records tied to students,...

5.7AI score

Exploits0