Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Vulnrichment
Vulnrichmentadded 4 days ago7 views

CVE-2026-9309 Arbitrary JavaScript execution in internal pages via Reader View JSON-LD injection

Firefox for iOS Reader View did not properly escape HTML tags in JSON-LD metadata. A malicious page could inject markup that changed Reader View behavior and leaked sensitive URL parameters. These parameters could then be used to access internal pages, potentially resulting in arbitrary JavaScrip...

6AI score0.00038EPSS
Exploits0References2
Mozilla
Mozillaadded 4 days ago14 views

Security Vulnerabilities fixed in Firefox for iOS 151.2 — Mozilla

Firefox for iOS Reader View replaced page content in its HTML template before replacing other internal placeholders. A malicious page could include a placeholder string that was later substituted with JSON-LD data, potentially resulting in arbitrary JavaScript execution. Firefox for iOS Reader Vi...

5.4CVSS6AI score0.00038EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2026/05/26 11:38 p.m.2 views

GHSA-9RFG-V8G9-9367 Fedify has an LD-Signature Bypass via JSON-LD Named-Graph Restructuring

Summary An attacker can make use of JSON-LD features to restructure a JSON-LD document that would change how Fedify interprets it without changing its Linked Data Signature, allowing them to alter a third-party signed activity they have received. Details The vulnerability essentially boils down t...

7CVSS5.7AI score
Exploits0References3
CNNVD
CNNVDadded 2025/08/14 12:0 a.m.1 views

WordPress plugin Structured Content (JSON-LD) 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on servers running PHP and MySQL.WordPress plugin is an...

5.4CVSS5.7AI score0.00046EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/08/16 11:53 a.m.3 views

WordPress Structured Content (JSON-LD) #wpsc plugin <= 1.6.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Plugin Structured Content versions = 1.6.2...

6.5CVSS6.1AI score0.00156EPSS
Exploits0Affected Software1
OSV
OSVadded 2024/01/09 8:31 p.m.2 views

GHSA-97X9-59RV-Q5PM Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VC

Impact When verifying W3C Format Verifiable Credentials using JSON-LD with Linked Data Proofs LDP-VCs, the result of verifying the presentation document.proof was not factored into the final verified value true/false on the presentation record. Below is an example result from verifying a JSON-LD...

9.9CVSS5.8AI score0.00136EPSS
Exploits1References7
Rows per page
Query Builder