CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/06/01 3:27 p.m.•15 views

CVE-2026-42672

CVE-2026-42672 affects WordPress plugin WP Directory Kit (

9.3CVSS5.8AI score0.00236EPSS

Cvelist•added 2026/06/01 3:27 p.m.•26 views

CVE-2026-42672 WordPress WP Directory Kit plugin <= 1.5.1 - SQL Injection vulnerability

9.3CVSS0.00236EPSS

Vulnrichment•added 2026/06/01 3:27 p.m.•9 views

CVE-2026-42672 WordPress WP Directory Kit plugin <= 1.5.1 - SQL Injection vulnerability

9.3CVSS5.8AI score0.00236EPSS

CNNVD•added 2026/06/01 12:0 a.m.•7 views

WordPress plugin WP Directory Kit SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...

9.3CVSS5.8AI score0.00236EPSS

CNNVD•added 2026/06/01 12:0 a.m.•7 views

Imagination Graphics DDK 安全漏洞

Imagination Graphics DDK is a GPU driver toolkit developed by the British company Imagination. There is a security vulnerability in Imagination Graphics DDK, which stems from an address translation logic error. This vulnerability may allow the compromised host kernel to perform arbitrary writes t...

4.3CVSS5.5AI score0.00143EPSS

Positive Technologies•added 2026/06/01 12:0 a.m.•11 views

PT-2026-45459

Name of the Vulnerable Software and Affected Versions WP Directory Kit versions prior to 1.5.2 Description WP Directory Kit contains an improper neutralization of special elements used in an SQL command, which allows for Blind SQL Injection. Blind SQL Injection is a type of attack where the...

9.3CVSS5.7AI score0.00236EPSS

Exploits0References4

OSV•added 2026/06/01 12:0 a.m.•9 views

ALSA-2026:22145 Important: .NET 10.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 10.0.108 and .NET Runtime...

Snyk•added 2026/05/29 11:52 p.m.•10 views

Exploits0References4

Malicious Package

Overview @capibar.chat/ui-kit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score

IBM Security Bulletins•added 2026/05/29 9:48 p.m.•11 views

Security Bulletin: Multiple vulnerabilities in IBM® SDK Java™ Technology Edition shipped with IBM Tivoli Monitoring.

Summary Multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring ITM components. CVE-2026-22016, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-34268 and CVE-2026-22007 Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION:...

7.5CVSS7.2AI score0.00358EPSS

Exploits0Affected Software1

OSV•added 2026/05/29 4:3 p.m.•13 views

RLSA-2026:18143 Moderate: p11-kit security update

The p11-kit packages provide a mechanism to manage PKCS11 modules. The p11-kit-trust subpackage includes a PKCS11 trust module that provides certificate anchors and black lists based on configuration files. Security Fixes: p11-kit: p11-kit: NULL dereference via CDeriveKey with specific NULL...

5.3CVSS5.8AI score0.01129EPSS

Rockylinux•added 2026/05/29 4:3 p.m.•18 views

edk2 security update

An update is available for edk2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list EDK Embedded Development Kit is a project to enable UEFI support for Virtual...

8.4CVSS6AI score0.00704EPSS

Exploits0

vulnersOsv•added 2026/05/29 3:59 p.m.•6 views

0xpay-cc-sdk (>=0.0.8 <=0.1.0), 0xtrails (>=0.0.0-20251106131028 <=0.16.0) +7399 more potentially affected by CVE-2025-62718 +1 more via axios (>=1.0.0 <=1.15.2)

axios NPM version =1.0.0, =0.0.8, =0.0.0-20251106131028, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =0.0.2-beta.0, =8.0.5, =6.1.0, =0.0.0-canary-847463221a9a1bee28641d8c0ecfaca98ee142f6, =0.0.1-alpha.3, =0.1.6-alpha.11, =0.1.6-alpha.12 and more Source cves: CVE-2025-62718, CVE-2026-44492 Source...

9.9CVSS6.5AI score0.01075EPSS

Exploits2

OSV•added 2026/05/29 12:0 a.m.•10 views

RLSA-2026:21294 Important: .NET 9.0 security update

OSV•added 2026/05/29 12:0 a.m.•10 views

RLSA-2026:21295 Important: .NET 10.0 security update

Rockylinux•added 2026/05/29 12:0 a.m.•16 views

.NET 8.0 security update

An update is available for dotnet8.0. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

OSSF Malicious Packages•added 2026/05/29 12:0 a.m.•15 views

Exploits0

Malicious code in @capibar.chat/ui-kit (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

5.8AI score

Tenable Nessus•added 2026/05/29 12:0 a.m.•9 views

RockyLinux 10 : p11-kit (RLSA-2026:18143)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18143 advisory. p11-kit: p11-kit: NULL dereference via CDeriveKey with specific NULL parameters CVE-2026-2100 Tenable has extracted the preceding description block directly fro...

7.5CVSS5.8AI score0.01129EPSS

Exploits0References3

OSV•added 2026/05/28 3:43 p.m.•9 views

RLSA-2026:18599 Moderate: p11-kit security update

5.3CVSS5.8AI score0.01129EPSS