CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1036 matches found

Patchstack•added 2026/03/17 11:1 a.m.•4 views

WordPress Automated FedEx live/manual rates with shipping labels plugin <= 5.1.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by johska in WordPress Plugin Automated FedEx live/manual rates with shipping labels versions = 5.1.8...

7.5CVSS5.8AI score0.00219EPSS

Exploits0Affected Software1

RedHat Linux•added 2026/03/17 6:49 a.m.•2 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS5.7AI score0.00526EPSS

Exploits1References6

Tenable Nessus•added 2026/03/16 12:0 a.m.•5 views

EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2026-1362)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token...

4CVSS5.8AI score0.00203EPSS

Exploits0References2

EUVD•added 2026/03/13 9:31 p.m.•2 views

EUVD-2026-11933

Improper Control of Generation of Code 'Code Injection' vulnerability in ILLID Advanced Woo Labels advanced-woo-labels allows Remote Code Inclusion.This issue affects Advanced Woo Labels: from n/a through = 2.36...

7.2CVSS5.8AI score0.00397EPSS

Exploits0References2

NVD•added 2026/03/13 7:54 p.m.•2 views

CVE-2026-32414

7.2CVSS0.00397EPSS

Exploits0References1

CVE•added 2026/03/13 11:42 a.m.•5 views

CVE-2026-32414

The CVE concerns WordPress plugin Advanced Woo Labels (IllID) with versions up to and including 2.36, where an improper control of code generation leads to code injection and remote code inclusion. Affected component is the Advanced Woo Labels plugin; root cause is a code injection vulnerability ...

7.2CVSS5.8AI score0.00397EPSS

Exploits0References1

Vulnrichment•added 2026/03/13 11:42 a.m.•2 views

CVE-2026-32414 WordPress Advanced Woo Labels plugin <= 2.36 - Remote Code Execution (RCE) vulnerability

7.2CVSS5.8AI score0.00397EPSS

Exploits0References1

Cvelist•added 2026/03/13 11:42 a.m.•25 views

CVE-2026-32414 WordPress Advanced Woo Labels plugin <= 2.36 - Remote Code Execution (RCE) vulnerability

7.2CVSS0.00397EPSS

Exploits0References1

ATTACKERKB•added 2026/03/13 11:42 a.m.•4 views

CVE-2026-32414

5.8AI score0.00397EPSS

Exploits0References2

Positive Technologies•added 2026/03/13 12:0 a.m.•6 views

PT-2026-25260

7.2CVSS5.8AI score0.00397EPSS

Exploits0References3

CNNVD•added 2026/03/13 12:0 a.m.•4 views

WordPress plugin Advanced Woo Labels 代码注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

7.2CVSS6.2AI score0.00397EPSS

Exploits0References1

RedHat Linux•added 2026/03/12 9:1 p.m.•5 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

7.5CVSS7.3AI score0.00526EPSS

Exploits1References6

NVD•added 2026/03/12 7:16 p.m.•6 views

CVE-2026-32247

Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction for non-Kuzu backends. Attacker-controlled label values supplied through SearchFilters.nodelabel...

8.1CVSS0.00344EPSS

Exploits2References4

ATTACKERKB•added 2026/03/12 7:11 p.m.•4 views

CVE-2026-32247

8.1CVSS5.8AI score0.00344EPSS

Exploits2References5Affected Software1

Vulnrichment•added 2026/03/12 7:11 p.m.•3 views

CVE-2026-32247 Graphiti vulnerable to Cypher Injection via unsanitized node_labels in search filters

8.1CVSS5.8AI score0.00344EPSS

Exploits2References4

Cvelist•added 2026/03/12 7:11 p.m.•26 views

CVE-2026-32247 Graphiti vulnerable to Cypher Injection via unsanitized node_labels in search filters

8.1CVSS0.00344EPSS

Exploits2References4

CVE•added 2026/03/12 7:11 p.m.•18 views

CVE-2026-32247

Graphiti CVE-2026-32247 is a Cypher injection vulnerability in pre-0.28.2 releases where attacker-controlled values fed into SearchFilters.node_labels were concatenated into Cypher label expressions. The issue affected non-Kuzu backends (Neo4j, FalkorDB, Neptune) and could be exploited via MCP de...

8.1CVSS5.8AI score0.00344EPSS

Exploits2References4Affected Software1

OSV•added 2026/03/12 7:11 p.m.•4 views

CVE-2026-32247 Graphiti vulnerable to Cypher Injection via unsanitized node_labels in search filters

8.1CVSS5.8AI score0.00344EPSS

Exploits2References6

EUVD•added 2026/03/12 5:26 p.m.•5 views

EUVD-2026-11682

Graphiti vulnerable to Cypher Injection via unsanitized nodelabels in search filters...

8.1CVSS5.8AI score0.00344EPSS

Exploits2References4

Snyk•added 2026/03/12 5:26 p.m.•1 views

Improper Neutralization of Special Elements in Data Query Logic

Overview graphiti-core is an A temporal graph building library Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the SearchFilters.nodelabels process. An attacker can execute arbitrary Cypher queries within the privileges of th...

8.6CVSS6AI score0.00344EPSS

Exploits2References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by