Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6394 matches found

ATTACKERKB
ATTACKERKBadded 2026/04/16 5:29 a.m.2 views

CVE-2026-3581

The Basic Google Maps Placemarks plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.10.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to modify...

5.3CVSS5.8AI score0.00024EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/16 5:29 a.m.1 views

CVE-2026-3581 Basic Google Maps Placemarks <= 1.10.7 - Missing Authorization to Unauthenticated Default Map Coordinate Update

The Basic Google Maps Placemarks plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.10.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to modify...

5.3CVSS5.8AI score0.00024EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/16 5:29 a.m.31 views

CVE-2026-3581 Basic Google Maps Placemarks <= 1.10.7 - Missing Authorization to Unauthenticated Default Map Coordinate Update

The Basic Google Maps Placemarks plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.10.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to modify...

5.3CVSS0.00024EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/16 12:0 a.m.2 views

PT-2026-33263

The Basic Google Maps Placemarks plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.10.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to modify...

5.3CVSS5.8AI score0.00024EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/04/16 12:0 a.m.6 views

SUSE SLED15 / SLES15 Security Update : xorg-x11-server (SUSE-SU-2026:1330-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1330-1 advisory. - CVE-2026-33999: XKB Integer Underflow in XkbSetCompatMap bsc1260922. - CVE-2026-34000: XKB Out-of-bounds Rea...

9.1CVSS5.9AI score0.00027EPSS
Exploits0References16
RedhatCVE
RedhatCVEadded 2026/04/15 1:22 a.m.2 views

CVE-2026-6186

A security vulnerability has been detected in UTT HiPER 1200GW up to 2.5.3-170306. This vulnerability affects the function strcpy of the file /goform/formNatStaticMap. The manipulation of the argument NatBind leads to buffer overflow. The attack is possible to be carried out remotely. The exploit...

9CVSS7.6AI score0.00053EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/04/15 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-69993

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Leaflet versions up to and including 1.9.4 are vulnerable to Cross-Site Scripting XSS via the bindPopup method. This method renders user-supplied input as raw...

6.1CVSS6AI score0.00044EPSS
Exploits2References3
RedhatCVE
RedhatCVEadded 2026/04/14 6:19 p.m.4 views

CVE-2025-69993

A flaw was found in Leaflet. This Cross-Site Scripting XSS vulnerability exists in the bindPopup method, which fails to sanitize user-supplied input. A remote attacker can exploit this by injecting malicious JavaScript code into map popups. When a victim views an affected map, the injected script...

6.1CVSS5.8AI score0.00044EPSS
Exploits2References5
OSV
OSVadded 2026/04/14 3:22 p.m.4 views

CLSA-2026-1776180138 Fix of 12 CVEs

SECURITY UPDATE: fix vulnerability in image handling - debian/patches/CVE-2025-53101.patch: fix vulnerability in image handling - CVE-2025-53101 SECURITY UPDATE: fix vulnerability in image handling - debian/patches/CVE-2025-53014.patch: fix vulnerability in image handling - CVE-2025-53014 SECURIT...

9.8CVSS7AI score0.0035EPSS
Exploits4References1
OSV
OSVadded 2026/04/14 3:16 p.m.2 views

UBUNTU-CVE-2025-69993

Leaflet versions up to and including 1.9.4 are vulnerable to Cross-Site Scripting XSS via the bindPopup method. This method renders user-supplied input as raw HTML without sanitization, allowing attackers to inject arbitrary JavaScript code through event handler attributes e.g., . When a victim...

6.1CVSS5.9AI score0.00044EPSS
Exploits2References4
OSV
OSVadded 2026/04/14 12:39 p.m.1 views

SUSE-SU-2026:1320-1 Security update for go1.26

This update for go1.26 fixes the following issues: - Update to go1.26.2 bsc1255111. - CVE-2026-27140: cmd/go: trust layer bypass when using cgo and SWIG bsc1261653. - CVE-2026-27143: cmd/compile: possible memory corruption after bound check elimination bsc1261654. - CVE-2026-27144: cmd/compile:...

9.8CVSS6AI score0.00022EPSS
Exploits0References22
UbuntuCve
UbuntuCveadded 2026/04/14 12:0 a.m.3 views

CVE-2026-34002

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

9.1CVSS5.8AI score0.00027EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/14 12:0 a.m.28 views

CVE-2025-69993

Leaflet versions up to and including 1.9.4 are vulnerable to Cross-Site Scripting XSS via the bindPopup method. This method renders user-supplied input as raw HTML without sanitization, allowing attackers to inject arbitrary JavaScript code through event handler attributes e.g., . When a victim...

6.1CVSS0.00044EPSS
Exploits2References2
Tenable Nessus
Tenable Nessusadded 2026/04/14 12:0 a.m.5 views

SUSE SLES15 Security Update : kernel (Live Patch 14 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:1271-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1271-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.65 fixes various security issues The following security issues were fixed: -...

7.8CVSS5.9AI score0.00063EPSS
Exploits5References25
EUVD
EUVDadded 2026/04/13 6:30 p.m.4 views

EUVD-2026-21984

A security vulnerability has been detected in UTT HiPER 1200GW up to 2.5.3-170306. This vulnerability affects the function strcpy of the file /goform/formNatStaticMap. The manipulation of the argument NatBind leads to buffer overflow. The attack is possible to be carried out remotely. The exploit...

9CVSS7.6AI score0.00053EPSS
Exploits0References5
NVD
NVDadded 2026/04/13 4:16 p.m.2 views

CVE-2026-6186

A security vulnerability has been detected in UTT HiPER 1200GW up to 2.5.3-170306. This vulnerability affects the function strcpy of the file /goform/formNatStaticMap. The manipulation of the argument NatBind leads to buffer overflow. The attack is possible to be carried out remotely. The exploit...

9CVSS0.00053EPSS
Exploits0References4
OSV
OSVadded 2026/04/13 9:0 a.m.4 views

SUSE-SU-2026:21221-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: - CVE-2025-40159: xsk: Harden userspace-supplied xdpdesc validation bsc1253404. - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken...

7.8CVSS6.1AI score0.00033EPSS
Exploits5References13
OSV
OSVadded 2026/04/13 5:43 a.m.1 views

BIT-GOLANG-2026-32288 Unbounded allocation for old GNU sparse in archive/tar

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

5.5CVSS5.8AI score0.00004EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/04/13 12:0 a.m.1 views

PT-2026-32423

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format...

5.5CVSS5.8AI score0.00004EPSS
Exploits0References6
GithubExploit
GithubExploitadded 2026/04/12 10:41 a.m.27 views

Exploit for Out-of-bounds Read in Linux Linux_Kernel

CVE-2026-31413: One Byte in the BPF Verifier to Container Esca...

7.8CVSS7.6AI score0.00009EPSS
Exploits2
Rows per page
Query Builder