CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

429 matches found

CNNVD•added 2026/04/25 12:0 a.m.•6 views

KLiK SocialMediaWebsite 注入漏洞

KLiK SocialMediaWebsite is a simple social media website developed by Muhammad Saad using PHP. Versions of KLiK SocialMediaWebsite 1.0.1 and earlier had a vulnerability related to injection attacks. This vulnerability stemmed from the cid parameter operations in the Private Message Handler...

7.5CVSS7.2AI score0.00038EPSS

Exploits0References2

Positive Technologies•added 2026/04/25 12:0 a.m.•1 views

PT-2026-35177

A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/get message ajax.php of the component Private Message Handler. Executing a manipulation of the argument c id can lead to sql injection. It is possible to launch the...

7.5CVSS7.2AI score0.00038EPSS

Exploits0References4

RedhatCVE•added 2026/04/06 10:57 a.m.•1 views

CVE-2026-5535

A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts an unknown function of the file FileUtils.java of the component MQTT Message Handler. Performing a manipulation of the argument dataSet results in path traversal. The attack is possible to be carried out remotely. The...

5.4CVSS5.4AI score0.00121EPSS

Exploits1References1

EUVD•added 2026/04/05 3:30 a.m.•1 views

EUVD-2026-19017

5.3CVSS5.4AI score0.00121EPSS

Exploits1References5

Vulnrichment•added 2026/04/05 2:0 a.m.•1 views

CVE-2026-5535 FedML-AI FedML MQTT Message FileUtils.java path traversal

5.3CVSS5.4AI score0.00121EPSS

Exploits1References4

Cvelist•added 2026/04/05 2:0 a.m.•25 views

CVE-2026-5535 FedML-AI FedML MQTT Message FileUtils.java path traversal

5.3CVSS0.00121EPSS

Exploits1References4

CVE•added 2026/04/05 2:0 a.m.•5 views

CVE-2026-5535

FedML-AI FedML up to 0.8.9 has a path traversal flaw in the MQTT Message Handler’s FileUtils.java triggered by manipulating the dataSet argument. The issue is remotely exploitable and an exploit has been publicly released. Affected component: MQTT Message Handler (FileUtils.java) within FedML-Fed...

5.4CVSS5.4AI score0.00121EPSS

Exploits1References4Affected Software1

Positive Technologies•added 2026/04/05 12:0 a.m.•3 views

PT-2026-30406

Name of the Vulnerable Software and Affected Versions FedML-AI FedML versions up to 0.8.9 Description A security flaw exists in FedML-AI FedML up to version 0.8.9, specifically within the MQTT Message Handler component. Manipulation of the dataSet argument in an unknown function of the file...

5.4CVSS5.5AI score0.00121EPSS

Exploits1References10

Cvelist•added 2026/03/31 11:17 a.m.•23 views

CVE-2026-34509

...

0.00025EPSS

Exploits0

Snyk•added 2026/03/30 5:29 p.m.•2 views

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the CapFQDN.DecodeFromBytes function of the BGP OPEN Message Handler. An attacker can bypass intended access controls by manipulating the domainNameLen argument remotely, potentially resulting in...

6.3CVSS5.9AI score0.00059EPSS

Exploits0References2

RedhatCVE•added 2026/03/29 11:3 p.m.•1 views

CVE-2026-4998

A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/codeexecution/codeexecutor.py of the component Chat Message Handler. Executing a manipulation can lead to code injection. The attack may be...

7.5CVSS5.6AI score0.00037EPSS

Exploits0References1

RedhatCVE•added 2026/03/28 11:10 p.m.•3 views

CVE-2026-4988

A security flaw has been discovered in Open5GS 2.7.6. This issue affects the function smfgxccacb/smfgyccacb/smfs6b of the component CCA Message Handler. The manipulation results in denial of service. The attack may be launched remotely. Attacks of this nature are highly complex. The exploitabilit...

6.3CVSS5.5AI score0.00102EPSS

Exploits1References1

ATTACKERKB•added 2026/03/28 1:15 p.m.•1 views

CVE-2026-4998

7.5CVSS5.6AI score0.00037EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2026/03/28 1:15 p.m.•1 views

CVE-2026-4998 Sinaptik AI PandasAI Chat Message code_executor.py CodeExecutor.execute code injection

7.5CVSS5.6AI score0.00037EPSS

Exploits0References4

EUVD•added 2026/03/28 12:30 p.m.•3 views

EUVD-2026-16917

A vulnerability was determined in wandb OpenUI up to 1.0. Affected by this vulnerability is an unknown functionality of the file frontend/public/annotator/index.html of the component Window Message Event Handler. This manipulation causes cross site scripting. The attack can be initiated remotely...

5.1CVSS4.3AI score0.00039EPSS

Exploits0References5

EUVD•added 2026/03/28 12:31 a.m.•3 views

EUVD-2026-16895

6.3CVSS5.5AI score0.00102EPSS

Exploits1References7

Positive Technologies•added 2026/03/28 12:0 a.m.•1 views

PT-2026-28716

Name of the Vulnerable Software and Affected Versions Sinaptik AI PandasAI versions up to 3.0.0 Description A code injection weakness exists in the Chat Message Handler component, specifically within the CodeExecutor.execute function of the pandasai/core/code execution/code executor.py file. This...

7.5CVSS6.3AI score0.00037EPSS

Exploits0References6

Positive Technologies•added 2026/03/28 12:0 a.m.•2 views

PT-2026-28713

Name of the Vulnerable Software and Affected Versions wandb OpenUI versions up to 1.0 Description A cross site scripting issue exists in the file frontend/public/annotator/index.html of the Window Message Event Handler component. This manipulation can be initiated remotely and the exploit has bee...

5.1CVSS5AI score0.00039EPSS

Exploits0References6