CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8237 matches found

Adobe Commerce (Magento) - Remote Code Execution

Adobe Commerce versions 2.4.3-p1 and earlier and 2.3.7-p2 and earlier are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution. id: CVE-2022-24086 info: name:...

10CVSS9AI score0.99268EPSS

Exploits5References4

EUVD•added 4 days ago•9 views

EUVD-2026-36509

SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login are accepted without verifying their cryptographic signature. In a...

10CVSS5.5AI score0.00628EPSS

Exploits0References3

Positive Technologies•added 4 days ago•11 views

PT-2026-48947

Name of the Vulnerable Software and Affected Versions SimpleHelp versions prior to 5.5.16 SimpleHelp 6.0 pre-release versions Description An authentication bypass exists in the OIDC OpenID Connect authentication flow. When OIDC is configured, the software accepts identity tokens submitted during...

10CVSS5.4AI score0.00628EPSS

Exploits0References21

RedhatCVE•added 6 days ago•7 views

CVE-2026-47938

Adobe Campaign Classic ACC versions 7.4.3 build 9394 and earlier are affected by a Server-Side Request Forgery SSRF vulnerability that could result in privilege escalation. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS5.5AI score0.00449EPSS

Exploits0References1

RedhatCVE•added 6 days ago•6 views

CVE-2026-48303

Adobe Campaign Classic ACC versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS6.2AI score0.00553EPSS

Exploits0References1

RedhatCVE•added 6 days ago•7 views

CVE-2026-47928

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS6.2AI score0.02479EPSS

Exploits0References1

RedhatCVE•added 6 days ago•7 views

CVE-2026-47929

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could exploit this vulnerability to gain elevated access or control over the victim...

9.1CVSS6.2AI score0.02236EPSS

Exploits0References1

RedhatCVE•added 6 days ago•4 views

CVE-2026-47930

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access...

8.1CVSS5.5AI score0.00392EPSS

Exploits0References1

EUVD•added 6 days ago•7 views

EUVD-2026-35849

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user...

7.5CVSS5.5AI score0.00407EPSS

Exploits0References2

EUVD•added 6 days ago•11 views

EUVD-2026-35843

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition. Exploitation of this iss...

7.5CVSS5.5AI score0.00407EPSS

Exploits0References2

EUVD•added 6 days ago•7 views

EUVD-2026-35847

6.2CVSS5.5AI score0.00153EPSS

Exploits0References2

NVD•added last week•10 views

CVE-2026-47904

6.2CVSS0.00153EPSS

Exploits0References1

NVD•added last week•8 views

CVE-2026-47905

6.2CVSS0.00153EPSS

Exploits0References1

NVD•added last week•7 views

CVE-2026-34712

7.5CVSS0.00407EPSS

Exploits0References1

NVD•added last week•8 views

CVE-2026-34713

7.5CVSS0.00407EPSS

Exploits0References1

Cvelist•added last week•33 views

CVE-2026-34712 CAI Content Credentials | Improper Input Validation (CWE-20)

7.5CVSS0.00407EPSS

Exploits0References1

Cvelist•added last week•34 views

CVE-2026-47904 CAI Content Credentials | Uncontrolled Resource Consumption (CWE-400)

6.2CVSS0.00153EPSS

Exploits0References1

CVE•added last week•14 views

CVE-2026-47904

CVE-2026-47904 affects CAI Content Credentials: versions [email protected] and c2pa-v0.80.1 and earlier. Root cause is Uncontrolled Resource Consumption, leading to an application denial-of-service. Exploitation is possible with LOCAL attack vector and requires no user interaction. No remediation de...

6.2CVSS5.5AI score0.00153EPSS

Exploits0References1Affected Software2

Cvelist•added last week•32 views

CVE-2026-47903 CAI Content Credentials | Improper Input Validation (CWE-20)

6.2CVSS0.00153EPSS

Exploits0References1

CVE•added last week•10 views

CVE-2026-47902

CVE-2026-47902 affects CAI Content Credentials: versions [email protected], c2pa-v0.80.1 and earlier. The issue is an Uncontrolled Resource Consumption vulnerability that could exhaust system resources and cause an application DoS. Exploitation is described as achievable without user interaction; at...

6.2CVSS5.5AI score0.00153EPSS

Exploits0References1Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by