Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2026/04/17 9:5 p.m.5 views

CVE-2026-40351

Summary: CVE-2026-40351 affects FastGPT. In versions prior to 4.14.9.5, the password login endpoint uses TypeScript type assertions without runtime validation, allowing an unauthenticated attacker to provide a MongoDB query operator as the password (e.g., {"$ne": ""}), bypassing authentication an...

9.8CVSS5.7AI score0.00085EPSS
Exploits1References3Affected Software1
CNNVD
CNNVDadded 2026/03/06 12:0 a.m.3 views

Rocket.Chat 安全漏洞

Rocket.Chat is a chat software developed by the Rocket.Chat company. There were security vulnerabilities in versions prior to 7.10.8, 7.11.5, 7.12.5, 7.13.4, 8.0.2, 8.1.1, and 8.2.0. These vulnerabilities stemmed from the direct embedding of MongoDB query selectors into user inputs in the account...

6.9CVSS5.8AI score0.00055EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/02/10 12:0 a.m.5 views

MongoDB Server 安全漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which stems from issues wit...

7.1CVSS5.8AI score0.00046EPSS
Exploits0References3
CNVD
CNVDadded 2025/12/03 12:0 a.m.1 views

Apache Kvrocks Information Disclosure Vulnerability

Apache Kvrocks is a distributed key-value NoSQL database from the Apache USA Foundation. Apache Kvrocks suffers from an information disclosure vulnerability that stems from the MONITOR command disclosing plaintext credentials. An attacker could exploit this vulnerability to obtain sensitive...

5.3CVSS6.4AI score0.00077EPSS
Exploits0References1
CNNVD
CNNVDadded 2021/11/02 12:0 a.m.3 views

Couchbase Server 安全漏洞

Couchbase Server is a distributed, open source NoSQL non-relational database from Couchbase, Inc. that supports data querying, full-text searching, and active global replication. Couchbase Server has a security vulnerability that originates from improper design or implementation during code...

7.5CVSS7.4AI score0.00155EPSS
Exploits0References3
CNNVD
CNNVDadded 2021/05/10 12:0 a.m.3 views

Couchbase Server 安全漏洞

Couchbase Server is a distributed open source NoSQL non-relational database from the U.S. company Couchbase , which mainly supports data query , full-text search and active global replication and other functions . Couchbase Server has a security vulnerability that can be exploited by an attacker ...

4.4CVSS5.7AI score0.00019EPSS
Exploits0References2
CNVD
CNVDadded 2019/09/06 12:0 a.m.2 views

Total.js CMS Command Injection Vulnerability

Total.js CMS is a content management system CMS based on a NoSQL database. A command injection vulnerability in Total.js CMS version 12.0.0 can be exploited by an attacker to execute illegal commands...

9.9CVSS7.8AI score0.56909EPSS
Exploits5References1
Rows per page
Query Builder