Lucene search
+L

558 matches found

osv
osv
added 2026/04/20 7:10 a.m.3 views

CVE-2026-41282

ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL expression injection. This affects use of -env-vars for multi-step templates against untrusted targets not the default configuration...

4CVSS5.9AI score0.00344EPSS
Exploits0References7
cvelist
cvelist
added 2026/04/20 7:10 a.m.36 views

CVE-2026-41282

ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL expression injection. This affects use of -env-vars for multi-step templates against untrusted targets not the default configuration...

4CVSS0.0025EPSS
Exploits0References5
circl
circl
added 2026/04/20 5:29 a.m.6 views

CVE-2021-26947

creationtimestamp| type| source ---|---|--- 2026-04-20 05:29:04+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-26947.yaml...

6.5CVSS6.9AI score0.0141EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/04/20 12:0 a.m.7 views

PT-2026-33724

ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL expression injection. This affects use of -env-vars for multi-step templates against untrusted targets not the default configuration...

4CVSS5.8AI score0.0025EPSS
Exploits0References6
cnnvd
cnnvd
added 2026/04/20 12:0 a.m.9 views

Nuclei 安全漏洞

Nuclei is a fast-customizable vulnerability scanner based on simple YAML, open-sourced by ProjectDiscovery. Versions of Nuclei prior to 3.8.0 have security vulnerabilities, which stem from DSL expression injection and may affect the use of multi-step templates...

7.5CVSS5.8AI score0.0025EPSS
Exploits0References2
circl
circl
added 2026/04/18 1:18 a.m.8 views

CVE-2026-2262

creationtimestamp| type| source ---|---|--- 2026-04-18 01:18:04+00:00| published-proof-of-concept| Telegram/u5f3Gra6Haipf3VJEB4yu-gwc95-0FLxvYnhbIvKSTo7fn8 2026-04-21 03:41:01+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/CVE-2026-2262.yaml 2026-04-22...

7.5CVSS4.8AI score0.0239EPSS
Exploits1References2
circl
circl
added 2026/04/17 6:31 a.m.8 views

CVE-2026-40887

creationtimestamp| type| source ---|---|--- 2026-04-17 06:31:34+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-40887.yaml 2026-04-19 21:03:03+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mjuu2zdoll2i 2026-04-21...

9.1CVSS6.1AI score0.01762EPSS
Exploits1References3
circl
circl
added 2026/04/15 6:48 a.m.10 views

CVE-2026-21484

creationtimestamp| type| source ---|---|--- 2026-04-15 06:48:35+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-21484.yaml 2026-04-17 21:02:33+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mjpt4bq5ps2r...

5.3CVSS4.9AI score0.00713EPSS
Exploits1References2
circl
circl
added 2026/04/12 1:0 a.m.3 views

CVE-2026-4106

creationtimestamp| type| source ---|---|--- 2026-04-12 01:00:04+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/79929 2026-04-12 02:46:41+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-4106.yaml 2026-04-12 03:00:07+00:00|...

5.3CVSS4.9AI score0.00742EPSS
Exploits1References3
wolfi
wolfi
added 2026/04/11 2:51 a.m.9 views

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: vexctl, hubble, grpcurl, kaf, etcd, gitness, chartmuseum, witness, kubernetes-dashboard-api, flux-image-reflector-controller, helm-mapkubeapis, secrets-store-csi-driver-provider-azure, aws-flb-kinesis, gcsfuse, grafana, terraform-provider-tls,...

6.1AI score
Exploits0
wolfi
wolfi
added 2026/04/08 7:48 p.m.10 views

GHSA-XMRV-PMRH-HHX2 vulnerabilities

Vulnerabilities for packages: terragrunt, aws-nuke, ksops, rekor, grafana, teleport, aws-otel-collector, crossplane-provider-aws-kinesis, crossplane-provider-aws-elasticache, crossplane-provider-aws-s3, zot, velero, litestream, k8sgpt, steampipe, grype, vault-secrets-webhook,...

6.1AI score
Exploits0
cgr
cgr
added 2026/04/08 7:17 p.m.10 views

GHSA-XMRV-PMRH-HHX2 vulnerabilities

Vulnerabilities for packages: spire-server-fips, commercial-grafana, dapr, gitaly, kaniko, crossplane-provider-aws-ec2, crossplane-provider-aws-memorydb-fips, crossplane-provider-aws-sqs-fips, weaviate, percona-server-mongodb-operator, docker, crossplane-provider-aws-ssm, cerbos,...

6.1AI score
Exploits0
circl
circl
added 2026/04/08 2:0 p.m.6 views

CVE-2023-6825

creationtimestamp| type| source ---|---|--- 2026-04-08 14:00:52+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-6825.yaml 2026-04-10 21:03:06+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mj67urtpyt27...

9.9CVSS7.3AI score0.06009EPSS
Exploits0References2
circl
circl
added 2026/04/08 4:11 a.m.12 views

CVE-2026-25616

creationtimestamp| type| source ---|---|--- 2026-04-08 04:11:57+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-25616.yaml 2026-04-10 21:03:15+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mj67usncez2x...

6.1CVSS5.7AI score0.00383EPSS
Exploits1References2
circl
circl
added 2026/04/08 4:0 a.m.5 views

CVE-2026-39987

creationtimestamp| type| source ---|---|--- 2026-04-08 04:00:00+00:00| published-proof-of-concept| https://github.com/marimo-team/marimo/security/advisories/GHSA-2679-6mx9-h9xc 2026-04-09 04:00:00+00:00| exploited|...

9.8CVSS7.1AI score0.95645EPSS
Exploits11References129
circl
circl
added 2026/04/06 12:13 p.m.9 views

CVE-2026-39365

creationtimestamp| type| source ---|---|--- 2026-04-06 12:13:21+00:00| published-proof-of-concept| https://github.com/vitejs/vite/security/advisories/GHSA-4w7w-66w2-5vf9 2026-04-06 12:13:21+00:00| published-proof-of-concept| https://github.com/vitejs/vite/security/advisories/GHSA-4w7w-66w2-5vf9...

6.3CVSS5.3AI score0.00914EPSS
Exploits1References3
circl
circl
added 2026/04/02 4:59 a.m.7 views

CVE-2026-28358

creationtimestamp| type| source ---|---|--- 2026-04-02 04:59:00+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-28358.yaml...

6.9CVSS5.8AI score0.00601EPSS
Exploits0References1
packetstormnews
packetstormnews
added 2026/04/02 12:0 a.m.15 views

RuleForge: Automated Generation and Validation for Web Vulnerability Detection at Scale

Security teams face a challenge: the volume of newly disclosed Common Vulnerabilities and Exposures CVEs far exceeds the capacity to manually develop detection mechanisms. In 2025, the National Vulnerability Database published over 48,000 new vulnerabilities, motivating the need for automation. W...

5.9AI score
Exploits0
wolfi
wolfi
added 2026/03/31 1:48 p.m.18 views

CVE-2026-32285 vulnerabilities

Vulnerabilities for packages: eksctl, lazygit, goreleaser, nfpm, dagger, terragrunt, loki, witness, grafana, teleport, minio, ollama, prometheus, gitlab-runner, maru, malcontent, rclone, k8sgpt, dgraph, grafana-alloy, datadog-agent, terraform-mcp-server, redpanda, cri-tools, kubevela, vcluster,...

7.5CVSS6.7AI score0.0075EPSS
Exploits1
circl
circl
added 2026/03/31 12:56 a.m.5 views

CVE-2025-54597

creationtimestamp| type| source ---|---|--- 2026-03-31 00:56:22+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-54597.yaml 2026-04-01 21:02:38+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mihlnmpohj2l...

7.2CVSS5.8AI score0.00565EPSS
Exploits0References2
Rows per page
Query Builder