CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/04/14 9:31 p.m.•5 views

EUVD-2026-22684

Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of thi...

EUVD•added 2026/04/14 6:30 p.m.•3 views

EUVD-2026-22551

Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally...

8.4CVSS5.7AI score0.01993EPSS

EUVD•added 2026/04/14 6:30 p.m.•3 views

EUVD-2026-22351

Access of resource using incompatible type 'type confusion' in Windows COM allows an authorized attacker to disclose information locally...

5.5CVSS5.6AI score0.00341EPSS

ATTACKERKB•added 2026/04/14 6:26 p.m.•5 views

CVE-2026-34625

CVE•added 2026/04/14 6:26 p.m.•5 views

CVE-2026-34625

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting (XSS) vulnerability (CWE-79) in versions 6.5.24, FP11.7 and earlier. The issue allows an attacker to manipulate the DOM to run malicious JavaScript in the victim’s browser, requiring user interaction (the victim must visit a...

Exploits0References1Affected Software2

Vulnrichment•added 2026/04/14 6:25 p.m.•2 views

CVE-2026-34624 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

NVD•added 2026/04/14 6:16 p.m.•2 views

CVE-2026-20806

Access of resource using incompatible type 'type confusion' in Windows COM allows an authorized attacker to disclose information locally...

5.5CVSS0.00341EPSS

Vulnrichment•added 2026/04/14 6:0 p.m.•3 views

CVE-2026-27288 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

5.4CVSS5.8AI score0.00189EPSS

Cvelist•added 2026/04/14 5:33 p.m.•25 views

CVE-2026-27246 Adobe Connect | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session...

9.3CVSS0.00304EPSS

Vulnrichment•added 2026/04/14 5:33 p.m.•4 views

CVE-2026-27246 Adobe Connect | Cross-site Scripting (DOM-based XSS) (CWE-79)

9.3CVSS5.2AI score0.00304EPSS

Cvelist•added 2026/04/14 4:58 p.m.•24 views

CVE-2026-32162 Windows COM Elevation of Privilege Vulnerability

...

8.4CVSS0.01993EPSS

ATTACKERKB•added 2026/04/14 4:58 p.m.•4 views

CVE-2026-32162

Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally...

8.4CVSS5.7AI score0.01993EPSS

Exploits0References2Affected Software14

Vulnrichment•added 2026/04/14 4:58 p.m.•3 views

CVE-2026-32162 Windows COM Elevation of Privilege Vulnerability

...

8.4CVSS6.2AI score0.01993EPSS

CVE•added 2026/04/14 4:58 p.m.•15 views

CVE-2026-32162

CVE-2026-32162 is a Windows COM elevation of privilege vulnerability with local access, no user interaction, and high impact to confidentiality, integrity, and availability. The CVSS 3.1 base score is 8.4 (HIGH) with exploit code maturity labeled UNPROVEN and remediation level OFFICIAL_FIX. Affec...

8.4CVSS5.7AI score0.01993EPSS

Exploits0References1Affected Software11

Vulnrichment•added 2026/04/14 4:57 p.m.•3 views

CVE-2026-20806 Windows COM Server Information Disclosure Vulnerability

...

5.5CVSS5.8AI score0.00341EPSS