CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Eidos is an extensible framework for Personal Data Management. Versions 0.21.0 and below contain a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted eidos: URL on any website, including a malicious one they control. When a...

8.8CVSS7.4AI score0.00538EPSS

Exploits1References1

Vulnrichment•added 2025/10/03 8:0 p.m.•2 views

CVE-2025-54374 Eidos: One-click Remote Code Execution through Custom URL Handling

8.8CVSS7.6AI score0.00538EPSS

Exploits1References1

OSV•added 2025/10/03 8:0 p.m.•2 views

CVE-2025-54374 Eidos: One-click Remote Code Execution through Custom URL Handling

8.8CVSS7.9AI score0.00538EPSS

Exploits1References3

Positive Technologies•added 2025/10/03 12:0 a.m.•3 views

PT-2025-40596

Name of the Vulnerable Software and Affected Versions Eidos versions 0.21.0 and below Description Eidos is a framework for Personal Data Management. Versions 0.21.0 and below have a remote code execution issue. An attacker can trigger this by embedding a specially crafted eidos: URL on a website...

8.8CVSS7.5AI score0.00538EPSS

Exploits1References4

RedhatCVE•added 2025/09/10 7:18 p.m.•3 views

CVE-2025-53838

LinkAce is a self-hosted archive to collect website links. A stored cross-site scripting XSS vulnerability was discovered in versions prior to 2.1.9 that allows an attacker to inject arbitrary JavaScript, which is then executed in the context of a user's browser when the malicious link is clicked...

8.4CVSS5.5AI score0.00249EPSS

Exploits1References1

Tenable Nessus•added 2025/09/10 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2024-28828

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-Site request forgery in Checkmk 2.3.0p8, 2.2.0p29, 2.1.0p45, and = 2.0.0p39 EOL could lead to 1-click compromize of the site. CVE-2024-28828 Note that...

8.8CVSS5.5AI score0.00247EPSS

Exploits0References2

NVD•added 2025/09/08 8:15 p.m.•3 views

CVE-2025-53838

8.4CVSS0.00249EPSS

Exploits1References2

CVE•added 2025/09/08 7:18 p.m.•16 views

CVE-2025-53838

LinkAce (prior to 2.1.9) is affected by a stored XSS vulnerability due to insufficient filtering/escaping of user-supplied data in link attributes. An attacker can save malicious JavaScript in the database, which executes in a user’s browser when a crafted link is clicked (one-click XSS). The iss...

8.4CVSS5.2AI score0.00249EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2025/09/08 7:18 p.m.•3 views

CVE-2025-53838 LinkAce has a Stored One Click XSS vulnerability

8.4CVSS5.2AI score0.00249EPSS

Exploits1References2

OSV•added 2025/09/08 7:18 p.m.•3 views

CVE-2025-53838 LinkAce has a Stored One Click XSS vulnerability

8.4CVSS5.5AI score0.00249EPSS

Exploits1References4

Positive Technologies•added 2025/09/08 12:0 a.m.•5 views

PT-2025-36500

Name of the Vulnerable Software and Affected Versions: LinkAce versions prior to 2.1.9 Description: LinkAce is a self-hosted archive to collect website links. A stored cross-site scripting XSS vulnerability allows an attacker to inject arbitrary JavaScript, which is then executed in the context o...

8.4CVSS5.1AI score0.00249EPSS

Exploits1References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by