Lucene search
K

415 matches found

Circl
Circl
added 21 hours ago4 views

CVE-2026-14403

creationtimestamp| type| source ---|---|--- 2026-07-02 00:18:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpmqzc7uwk2k 2026-07-02 08:25:21+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-02 16:51:23+00:00| seen|...

8.8CVSS5.8AI score
Exploits0References3
Patchstack
Patchstack
added 6 days ago6 views

WordPress Child theme Wizard plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Child Theme Wizard versions = 1.4...

8.2CVSS5.8AI score0.00112EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 6 days ago7 views

PT-2026-52825

Name of the Vulnerable Software and Affected Versions Child Theme Wizard versions 1.4 and earlier Description An unauthenticated Cross Site Request Forgery CSRF exists, which allows attackers to force users to execute unwanted actions. CSRF is a type of attack that tricks a victim into submitting...

8.2CVSS5.8AI score0.00112EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/23 10:2 p.m.11 views

EUVD-2026-35091

phpMyFAQ has Weak Cryptography - SHA1 for Password Hashing...

6.9CVSS5.8AI score0.00182EPSS
Exploits0References3
OSV
OSV
added 2026/06/23 9:17 p.m.2 views

UBUNTU-CVE-2026-54516

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until 2.21.4 and 3.1.4, POJOPropertiesCollector.renameProperties allows a property with @JsonProperty"renamed" on the getter and @JsonIgnore on the setter to be renamed...

5.3CVSS5.9AI score0.00282EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/23 8:48 p.m.9 views

EUVD-2026-38590

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.21.0 until 2.21.4 and 3.1.4, POJOPropertiesCollector.renameProperties allows a property with @JsonProperty"renamed" on the getter and @JsonIgnore on the setter to be renamed...

5.3CVSS5.9AI score0.00282EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/23 12:53 a.m.8 views

CVE-2026-11833

Overview: A vulnerability has been found in FAST/TOOLS and CI Server. The web server may return a response containing the CI Server setting information. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS Packages:...

8.2CVSS5.7AI score0.00217EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2026/06/22 9:21 p.m.12 views

CVE-2026-45840 affecting package kernel for versions less than 6.6.141.1-1

CVE-2026-45840 affecting package kernel for versions less than 6.6.141.1-1. An upgraded version of the package is available that resolves this issue...

5.5CVSS5.8AI score0.00117EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/22 9:21 p.m.4 views

CVE-2026-46068 affecting package kernel for versions less than 6.6.141.1-1

CVE-2026-46068 affecting package kernel for versions less than 6.6.141.1-1. An upgraded version of the package is available that resolves this issue...

7.8CVSS5.8AI score0.00129EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.15 views

PT-2026-50801

Name of the Vulnerable Software and Affected Versions phpMyFAQ versions prior to 4.1.4 Description Missing authorization in the public API allows users to bypass role permission checks. The system only verifies a shared API key header via the hasValidToken function instead of validating individua...

6.5CVSS5.9AI score0.0024EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/17 6:35 p.m.9 views

EUVD-2025-210253

Unauthenticated PHP Object Injection in Reisen = 1.4.1 versions...

9.8CVSS5.3AI score0.00386EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.8 views

EUVD-2026-37592

Subscriber Broken Access Control in Bricks Builder = 2.1.4 versions...

4.3CVSS5.2AI score0.00243EPSS
Exploits0References2
NVD
NVD
added 2026/06/17 1:20 p.m.14 views

CVE-2026-48869

Unauthenticated Cross Site Scripting XSS in Enfold = 7.1.4 versions...

7.1CVSS0.00186EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:20 p.m.7 views

CVE-2026-40723

Subscriber Broken Access Control in Bricks Builder = 2.1.4 versions...

4.3CVSS0.00243EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:40 a.m.10 views

CVE-2026-35265

Vulnerability in the Identity Manager product of Oracle Fusion Middleware component: Security. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Identity Manager. Successfu...

8.8CVSS0.00432EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 8:57 p.m.13 views

CVE-2025-69122

CVE-2025-69122 affects WordPress SeaFood Company theme versions up to 1.4. It describes an unauthenticated PHP Object Injection vulnerability with a CVSS v3.1 base score of 9.8 (NETWORK, NONE/LOW ACCESS, HIGH impact on confidentiality, integrity, and availability). The connected documents confirm...

9.8CVSS5.3AI score0.00525EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 10:16 a.m.9 views

CVE-2026-39574

Unauthenticated SQL Injection in InPost Gallery = 2.1.4.6 versions...

9.3CVSS0.00234EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.8 views

PT-2026-50113

Unauthenticated PHP Object Injection in Roisin = 1.4 versions...

8.1CVSS5.4AI score0.0025EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.12 views

PT-2026-50081

Unauthenticated PHP Object Injection in SeaFood Company = 1.4 versions...

9.8CVSS5.4AI score0.00525EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49510

Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce = 3.1.4 versions...

7.5CVSS5.2AI score0.00236EPSS
Exploits0References2
Rows per page
Query Builder