CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/06/04 11:16 p.m.•6 views

CVE-2026-10901

Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS0.00332EPSS

Exploits0References2

Fedora•added 2026/05/31 12:57 a.m.•12 views

[SECURITY] Fedora 44 Update: netatalk-4.4.3-1.fc44

Netatalk is a freely-available Open Source AFP file server. A NIX/BSD system running Netatalk is capable of serving many Macintosh clients simultaneously as an AppleShare file server AFP. In addition to the AFP file server daemon, the following utility programs are also included: ad - AppleDouble...

9.9CVSS5.8AI score0.00516EPSS

CVE•added 2026/05/28 10:25 p.m.•32 views

CVE-2026-10000

CVE-2026-10000 is a use-after-free vulnerability in Google Chrome on Windows affecting the Passwords component. The underlying issue occurs when the renderer process is compromised, enabling a crafted HTML page to potentially escape the Chrome sandbox. Impact is described as high, with remote cod...

8.3CVSS5.8AI score0.00185EPSS

Exploits0References2Affected Software1

Malwarebytes•added 2026/05/18 10:42 a.m.•16 views

Microsoft is changing Edge’s plaintext password behavior

Microsoft said it will change Edge’s password handling as a “defense‑in‑depth” measure. Originally, Edge decrypted the entire saved‑password store on startup and kept all credentials resident in process memory in clear text for the whole browser session, regardless of whether a given credential w...

5.8AI score

RedhatCVE•added 2026/04/13 7:23 p.m.•1 views

CVE-2026-33771

A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the...

9.1CVSS5.7AI score0.00245EPSS

EUVD•added 2026/04/10 12:30 a.m.•2 views

EUVD-2026-21193

NVD•added 2026/04/09 10:16 p.m.•1 views

Exploits0References2

CVE-2026-33771

9.1CVSS0.00245EPSS

Cvelist•added 2026/04/09 9:33 p.m.•15 views

CVE-2026-33771 CTP OS: Configuring password requirements does not work which permits the use of weak passwords

9.1CVSS0.00245EPSS

ATTACKERKB•added 2026/04/09 9:33 p.m.•1 views

CVE-2026-33771

Exploits0References2Affected Software1

CVE•added 2026/04/09 9:33 p.m.•20 views

CVE-2026-33771

CVE-2026-33771 affects Juniper CTP OS (CTP OS) and its password management function, where password complexity requirements configured in the admin menu are not saved, allowing weak passwords. This could enable an unauthenticated, network-based attacker to exploit weak local passwords and potenti...

Positive Technologies•added 2026/04/09 12:0 a.m.•2 views

PT-2026-31797

Name of the Vulnerable Software and Affected Versions Juniper Networks CTP OS versions 9.2R1 and 9.2R2 Description A Weak Password Requirements issue in the password management function may allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentiall...

Cvelist•added 2026/03/27 6:22 p.m.•19 views

Exploits0References4

CVE-2026-26060 Fleet: Password reset tokens remain valid after password change for 24 hours

Fleet is open source device management software. Prior to 4.81.0, a vulnerability in Fleet’s password management logic could allow previously issued password reset tokens to remain valid after a user changes their password. As a result, a stale password reset token could be reused to reset the...

6CVSS0.00335EPSS

CNNVD•added 2026/02/20 12:0 a.m.•6 views

thesystem 操作系统命令注入漏洞

thesystem is a password management project developed by Kostas Mitroglou. Version 1.0 of thesystem contains a vulnerability related to operating system command injection. This vulnerability stems from the runcommand endpoint, which allows for command injection, potentially enabling unverified...

9.8CVSS6.1AI score0.08498EPSS

CNNVD•added 2026/02/12 12:0 a.m.•4 views

thesystem SQL注入漏洞

thesystem is a password management project developed by Kostas Mitroglou. Version 1.0 of thesystem has a SQL injection vulnerability, which stems from improper handling of the username parameter, potentially leading to SQL injection attacks...

7.5CVSS5.8AI score0.00454EPSS

CNNVD•added 2026/02/12 12:0 a.m.•4 views

thesystem SQL注入漏洞

TheSystem is a password management project developed by Kostas Mitroglou. Version 1.0 of thetheSystem has a SQL injection vulnerability, which stems from improper handling of the parameter servername, potentially leading to SQL injection attacks...

7.5CVSS5.8AI score0.00454EPSS

Schneier on Security•added 2026/01/09 12:6 p.m.•4 views

Palo Alto Crosswalk Signals Had Default Passwords

Palo Alto's crosswalk signals were hacked last year. Turns out the city never changed the default passwords...

7.1AI score

The Hacker News•added 2025/12/23 11:30 a.m.•9 views

Passwd: A walkthrough of the Google Workspace Password Manager

Passwd is designed specifically for organizations operating within Google Workspace. Rather than competing as a general consumer password manager, its purpose is narrow, and business-focused: secure credential storage, controlled sharing, and seamless Workspace integration. The platform emphasize...

6.4AI score

Wired Threat Level•added 2025/10/30 12:0 p.m.•618 views

8 Best Password Managers (2025), Tested and Reviewed

Keep your logins locked down with our favorite password management apps for PC, Mac, Android, iPhone, and web browsers...

7.2AI score

Packet Storm News•added 2025/10/15 12:0 a.m.•4 views

How Blind and Low-Vision Users Manage Their Passwords

Managing passwords securely and conveniently is still an open problem for many users. Existing research has examined users' password management strategies and identified pain points, such as security concerns, leading to insecure practices. We investigate how Blind and Low-Vision BLV users tackle...

6.9AI score