Lucene search
K

3869 matches found

NVD
NVD
added 11 hours ago3 views

CVE-2026-27060

Contributor PHP Object Injection in ARMember Premium = 7.0 versions...

8.8CVSS
Exploits0References1
CVE
CVE
added 12 hours ago5 views

CVE-2026-57680

CVE-2026-57680 affects the WordPress Kirki plugin versions

6.5CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 12 hours ago6 views

CVE-2026-57669 WordPress Advanced Contact form 7 DB plugin <= 2.0.9 - Broken Access Control vulnerability

Subscriber Broken Access Control in Advanced Contact form 7 DB = 2.0.9 versions...

6.5CVSS
Exploits0References1
Cvelist
Cvelist
added 12 hours ago6 views

CVE-2026-27060 WordPress ARMember Premium plugin <= 7.0 - PHP Object Injection vulnerability

Contributor PHP Object Injection in ARMember Premium = 7.0 versions...

8.8CVSS
Exploits0References1
Nuclei
Nuclei
added 13 hours ago15 views

Aquatronica Controller System <= 5.1.6 - Information Disclosure

Aquatronica Controller System firmware 5.1.6 and earlier and web interface 2.0 and earlier contain an information disclosure vulnerability caused by unauthenticated access to tcp.php endpoint, letting remote attackers retrieve sensitive configuration data including plaintext credentials, exploit...

9.3CVSS5.8AI score0.01443EPSS
Exploits1References4
EUVD
EUVD
added 14 hours ago4 views

EUVD-2026-41271

A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...

4.3CVSS5.8AI score
Exploits0References1
OSV
OSV
added 18 hours ago7 views

ROOT-OS-UBUNTU-2404-CVE-2025-68188 CVE-2025-68188 in rootio-linux - Patched by Root

Root has patched CVE-2025-68188 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.5CVSS5.4AI score0.00166EPSS
Exploits0
CVE
CVE
added yesterday11 views

CVE-2026-6070

The WP-BusinessDirectory WordPress plugin (versions up to and including 4.0.1) is vulnerable to unauthenticated arbitrary file deletion via path traversal. The issue stems from insufficient path validation in the remove() method of JBusinessDirectoryControllerUpload. The task=upload.remove endpoi...

9.1CVSS5.8AI score0.00409EPSS
Exploits0References5
CVE
CVE
added 2 days ago11 views

CVE-2026-11594

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console...

8.5CVSS5.6AI score0.00281EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2 days ago3 views

EUVD-2026-40396

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console help system...

9.3CVSS5.6AI score0.00217EPSS
Exploits0References1
OSV
OSV
added 3 days ago5 views

PYSEC-2026-260 Aim Web API vulnerable to Remote Code Execution

A critical Remote Code Execution RCE vulnerability was identified in the aimhubio/aim project, specifically within the /api/runs/search/run/ endpoint, affecting versions = 3.0.0. The vulnerability resides in the runsearchapi function of the aim/web/api/runs/views.py file, where improper restricti...

9.8CVSS8AI score0.018EPSS
Exploits1References5
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-40051

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. The affected element is the function deletereport of the file application/controllers/Report.php of the component Report Endpoint. The manipulation results in authorization bypass. The attack can be executed remotel...

6.4CVSS5.8AI score0.00293EPSS
Exploits0References6
OSV
OSV
added 6 days ago2 views

JLSEC-2026-647 It is possible to cause an use-after-free write in SANM decoding with a carefully crafted...

It is possible to cause an use-after-free write in SANM decoding with a carefully crafted animation using subversion storedframe. Stored frames can later be referenced by FTCH chunks. For files using subversion storedframe. Leaving ctx-hasdimensions set to false. A subsequent chunk with type...

8.7CVSS6AI score0.00164EPSS
Exploits0References4
OSV
OSV
added 6 days ago5 views

JLSEC-2026-646 When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption...

When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixel type and size, and that if there are four channels, the first four are "B", "G", "R" and "A". The channel parsing code can be found in decodeheader. The...

8.7CVSS6.6AI score0.00167EPSS
Exploits0References4
NVD
NVD
added 6 days ago7 views

CVE-2026-56032

Subscriber PHP Object Injection in Buddyboss Platform = 3.0.4 versions...

9.8CVSS0.00525EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-39747

Administrator SQL Injection in Popup box = 6.0.1 versions...

7.6CVSS5.8AI score0.00279EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago4 views

EUVD-2026-39744

Administrator SQL Injection in WP All Import = 4.0.1 versions...

7.6CVSS5.8AI score0.00279EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-56027 WordPress Booster for WooCommerce plugin <= 8.0.1 - Arbitrary File Upload vulnerability

Customer Arbitrary File Upload in Booster for WooCommerce = 8.0.1 versions...

9.9CVSS0.00328EPSS
Exploits0References1
CVE
CVE
added 6 days ago10 views

CVE-2026-54839

The CVE concerns the WordPress Trinity Backup – Backup, Migrate, Restore, Clone & Schedule Backups plugin, affected

7.5CVSS5.8AI score0.00278EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 6 days ago5 views

Oracle Linux 9 : .NET / 10.0 (ELSA-2026-21297)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-21297 advisory. 10.0.109-1.0.1 - Add support for Oracle Linux 10.0.109-1 - Update to .NET SDK 10.0.109 and Runtime 10.0.9 - Resolves: RHEL-181558 10.0.108-1 - Update to .NET S...

7.5CVSS5.9AI score0.0243EPSS
Exploits0References2
Rows per page
Query Builder