CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

108 matches found

ATTACKERKB•added 2026/03/13 8:43 p.m.•1 views

CVE-2026-2491

Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw...

6.3CVSS5.9AI score0.00097EPSS

Exploits0References3Affected Software1

CNNVD•added 2026/03/10 12:0 a.m.•1 views

Schneider Electric EcoStruxure Power Monitoring Expert和Schneider Electric EcoStruxure Power Operation（Schneider Electric EPO）代码问题漏洞

Schneider Electric EcoStruxure Power Monitoring Expert and Schneider Electric EcoStruxure Power Operation Schneider Electric EPO are both products of Schneider Electric, a French company. Schneider Electric EcoStruxure Power Monitoring Expert is a device used for power distribution monitoring in...

8.5CVSS6.2AI score0.00097EPSS

Exploits0References2

Zero Day Initiative•added 2026/02/25 12:0 a.m.•3 views

Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web API implementation, which listens on TCP po...

6.3CVSS5.6AI score0.00097EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:21 a.m.•7 views

CVE-2021-22826

A CWE-20: Improper Input Validation vulnerability exists that could cause arbitrary code execution when the user visits a page containing the injected payload. This CVE is unique from CVE-2021-22827. Affected Product: EcoStruxure� Power Monitoring Expert 9.0 and prior versions...

8.8CVSS7.2AI score0.00724EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:19 a.m.•4 views

CVE-2021-22827

A CWE-20: Improper Input Validation vulnerability exists that could cause arbitrary code execution when the user visits a page containing the injected payload. This CVE is unique from CVE-2021-22826. Affected Product: EcoStruxure� Power Monitoring Expert 9.0 and prior versions...

8.8CVSS7.2AI score0.00724EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:59 a.m.•4 views

CVE-2020-7545

A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software see security notification for version information that could allow for arbitrary code execution on the server when an authorized user access an affected webpage...

7.2CVSS7.9AI score0.00462EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-19509

Malware in sbrugna...

6.1CVSS6.3AI score0.00173EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-28671

Malware in sbrugna...

5.4CVSS5.6AI score0.00302EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-28672

Malware in sbrugna...

8.8CVSS8.6AI score0.00336EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-27870