Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Cvelist
Cvelistadded 2026/04/24 7:11 p.m.25 views

CVE-2026-41244 Mojic: Observable Timing Discrepancy in HMAC Verification

Mojic is a CLI tool to transform readable C code into an unrecognizable chaotic stream of emojis. Prior to 2.1.4, the CipherEngine uses a standard equality operator !== to verify the HMAC-SHA256 integrity seal during the decryption phase. This creates an Observable Timing Discrepancy CWE-208,...

4.7CVSS0.00015EPSS
Exploits0References1
OSV
OSVadded 2026/01/19 8:52 p.m.3 views

CVE-2026-23877 Directory Traversal & Filesystem can be accessed by a non-admin user

Swing Music is a self-hosted music player for local audio files. Prior to version 2.1.4, Swing Music's listfolders function in the /folder/dir-browser endpoint is vulnerable to directory traversal attacks. Any authenticated user including non-admin can browse arbitrary directories on the server...

5.3CVSS5.7AI score0.00073EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/08/17 5:25 p.m.8 views

CVE-2025-8995

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4...

9.8CVSS7.3AI score0.00083EPSS
Exploits0References1
OSV
OSVadded 2025/08/15 5:15 p.m.1 views

CVE-2025-8995

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4...

9.8CVSS5.8AI score
Exploits0References1
NVD
NVDadded 2025/08/15 5:15 p.m.3 views

CVE-2025-8995

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator Login allows Authentication Bypass.This issue affects Authenticator Login: from 0.0.0 before 2.1.4...

9.8CVSS0.00083EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/04/09 7:20 a.m.4 views

WordPress Post Type Builder (PTB) plugin < 2.1.4 - Subscriber+ Arbitrary Post/Page Creation vulnerability

Subscriber+ Arbitrary Post/Page Creation vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Post Type Builder PTB versions 2.1.4...

7.1CVSS7AI score0.00145EPSS
Exploits0Affected Software1
SUSE CVE
SUSE CVEadded 2023/02/15 3:45 a.m.1 views

SUSE CVE-2021-22960

The parse function in llhttp 2.1.4 and 6.0.6. ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling HRS under certain conditions...

6.1CVSS7.2AI score0.00229EPSS
Exploits1References14
CNNVD
CNNVDadded 2022/05/21 12:0 a.m.3 views

Pion DTLS 安全漏洞

Pion DTLS is a Go language based implementation of DTLS Packet Transport Layer Security Protocol. A security vulnerability exists in Pion DTLS versions prior to 2.1.4. An attacker exploited the vulnerability to send packets sending Pion DTLS into an infinite loop...

7.5CVSS7.3AI score0.00154EPSS
Exploits0References5
Rows per page
Query Builder