CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

CVE-2026-31380

Improper Neutralization of Special Elements used in an Expression Language Statement 'Expression Language Injection' vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

6.5CVSS5.4AI score0.00187EPSS

Exploits0References1

NVD•added 2026/05/19 10:16 a.m.•10 views

CVE-2026-45187

Improper Authorization vulnerability in Apache OFBiz Webtools. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

6.5CVSS0.00244EPSS

Exploits0References2

NVD•added 2026/05/19 10:16 a.m.•6 views

CVE-2026-31378

Improper Input Validation vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

6.5CVSS0.00296EPSS

Exploits0References2

Cvelist•added 2026/05/19 9:33 a.m.•34 views

CVE-2026-31910 Apache OFBiz: Improper Input Validation in UI Factory Classes Leads to SSRF and Blind File Access

Server-Side Request Forgery SSRF vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

0.00101EPSS

Exploits0References1

ATTACKERKB•added 2026/05/19 9:33 a.m.•5 views

CVE-2026-31910

Server-Side Request Forgery SSRF vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

5.8AI score0.00101EPSS

Exploits0References2

CVE•added 2026/05/19 9:32 a.m.•10 views

CVE-2026-31909

Technical details (affected component/version, root cause, exploitability, impact specifics, or fixes) are not publicly provided in the supplied documents. Monitor for updates from the referenced sources and vendors for concrete details and remediation guidance.

7.5CVSS5.8AI score0.00082EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2026/05/19 9:16 a.m.•3 views

CVE-2026-29220

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

5.8AI score0.00418EPSS

Exploits0References2

CNNVD•added 2026/05/19 12:0 a.m.•4 views

Apache OFBiz 代码问题漏洞

Apache OFBiz is an ERP system developed by the Apache Foundation in the United States. This system provides a complete set of Java-based web application components and tools. Versions of Apache OFBiz prior to 24.09.06 contained code vulnerabilities, specifically a server-side request forgeing...

7.3CVSS5.9AI score0.00108EPSS

Exploits0References1

CNNVD•added 2026/05/19 12:0 a.m.•6 views

Apache OFBiz 安全漏洞

Apache OFBiz is an ERP system developed by the Apache Foundation in the United States. This system provides a complete set of Java-based web application components and tools. Versions of Apache OFBiz prior to 24.09.06 contained security vulnerabilities, which were caused by the use of hard-coded...

9.1CVSS5.8AI score0.00095EPSS

Exploits0References1

CNNVD•added 2026/05/19 12:0 a.m.•4 views

Apache OFBiz 代码问题漏洞

7.5CVSS5.9AI score0.00101EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by