Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

37443 matches found

OSV
OSVadded 2026/05/21 8:35 p.m.5 views

GHSA-F74W-272X-MQCV NocoDB: Refresh Token Cookie Set Without `secure` and `sameSite` Flags

Summary The refresh-token cookie was set with httpOnly: true but missing both the secure flag and the sameSite attribute. Over plain HTTP the cookie could be intercepted on the network; without sameSite, browsers attached it to cross-site POSTs, enabling CSRF against the token-refresh endpoint...

5.4CVSS5.7AI score
Exploits0References2
IBM Security Bulletins
IBM Security Bulletinsadded 2026/05/21 2:44 p.m.5 views

Security Bulletin: IBM Guardium Data Protection is affected by Exposure of Sensitive Information vulnerability (CVE-2026-8405)

Summary IBM Guardium Data Protection has addressed this vulnerability in an update. Vulnerability Details CVEID:CVE-2026-8405 DESCRIPTION: IBM Guardium Data Protection's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...

6.5CVSS5.8AI score0.00032EPSS
Exploits0Affected Software1
NVD
NVDadded 2026/05/21 2:16 p.m.6 views

CVE-2026-45206

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45207 but exists in a different process protection communication mechanism. Please note: an attacker must first obtain the abilit...

7.8CVSS0.00008EPSS
Exploits0References1
NVD
NVDadded 2026/05/21 2:16 p.m.5 views

CVE-2026-34927

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS0.00017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/21 1:4 p.m.4 views

CVE-2026-45207

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45206 but exists in a different process protection communication mechanism. Please note: an attacker must first obtain the abilit...

7.8CVSS6AI score0.00008EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/21 1:4 p.m.6 views

EUVD-2026-31279

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45206 but exists in a different process protection communication mechanism. Please note: an attacker must first obtain the abilit...

7.8CVSS6AI score0.00008EPSS
Exploits0References1
CVE
CVEadded 2026/05/21 1:4 p.m.10 views

CVE-2026-45207

Technical details about CVE-2026-45207 are not publicly available in the provided documents. No specifics on affected components, root cause, impact, or fixes are included. Monitor for updates from vendors and authorities.

7.8CVSS6AI score0.00008EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/21 1:4 p.m.4 views

CVE-2026-45206

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45207 but exists in a different process protection communication mechanism. Please note: an attacker must first obtain the abilit...

7.8CVSS6AI score0.00008EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/21 1:4 p.m.3 views

CVE-2026-34930

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different process protection mechanism. Please note: an attacker must first obtain the ability to execute...

7.8CVSS6AI score0.00017EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/21 1:4 p.m.7 views

CVE-2026-34930

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different process protection mechanism. Please note: an attacker must first obtain the ability to execute...

7.8CVSS6AI score0.00008EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/21 1:3 p.m.4 views

EUVD-2026-31286

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different named pipe communication mechanism. Please note: an attacker must first obtain the ability to...

7.8CVSS6AI score0.00017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/21 1:3 p.m.3 views

CVE-2026-34927

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS6AI score0.00017EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/21 1:3 p.m.31 views

CVE-2026-34927

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability...

7.8CVSS0.00017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/21 1:3 p.m.3 views

CVE-2025-71217

An origin validation error vulnerability in the Trend Micro Apex One mac agent self-protection mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in ord...

7.8CVSS7.3AI score0.00008EPSS
Exploits0References3
EUVD
EUVDadded 2026/05/21 1:3 p.m.7 views

EUVD-2025-209915

An origin validation error vulnerability in the Trend Micro Apex One mac agent self-protection mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in ord...

7.8CVSS7.3AI score0.00008EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/21 12:41 p.m.3 views

CVE-2025-13477 OTP Bypass in Digital Operation Services' WifiBurada

Exposure of private personal information to an unauthorized actor, Insufficiently Protected Credentials vulnerability in Digital Operations Services Inc. WifiBurada allows Authentication Bypass. This issue affects WifiBurada: through 21052026. NOTE: The vendor was contacted early about this...

7.1CVSS5.8AI score0.00042EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/21 12:41 p.m.6 views

EUVD-2025-209910

Exposure of private personal information to an unauthorized actor, Insufficiently Protected Credentials vulnerability in Digital Operations Services Inc. WifiBurada allows Authentication Bypass. This issue affects WifiBurada: through 21052026. NOTE: The vendor was contacted early about this...

7.1CVSS5.8AI score0.00042EPSS
Exploits0References1
CVE
CVEadded 2026/05/21 12:41 p.m.9 views

CVE-2025-13477

The CVE-2025-13477 entry concerns WifiBurada (Digital Operations Services Inc.) with an Authentication Bypass due to Insufficiently Protected Credentials, exposing private data. Affected through 21052026; CVSS 3.1 base score 7.1 (HIGH) with Network attack vector, low complexity, low privileges re...

7.1CVSS5.8AI score0.00042EPSS
Exploits0References1
The Hacker News
The Hacker Newsadded 2026/05/21 10:55 a.m.17 views

Microsoft Warns of Two Actively Exploited Defender Vulnerabilities

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild. The former, tracked as CVE-2026-41091 , is rated 7.8 on the CVSS scoring system. Successful exploitation of the flaw could allow an attacker to gain SYSTEM...

7.8CVSS6.7AI score0.08013EPSS
Exploits2
OSV
OSVadded 2026/05/21 10:0 a.m.5 views

CLSA-2026-1779357606 curl: Fix of CVE-2026-5773

CVE-2026-5773: disable connection reuse for SMBS to prevent libcurl from reusing a connection to the same server for a different SMB share...

7.5CVSS5.8AI score0.00019EPSS
Exploits1References1
Rows per page
Query Builder