Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2026/02/10 8:18 p.m.6 views

CVE-2026-1495

CVE-2026-1495 concerns an information-insertion vulnerability in AVEVA PI to CONNECT Agent. The CVE describes that an attacker with Event Log Reader privileges (S-1-5-32-573) can access proxy details, including the proxy URL and credentials, from the PI to CONNECT event log files. This could enab...

6.5CVSS5.5AI score0.00022EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/02/06 5:32 p.m.12 views

CVE-2025-23217 Mitmweb API Authentication Bypass Using Proxy Server

mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In mitmweb 11.1.1 and below, a malicious client can use mitmweb's proxy server bound to :8080 by default to access mitmweb's internal...

8.2CVSS7.2AI score0.03579EPSS
Exploits0References3
CVE
CVEadded 2025/02/06 5:32 p.m.1955 views

CVE-2025-23217

CVE-2025-23217 affects mitmweb (the web UI of mitmproxy). In versions 11.1.1 and earlier, a malicious client connected to mitmweb’s proxy server (default bind 0.0.0.0:8080) could reach mitmweb’s internal API (127.0.0.1:8081) through the proxy, enabling SSRF-style access that may lead to remote co...

8.2CVSS7.5AI score0.03579EPSS
Exploits0References3
Rows per page
Query Builder