Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2788 matches found

Amazon
Amazonadded 2026/05/09 12:0 a.m.8 views

Important: java-26-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV...

7.5CVSS7.2AI score0.00154EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2026/05/09 12:0 a.m.4 views

Amazon Linux 2023 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2023-2026-1687)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1687 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Ja...

7.5CVSS7.3AI score0.00154EPSS
Exploits0References6
Snyk
Snykadded 2026/05/08 8:0 p.m.5 views

Incorrect Authorization

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Incorrect Authorization in the ydoc:document:update handler. An attacker can inject, modify, or delete content in collaborative documents by emitting crafted Socket.IO events after joining a document room wit...

5.4CVSS5.8AI score0.00042EPSS
Exploits1References2
OSV
OSVadded 2026/05/08 5:48 a.m.6 views

BIT-JRE-2026-34268

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....

2.9CVSS5.8AI score0.00022EPSS
Exploits0References2
OSV
OSVadded 2026/05/08 5:45 a.m.3 views

BIT-JRE-2023-22044

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; Oracle GraalVM for...

3.7CVSS6.2AI score0.0013EPSS
Exploits0References5
OSV
OSVadded 2026/05/08 5:44 a.m.8 views

BIT-JRE-2022-21540

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitab...

5.3CVSS6.5AI score0.00438EPSS
Exploits0References12
OSV
OSVadded 2026/05/08 5:44 a.m.8 views

BIT-JRE-2022-21282

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS6.5AI score0.00144EPSS
Exploits0References7
OSV
OSVadded 2026/05/08 5:43 a.m.3 views

BIT-JRE-2020-14796

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multipl...

3.1CVSS6.8AI score0.00134EPSS
Exploits0References7
CVE
CVEadded 2026/05/08 3:45 a.m.5 views

CVE-2026-42275

The CVE-2026-42275 issue affects zrok’s WebDAV drive backend (davServer.Dir) where symbolic links inside the shared DriveRoot are not prevented from pointing outside the root. This allows remote WebDAV clients to read files and, on shares with lax OS permissions, overwrite files anywhere on the h...

8.7CVSS5.8AI score0.00054EPSS
Exploits0References3Affected Software1
EUVD
EUVDadded 2026/05/08 3:45 a.m.5 views

EUVD-2026-28511

zrok is software for sharing web services, files, and network resources. Prior to version 2.0.2, the zrok WebDAV drive backend davServer.Dir restricts path traversal through lexical normalization but does not prevent symlink following. When a symbolic link inside the shared DriveRoot points to a...

8.7CVSS5.8AI score0.00054EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/05/08 3:45 a.m.3 views

CVE-2026-42275

zrok is software for sharing web services, files, and network resources. Prior to version 2.0.2, the zrok WebDAV drive backend davServer.Dir restricts path traversal through lexical normalization but does not prevent symlink following. When a symbolic link inside the shared DriveRoot points to a...

8.7CVSS5.8AI score0.00054EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/05/08 3:45 a.m.28 views

CVE-2026-42275 zrok: WebDAV drive backend follows symlinks outside DriveRoot, enabling host filesystem read/write

zrok is software for sharing web services, files, and network resources. Prior to version 2.0.2, the zrok WebDAV drive backend davServer.Dir restricts path traversal through lexical normalization but does not prevent symlink following. When a symbolic link inside the shared DriveRoot points to a...

8.7CVSS0.00054EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.8 views

PT-2026-38697

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JNDI. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

4.3CVSS6.1AI score0.00103EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.9 views

PT-2026-38703

Vulnerability in the Java SE product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of th...

5.3CVSS5.9AI score0.00041EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.6 views

PT-2026-38804

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. Difficult to exploit vulnerability allows unauthenticated...

3.1CVSS5.8AI score0.00344EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.5 views

PT-2026-38791

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6,...

3.7CVSS5.8AI score0.00141EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.5 views

PT-2026-38883

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....

2.9CVSS5.8AI score0.00022EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.7 views

PT-2026-38747

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows...

5.3CVSS5.8AI score0.00144EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.4 views

PT-2026-38765

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitab...

5.3CVSS5.8AI score0.00438EPSS
Exploits0References13
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.5 views

PT-2026-38719

Vulnerability in the Java SE product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability...

4.3CVSS5.8AI score0.00356EPSS
Exploits0References7
Rows per page
Query Builder