Lucene search
K

813 matches found

CNNVD
CNNVD
added 2026/04/18 12:0 a.m.12 views

Movary 安全漏洞

Movary is a film review program developed by Lee Peuker personally. Versions of Movary prior to 0.71.1 contained security vulnerabilities. These vulnerabilities stemmed from the /settings/jellyfin/server-url-verify endpoint, which allowed user-controlled URLs to initiate server-side HTTP requests...

7.7CVSS5.8AI score0.00379EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/18 12:0 a.m.12 views

PT-2026-33540

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can trigger server-side requests to arbitrary internal targets through POST /settings/jellyfin/server-url-verify. The endpoint accepts a user-controlled URL, appends...

7.7CVSS5.8AI score0.00379EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/17 9:31 p.m.5 views

EUVD-2026-23478

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated access that discloses debug configuration details e.g., SSH/RTTY status, assisting attackers in reconnaissance against the device...

5.3CVSS5.8AI score0.00249EPSS
Exploits0References4
NVD
NVD
added 2026/04/17 8:16 p.m.7 views

CVE-2026-32648

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated access that discloses debug configuration details e.g., SSH/RTTY status, assisting attackers in reconnaissance against the device...

5.3CVSS0.00249EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/17 7:34 p.m.23 views

CVE-2026-32648 Anviz Products Missing Authorization

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated access that discloses debug configuration details e.g., SSH/RTTY status, assisting attackers in reconnaissance against the device...

5.3CVSS0.00249EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/17 7:34 p.m.4 views

CVE-2026-32648

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated access that discloses debug configuration details e.g., SSH/RTTY status, assisting attackers in reconnaissance against the device...

5.3CVSS5.8AI score0.00249EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/04/17 8:17 a.m.82 views

reconauto

reconauto Automated b...

5.7AI score
Exploits0
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.10 views

Anviz CX7和Anviz CX2 Lite 安全漏洞

Both Anviz CX7 and Anviz CX2 Lite are products of the American company Anviz. The Anviz CX7 is a smart terminal device integrated with biometric identification and access control functions. The Anviz CX2 Lite is also a smart terminal device that integrates face recognition and access control...

5.3CVSS5.8AI score0.00249EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/04/16 12:11 a.m.110 views

VulnForge

VulnForge AI-Powered Vulnerability Scanner & Auto-Exploit E...

5.9AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/14 2:49 p.m.114 views

catbyte-toolkit

cb - Binary Analysis Toolkit for macOS/iOS Security Research...

5.9AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/13 11:54 a.m.129 views

argus

Argus Autonomous vulnerability discovery and exploit validati...

6.1AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/13 11:53 a.m.124 views

Decepticon

⚡ Decepticon — Autonomous Multi-Agent Offensive Security !L...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/12 9:39 a.m.94 views

pentest-autopilot-mcps

Pentest Autopilot MCP Servers Professional-grade Model Contex...

6AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/08 11:0 p.m.109 views

pentestfr

Pentest Framework — Kali Linux / VirtualBox Framework Python...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/04/03 12:0 a.m.5 views

A Systematic Security Evaluation of OpenClaw and Its Variants

Tool-augmented AI agents substantially extend the practical capabilities of large language models, but they also introduce security risks that cannot be identified through model-only evaluation. In this paper, we present a systematic security assessment of six representative OpenClaw-series agent...

6AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2026/04/02 4:0 p.m.6 views

Threat actor abuse of AI accelerates from tool to cyberattack surface

For the last year, one word has represented the conversation living at the intersection of AI and cybersecurity: speed. Speed matters, but it’s not the most important shift we are observing across the threat landscape today. Now, threat actors from nation states to cybercrime groups are embedding...

6.2AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/02 2:29 p.m.83 views

AARTF---Autonomous-AI-RedTeam-Framework

AARTF AI-Driven Autonomous Security Workflow !CIhttps:/...

6.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/02 1:54 p.m.8 views

org.keycloak.protocol.oidc: Blind Server-Side Request Forgery (SSRF) in Keycloak OIDC Dynamic Client Registration via jwks_uri

A flaw was identified in Keycloak’s OpenID Connect Dynamic Client Registration feature when clients authenticate using privatekeyjwt. The issue allows a client to specify an arbitrary jwksuri, which Keycloak then retrieves without validating the destination. This enables attackers to coerce the...

5.8CVSS6AI score0.00363EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/31 4:56 p.m.7 views

CVE-2026-34360

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the /loadIG HTTP endpoint in the FHIR Validator HTTP service accepts a user-supplied URL via JSON body and makes server-side HTTP requests to it without any hostname,...

5.8CVSS5.8AI score0.00235EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/03/30 3:32 p.m.2 views

EUVD-2026-17084

A vulnerability of authorization bypass through user-controlled key in the 'console-survey/api/v1/answer/EVENTID/TIMESTAMP/' endpoint. Exploiting this vulnerability would allow an unauthenticated attacker to enumerate event IDs and obtain the complete Q&A history. This publicly exposed data may...

8.7CVSS5.8AI score0.00287EPSS
Exploits0References2
Rows per page
Query Builder