Lucene search
K

21900 matches found

OSV
OSV
added 2026/04/17 11:16 a.m.7 views

CGA-65HC-3F87-9R9R

Bulletin has no description...

8.8CVSS7.3AI score0.00292EPSS
Exploits0
OSV
OSV
added 2026/04/17 11:16 a.m.5 views

CGA-2RX6-Q92R-6R9F

Bulletin has no description...

3.1CVSS5.6AI score0.00207EPSS
Exploits0
OSV
OSV
added 2026/04/17 11:15 a.m.4 views

CGA-5JHV-V673-4W63

Bulletin has no description...

8.8CVSS5.6AI score0.00164EPSS
Exploits0
Patchstack
Patchstack
added 2026/04/17 9:57 a.m.9 views

WordPress Fluent Forms - Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin <= 6.1.21 - Insecure Direct Object Reference in Stripe SCA Confirmation to Unauthenticated Payment Status Modification vulnerability

WordPress Fluent Forms - Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin = 6.1.21 - Insecure Direct Object Reference in Stripe SCA Confirmation to Unauthenticated Payment Status Modification vulnerability discovered by Prickly Cactus in WordPress Plugin FluentForm...

5.3CVSS5.8AI score0.00305EPSS
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2026/04/17 8:17 a.m.78 views

reconauto

reconauto Automated b...

5.7AI score
Exploits0
EUVD
EUVD
added 2026/04/17 6:31 a.m.7 views

EUVD-2026-23356

The LatePoint plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.3.2. The vulnerability exists because the OsStripeConnectController::createpaymentintentfortransaction action is registered as a public action no authentication required an...

5.3CVSS5.8AI score0.00689EPSS
Exploits0References11
NVD
NVD
added 2026/04/17 5:16 a.m.5 views

CVE-2026-5234

The LatePoint plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.3.2. The vulnerability exists because the OsStripeConnectController::createpaymentintentfortransaction action is registered as a public action no authentication required an...

5.3CVSS0.00689EPSS
Exploits0References10
CVE
CVE
added 2026/04/17 3:36 a.m.18 views

CVE-2026-5234

The LatePoint WordPress plugin (versions

5.3CVSS5.8AI score0.00689EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/04/17 3:36 a.m.39 views

CVE-2026-5234 LatePoint <= 5.3.2 - Insecure Direct Object Reference to Unauthenticated Sensitive Financial Data Exposure via Sequential Invoice ID

The LatePoint plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.3.2. The vulnerability exists because the OsStripeConnectController::createpaymentintentfortransaction action is registered as a public action no authentication required an...

5.3CVSS0.00689EPSS
Exploits0References10
Patchstack
Patchstack
added 2026/04/17 2:7 a.m.7 views

WordPress LatePoint plugin <= 5.3.2 - Insecure Direct Object Reference to Unauthenticated Sensitive Financial Data Exposure via Sequential Invoice ID vulnerability

Insecure Direct Object Reference to Unauthenticated Sensitive Financial Data Exposure via Sequential Invoice ID vulnerability discovered by darkmode in WordPress Plugin LatePoint versions = 5.3.2...

5.3CVSS5.8AI score0.00689EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.9 views

AlmaLinux 9 : .NET 8.0 (ALSA-2026:8469)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:8469 advisory. dotnet: .NET: Security Bypass and Denial of Service Vulnerability CVE-2026-26171 dotnet: .NET: Denial of Service via stack overflow CVE-2026-32203 dotnet:...

7.5CVSS6.4AI score0.0111EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007615)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007615 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU...

7.8CVSS6.5AI score0.00147EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007460)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007460 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/hwpoison: clear MFCOUNTINCREASED before retrying getanypage Hulk Robot reported a panic in...

5.5CVSS5.8AI score0.00353EPSS
Exploits1References4
Snyk
Snyk
added 2026/04/16 9:35 p.m.7 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the ConfigMap context loader due to missing validation of the namespace value. An attacker can access sensitive data from ConfigMaps in unauthorized namespaces by creating a policy that references another...

7.7CVSS5.7AI score0.00266EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/16 6:31 p.m.7 views

EUVD-2026-23288

In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory...

7.3CVSS5.8AI score0.00185EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/16 3:31 p.m.5 views

EUVD-2026-23237

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference via the 'submissionid' parameter in versions up to, and including, 6.1.21. This is due to missing authorization and ownership validatio...

5.3CVSS5.8AI score0.00305EPSS
Exploits0References3
NVD
NVD
added 2026/04/16 2:16 p.m.4 views

CVE-2026-4160

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference via the 'submissionid' parameter in versions up to, and including, 6.1.21. This is due to missing authorization and ownership validatio...

5.3CVSS0.00305EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/16 1:27 p.m.5 views

CVE-2026-4160

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference via the 'submissionid' parameter in versions up to, and including, 6.1.21. This is due to missing authorization and ownership validatio...

5.3CVSS5.8AI score0.00305EPSS
Exploits0References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/16 12:20 p.m.8 views

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2025-68146 DESCRIPTION: filelock is a...

6.5CVSS5.9AI score0.00184EPSS
Exploits1Affected Software1
Circl
Circl
added 2026/04/16 10:0 a.m.4 views

CVE-2026-33093

creationtimestamp| type| source ---|---|--- 2026-04-16 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03...

5.3CVSS5.7AI score0.00249EPSS
Exploits0References1
Rows per page
Query Builder