CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

EUVD•added 2 days ago•6 views

EUVD-2026-34901

AWS Advanced Go Wrapper has Privilege Escalation in Aurora PostgreSQL instance...

8.6CVSS5.4AI score0.00131EPSS

Exploits0References4

Tenable Nessus•added 2026/06/06 12:0 a.m.•5 views

Photon OS 5.0: Dnsmasq PHSA-2026-5.0-0866

An update of the dnsmasq package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0866. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.3CVSS5.3AI score0.00083EPSS

Exploits1References2

NVD•added 2026/06/05 8:17 p.m.•8 views

CVE-2026-11401

An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rdssuperuser, via a crafted function created by the...

8.6CVSS0.00131EPSS

Exploits0References3

ATTACKERKB•added 2026/05/26 5:0 p.m.•4 views

CVE-2026-9566

A vulnerability was identified in teableio teable up to 1.9.x. This impacts an unknown function of the file apps/nextjs-app/src/features/auth/pages/LoginPage.tsx of the component Sign-up. The manipulation of the argument redirect leads to cross site scripting. The attack is possible to be carried...

5.3CVSS4.1AI score0.00039EPSS

Exploits0References7Affected Software1

Cvelist•added 2026/05/26 5:0 p.m.•29 views

CVE-2026-9566 teableio teable Sign-up LoginPage.tsx cross site scripting

5.3CVSS0.00039EPSS

Exploits0References7

Cvelist•added 2026/04/23 8:35 a.m.•31 views

CVE-2026-3259 Sensitive Data Disclosure in BigQuery via Materialized View Error Messages

A Generation of Error Message Containing Sensitive Information vulnerability in the Materialized View Refresh mechanism in Google BigQuery on Google Cloud Platform allows an authenticated user to potentially disclose sensitive data using a crafted materialized view that triggers a runtime error...

7.1CVSS0.00054EPSS

Exploits0References1

CVE•added 2026/03/16 11:48 a.m.•6 views

CVE-2026-3476

SOLIDWORKS Desktop is affected by CVE-2026-3476, a code injection vulnerability impacting releases 2025 through 2026. The flaw allows arbitrary code execution on the user’s machine when opening a specially crafted file. Attack vector is LOCAL and require user interaction; exploitation is prioriti...

7.8CVSS6.2AI score0.00032EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/03/16 11:48 a.m.•27 views

CVE-2026-3476 Code Injection vulnerability affecting SOLIDWORKS Desktop from Release 2025 through Release 2026

A Code Injection vulnerability affecting SOLIDWORKS Desktop from Release 2025 through Release 2026 could allow an attacker to execute arbitrary code on the user's machine while opening a specially crafted file...

7.8CVSS0.00032EPSS

Exploits0References1

Positive Technologies•added 2026/03/16 12:0 a.m.•4 views

PT-2026-25596

Improper privilege management in ThemeManager prior to SMR Mar-2026 Release 1 allows local privileged attackers to reuse trial contents...

6.7CVSS5.8AI score0.00019EPSS

Exploits0References1

Positive Technologies•added 2026/03/16 12:0 a.m.•3 views

PT-2026-25703

Name of the Vulnerable Software and Affected Versions SOLIDWORKS Desktop versions 2025 through 2026 Description A code injection issue exists in SOLIDWORKS Desktop. Successful exploitation while opening a specially crafted file could allow an attacker to execute arbitrary code on the user's...

7.8CVSS6AI score0.00032EPSS

Exploits0References5

OSV•added 2026/03/03 11:19 p.m.•2 views

GHSA-2CH6-X3G4-7759 OpenClaw's commands.allowFrom sender authorization accepted conversation identifiers via ctx.From

Summary commands.allowFrom is documented as a sender authorization allowlist for commands/directives, but command authorization could include ctx.From conversation identity as a sender candidate. When commands.allowFrom contained conversation-like identifiers for example Discord channel: or...

7.1CVSS5.9AI score

Exploits0References3

CVE•added 2026/01/26 1:25 p.m.•11 views

CVE-2026-1284

CVE-2026-1284 is an Out-Of-Bounds Write in the EPRT file reading path of SOLIDWORKS eDrawings, affecting SOLIDWORKS Desktop 2025–2026. A crafted EPRT file could enable arbitrary code execution during file open. Multiple sources corroborate the same description across NVD/Red Hat/CIRCL/CVE lists, ...

7.8CVSS6AI score0.00015EPSS

Exploits0References1

Photon•added 2026/01/20 12:0 a.m.•9 views

Important Photon OS Security Update - PHSA-2026-4.0-0950

Updates of 'grub2', 'libpng' packages of Photon OS have been released...

7.8CVSS5.5AI score0.00023EPSS

Exploits0

CNNVD•added 2026/01/09 12:0 a.m.•3 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Jan-2026 Release 1, which stems from a reuse-after-release vulnerabili...

7.8CVSS6.7AI score0.00005EPSS

Exploits0References1

Circl•added 2026/01/08 5:49 p.m.•4 views

RHSA-2026:0384

creationtimestamp| type| source ---|---|--- 2026-01-08 17:49:29+00:00| seen| https://gist.github.com/Darkcrai86/6d190f25f63737d26efffc2d4389135b 2026-01-08 18:11:57+00:00| published-proof-of-concept| Telegram/Lge4284wsR8RZQjN49TNfOaqkj39MhV6KOAFAkydmYlrvo 2026-01-24 21:25:55+00:00| seen|...

4.8AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by