Lucene search
K

252960 matches found

EUVD
EUVD
added 2026/05/29 12:0 a.m.10 views

EUVD-2026-33329

Falco Solutions PHPPageBuilder v0.31.0 contains an unrestricted file upload vulnerability in the pagemanager/pagebuilder module that allows remote attackers to upload arbitrary files and achieve remote code execution. The vulnerability exists due to insufficient validation of uploaded file types...

6.3AI score0.00472EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.10 views

PT-2026-44858

Falco Solutions PHPPageBuilder v0.31.0 contains an unrestricted file upload vulnerability in the pagemanager/pagebuilder module that allows remote attackers to upload arbitrary files and achieve remote code execution. The vulnerability exists due to insufficient validation of uploaded file types...

6.3AI score0.00472EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.8 views

Mautic 安全漏洞

Mautic is an open-source marketing automation software developed by Mautic. This software can monitor and manage websites, send emails, and manage customer resources. Version 7 of Mautic has a security vulnerability, which stems from path traversal in the activity import function. This...

9.9CVSS6.3AI score0.00583EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.8 views

Trilium Notes 安全漏洞

Trilium Notes is a hierarchical note application developed by Zadam, a personal developer. It focuses on building large personal knowledge bases. Versions of Trilium Notes prior to 0.102.2 contained a security vulnerability. This vulnerability stemmed from the import of malicious ZIP archives whe...

9.3CVSS6.5AI score0.0017EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/29 12:0 a.m.33 views

CVE-2026-39292

Falco Solutions PHPPageBuilder v0.31.0 contains an unrestricted file upload vulnerability in the pagemanager/pagebuilder module that allows remote attackers to upload arbitrary files and achieve remote code execution. The vulnerability exists due to insufficient validation of uploaded file types...

0.00472EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.16 views

PT-2026-45539

Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Deserialization of untrusted data allows an authorized attacker to execute arbitrary code over a network, which can affect the system. Deserialization is the process of...

8CVSS6.2AI score0.00638EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEV
added 2026/05/29 12:0 a.m.103 views

VulnCheck KEV: CVE-2026-45247

Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Attackers can exploit the unrestricted...

9.8CVSS6.7AI score0.27546EPSS
In wildExploits1References3
VulnCheck KEV
VulnCheck KEV
added 2026/05/29 12:0 a.m.35 views

VulnCheck KEV: CVE-2026-41089

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network...

9.8CVSS6.3AI score0.72253EPSS
In wildExploits31References2
Exploit DB
Exploit DB
added 2026/05/29 12:0 a.m.80 views

MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution

Exploit Title: MixPHP Framework 2.2.17 - Unsafe Deserialization Remote Code Execution Date: 2026-05-14 Exploit Author: cardosource Vendor Homepage: https://github.com/mix-php/mix Software Link: https://github.com/mix-php/mix Version: 2.x through 2.2.17 Tested on: Ubuntu 26.04 LTS / PHP 8.3.6 CVE:...

8.1CVSS5.8AI score0.01757EPSS
Exploits2
Exploit DB
Exploit DB
added 2026/05/29 12:0 a.m.71 views

Wing FTP Server 8.1.3 - Authenticated Remote Code Execution

Exploit Title: Wing FTP Server 8.1.3 - Authenticated Remote Code Execution Date: 12.05.2026 Exploit Author: Ünsal Furkan Harani Vendor Homepage: https://www.wftpserver.com/ Software Link: https://www.wftpserver.com/download.htm Version: v8.1.2 Tested on: Wing FTP Server = 8.1.2, fixed in 8.1.3 CV...

8.6CVSS5.8AI score0.02643EPSS
Exploits5
Exploit DB
Exploit DB
added 2026/05/29 12:0 a.m.76 views

Langflow 1.3.0 - Remote Code Execution

Exploit Title: Langflow 1.3.0 - Remote Code Execution Fofa-dork: title="Langflow" Shodan-dork: title:"Langflow" Date: 23-05-2026 Exploit Author: Diamorphine Venodor Homepage: https://www.langflow.org/ Software Link: https://github.com/langflow-ai/langflow Version: 1.2.0 Tested on: Debian CVE :...

9.8CVSS7.3AI score0.10371EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.12 views

SUSE SLES15 Security Update : redis7 (SUSE-SU-2026:2100-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2100-1 advisory. This update for redis7 fixes the following issues - CVE-2026-23631: Lua use-after-free via the master-replica synchronization...

8.8CVSS6.3AI score0.02995EPSS
Exploits0References7
Redos
Redos
added 2026/05/29 12:0 a.m.12 views

ROS-20260529-73-0007

The vulnerability of the pngsettRNS and pngsetPLTE functions in the LIBPNG library is related to improper memory management during data deallocation. Exploiting this vulnerability may allow a remote attacker to gain access to the freed memory area, which could lead to the execution of arbitrary...

7.5CVSS6.2AI score0.01052EPSS
Exploits1
Redos
Redos
added 2026/05/29 12:0 a.m.11 views

ROS-20260529-73-0008

The vulnerability of the pngsettRNS and pngsetPLTE functions in the LIBPNG library is related to improper memory management during data deallocation. Exploiting this vulnerability may allow a remote attacker to gain access to the freed memory area, which could lead to the execution of arbitrary...

7.5CVSS6.2AI score0.01052EPSS
Exploits1
Redos
Redos
added 2026/05/29 12:0 a.m.9 views

ROS-20260529-73-0014

The vulnerability in openbao is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.6CVSS6.1AI score0.00287EPSS
Exploits0
Redos
Redos
added 2026/05/29 12:0 a.m.12 views

ROS-20260529-73-0026

The vulnerability of the JSONSCHEMAVALID function in the MariaDB database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to cause service interruptions and execute arbitrary code by sending a specially crafted JSON file...

9.9CVSS6.3AI score0.00856EPSS
Exploits1
Exploit DB
Exploit DB
added 2026/05/29 12:0 a.m.70 views

Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution

Exploit Title: Quick Playground for WordPress 1.3.1 - Unauthenticated Remote Code Execution Google Dork: N/A Date: 2026-05-22 Exploit Author: cardosource Vendor Homepage: https://quickplayground.com Software Link: https://downloads.wordpress.org/plugin/quick-playground.1.3.1.zip Version: \ wp...

9.8CVSS5.8AI score0.03092EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-10009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code...

7.5CVSS6.2AI score0.00221EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-9941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS5.8AI score0.00303EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.16 views

SUSE SLED15 / SLES15 Security Update : samba (SUSE-SU-2026:2076-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2076-1 advisory. This update for samba fixes the following issues Security issues: - CVE-2026-1933: Missing access check on...

9.8CVSS5.8AI score0.12797EPSS
Exploits7References22
Rows per page
Query Builder