Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

40963 matches found

CVE
CVEadded 2026/06/13 8:15 p.m.24 views

CVE-2026-12174

CVE-2026-12174 affects D-Link DCS-935L firmware 1.10.01. The vulnerability is in the HTTP Handler’s function snprintf used by /web/cgi-bin/greece/rhea, allowing format-string manipulation. This can enable a remote attacker to exploit the flaw; public exploits have been disclosed. The available do...

9CVSS7.6AI score0.00997EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVEadded 2026/06/13 2:34 a.m.14 views

CVE-2026-45673

A flaw was found in Netty's DNS resolver component. This vulnerability arises from the use of a predictable pseudo-random number generator PRNG for DNS transaction IDs and a static User Datagram Protocol UDP source port. This combination significantly reduces the randomness of DNS queries, making...

6.8CVSS4.9AI score0.00403EPSS
Exploits0References6
SUSE CVE
SUSE CVEadded 2026/06/13 2:28 a.m.9 views

SUSE CVE-2026-12020

Use after free in Autofill in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00224EPSS
Exploits0References3
NVD
NVDadded 2026/06/12 9:16 p.m.9 views

CVE-2026-12130

A security flaw has been discovered in CodeAstro Human Resource Management System 1.0. This affects an unknown part of the file /Projects/AddProjects of the component Projects Management Page. The manipulation of the argument protitle results in cross site scripting. The attack may be launched...

5.1CVSS0.00203EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/12 9:15 p.m.7 views

CVE-2026-12131 CodeAstro Human Resource Management System Payroll Invoice Payroll.php sql injection

A weakness has been identified in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function Invoice of the file \application\controllers\Payroll.php of the component Payroll Invoice Module. This manipulation of the argument ID causes sql injection. Remote exploitatio...

6.5CVSS6.4AI score0.0025EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/12 8:45 p.m.26 views

CVE-2026-12130 CodeAstro Human Resource Management System Projects Management Add_Projects cross site scripting

A security flaw has been discovered in CodeAstro Human Resource Management System 1.0. This affects an unknown part of the file /Projects/AddProjects of the component Projects Management Page. The manipulation of the argument protitle results in cross site scripting. The attack may be launched...

5.1CVSS0.00203EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/12 8:45 p.m.5 views

CVE-2026-12130 CodeAstro Human Resource Management System Projects Management Add_Projects cross site scripting

A security flaw has been discovered in CodeAstro Human Resource Management System 1.0. This affects an unknown part of the file /Projects/AddProjects of the component Projects Management Page. The manipulation of the argument protitle results in cross site scripting. The attack may be launched...

5.1CVSS3.8AI score0.00203EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/12 8:45 p.m.8 views

EUVD-2026-36569

A security flaw has been discovered in CodeAstro Human Resource Management System 1.0. This affects an unknown part of the file /Projects/AddProjects of the component Projects Management Page. The manipulation of the argument protitle results in cross site scripting. The attack may be launched...

5.1CVSS3.7AI score0.00203EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/12 8:30 p.m.7 views

CVE-2026-12129 CodeAstro Human Resource Management System Dashboard add_tod cross site scripting

A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/addtod of the component Dashboard Interface. The manipulation of the argument tododata leads to cross site scripting. The attack may be...

5.1CVSS3.5AI score0.00203EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/12 8:30 p.m.32 views

CVE-2026-12129 CodeAstro Human Resource Management System Dashboard add_tod cross site scripting

A vulnerability was identified in CodeAstro Human Resource Management System 1.0. Affected by this issue is some unknown functionality of the file /dashboard/addtod of the component Dashboard Interface. The manipulation of the argument tododata leads to cross site scripting. The attack may be...

5.1CVSS0.00203EPSS
Exploits0References6
CVE
CVEadded 2026/06/12 8:30 p.m.18 views

CVE-2026-12129

CodeAstro Human Resource Management System 1.0 is affected. The vulnerability resides in the Dashboard Interface component, specifically the /dashboard/add_tod endpoint, where manipulation of the todo_data argument leads to cross-site scripting. The issue is exploitable remotely, and exploits are...

5.1CVSS3.7AI score0.00203EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/12 8:0 p.m.9 views

EUVD-2026-36555

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, a program able to write bytes to a kitty terminal — a remote SSH peer, a downloaded file viewed with cat, a log line, an email body rendered in less, an issue body in a TUI, etc. — can cause kitty to execute...

7.8CVSS5.6AI score0.00132EPSS
Exploits1References1
NVD
NVDadded 2026/06/12 2:16 p.m.8 views

CVE-2026-12066

A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...

7.5CVSS0.00474EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/12 1:0 p.m.8 views

EUVD-2026-36423

A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...

7.5CVSS7.1AI score0.00474EPSS
Exploits0References6
CVE
CVEadded 2026/06/12 1:0 p.m.14 views

CVE-2026-12066

CVE-2026-12066 affects PbootCMS up to version 3.2.12. The vulnerability resides in the function retrieve of file apps/home/controller/MemberController.php (Password Handler). Manipulating the arguments username/password/email/checkcode enables weak password recovery; the issue is exploitable remo...

7.5CVSS7.1AI score0.00474EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/12 1:0 p.m.8 views

CVE-2026-12066 PbootCMS Password MemberController.php retrieve password recovery

A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...

7.5CVSS7.1AI score0.00474EPSS
Exploits0References6
OSV
OSVadded 2026/06/12 12:27 p.m.8 views

OESA-2026-2668 libwebsockets security update

Libwebsockets LWS is a flexible, lightweight pure C library for implementing modern network protocols easily with a tiny footprint, using a nonblocking event loop. Security Fixes: A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lwssshparseplaintext of t...

6.9CVSS5.2AI score0.00428EPSS
Exploits0References2
OSV
OSVadded 2026/06/12 12:26 p.m.5 views

OESA-2026-2648 poppler security update

is a PDF rendering library. Security Fixes: A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized...

7.8CVSS5.8AI score0.00256EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/12 12:0 a.m.6 views

PT-2026-48974

Name of the Vulnerable Software and Affected Versions CodeAstro Human Resource Management System version 1.0 Description Cross site scripting can be triggered remotely via the manipulation of the todo data argument within the '/dashboard/add tod' endpoint of the Dashboard Interface component...

5.1CVSS4.7AI score0.00203EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2026/06/12 12:0 a.m.10 views

PT-2026-48866

A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password...

7.5CVSS7AI score0.00474EPSS
Exploits0References7
Rows per page
Query Builder