Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

41020 matches found

Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.21 views

PT-2026-38644

Name of the Vulnerable Software and Affected Versions SourceCodester SUP Online Shopping version 1.0 Description A remote SQL injection is possible via an unknown function within the '/admin/viewmsg.php' file. The issue occurs when the msgid argument is manipulated, allowing an attacker to...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References12
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.13 views

PT-2026-38886

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JAXP. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

7.5CVSS5.9AI score0.00358EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/05/08 12:0 a.m.11 views

PT-2026-38696

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

4.3CVSS5.8AI score0.03713EPSS
Exploits0References14
Vulnrichment
Vulnrichmentadded 2026/05/07 11:45 p.m.9 views

CVE-2026-8117 SourceCodester Pizzafy Ecommerce System index.php cross site scripting

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects some unknown processing of the file /admin/index.php. Such manipulation of the argument page leads to cross site scripting. The attack may be launched remotely. The exploit has been...

5.3CVSS4.2AI score0.00269EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/07 11:30 p.m.12 views

CVE-2026-8116

A weakness has been identified in huangjunsen0406 xiaozhi-mcphub up to 1.0.3. This vulnerability affects unknown code of the file src/controllers/dxtController.ts. This manipulation of the argument manifest.name causes path traversal. The attack may be initiated remotely. The exploit has been mad...

6.5CVSS5.6AI score0.00283EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/07 11:30 p.m.11 views

CVE-2026-8116 huangjunsen0406 xiaozhi-mcphub dxtController.ts path traversal

A weakness has been identified in huangjunsen0406 xiaozhi-mcphub up to 1.0.3. This vulnerability affects unknown code of the file src/controllers/dxtController.ts. This manipulation of the argument manifest.name causes path traversal. The attack may be initiated remotely. The exploit has been mad...

6.5CVSS6.4AI score0.00283EPSS
Exploits0References5
CVE
CVEadded 2026/05/07 11:30 p.m.17 views

CVE-2026-8116

CVE-2026-8116 affects the project “huangjunsen0406 xiaozhi-mcphub” up to version 1.0.3. The vulnerability is in the file src/controllers/dxtController.ts, where manipulation of the argument manifest.name enables path traversal. The attack could be initiated remotely, and the exploit has been publ...

6.5CVSS6.4AI score0.00283EPSS
Exploits0References5
NVD
NVDadded 2026/05/07 11:16 p.m.16 views

CVE-2026-8115

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

6.9CVSS0.00575EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/07 10:45 p.m.39 views

CVE-2026-8115 gyoridavid short-video-maker REST API rest.ts path traversal

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

6.9CVSS0.00575EPSS
Exploits0References5
NVD
NVDadded 2026/05/07 10:16 p.m.10 views

CVE-2026-8113

A vulnerability was determined in 8421bit MiniClaw up to 43905b934cf76489ab28e4d17da28ee97970f91f. Affected by this vulnerability is the function isPathInside of the file src/kernel.ts of the component executeSkillScript. Executing a manipulation can lead to path traversal. It is possible to laun...

6.5CVSS0.00413EPSS
Exploits1References7
NVD
NVDadded 2026/05/07 10:16 p.m.28 views

CVE-2026-8114

A vulnerability was identified in JeecgBoot up to 3.9.1. Affected by this issue is some unknown functionality of the file /sys/dict/loadTreeData of the component JSON Object Handler. The manipulation of the argument condition leads to sql injection. The attack can be initiated remotely. The explo...

6.5CVSS0.00196EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/07 10:0 p.m.44 views

CVE-2026-8114 JeecgBoot JSON Object loadTreeData sql injection

A vulnerability was identified in JeecgBoot up to 3.9.1. Affected by this issue is some unknown functionality of the file /sys/dict/loadTreeData of the component JSON Object Handler. The manipulation of the argument condition leads to sql injection. The attack can be initiated remotely. The explo...

6.5CVSS0.00196EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/07 10:0 p.m.6 views

CVE-2026-8114

A vulnerability was identified in JeecgBoot up to 3.9.1. Affected by this issue is some unknown functionality of the file /sys/dict/loadTreeData of the component JSON Object Handler. The manipulation of the argument condition leads to sql injection. The attack can be initiated remotely. The explo...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/07 9:30 p.m.10 views

EUVD-2026-28444

A security vulnerability has been detected in code-projects Feedback System 1.0. Impacted is an unknown function of the file /admin/checklogin.php. Such manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References6
EUVD
EUVDadded 2026/05/07 9:30 p.m.10 views

EUVD-2026-28416

A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=saveuser. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References6
CVE
CVEadded 2026/05/07 9:15 p.m.19 views

CVE-2026-8113

CVE-2026-8113 affects 8421bit MiniClaw: the isPathInside function in src/kernel.ts (executeSkillScript) enables path traversal. Remote exploit described; no explicit product version details are provided. A patch is referenced (e8bd4e17e9428260f2161378356affc5ce90d6ed). Monitor for official fix an...

6.5CVSS5.4AI score0.00413EPSS
Exploits1References7Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/07 9:15 p.m.7 views

CVE-2026-8113 8421bit MiniClaw executeSkillScript kernel.ts isPathInside path traversal

A vulnerability was determined in 8421bit MiniClaw up to 43905b934cf76489ab28e4d17da28ee97970f91f. Affected by this vulnerability is the function isPathInside of the file src/kernel.ts of the component executeSkillScript. Executing a manipulation can lead to path traversal. It is possible to laun...

5.3CVSS5.4AI score0.00413EPSS
Exploits1References7
ATTACKERKB
ATTACKERKBadded 2026/05/07 9:15 p.m.9 views

CVE-2026-8113

A vulnerability was determined in 8421bit MiniClaw up to 43905b934cf76489ab28e4d17da28ee97970f91f. Affected by this vulnerability is the function isPathInside of the file src/kernel.ts of the component executeSkillScript. Executing a manipulation can lead to path traversal. It is possible to laun...

5.3CVSS5.4AI score0.00413EPSS
Exploits1References7
Cvelist
Cvelistadded 2026/05/07 9:0 p.m.35 views

CVE-2026-8112 8421bit MiniClaw kernel.ts executeCognitivePulse os command injection

A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84. Affected is the function executeCognitivePulse of the file src/kernel.ts. Performing a manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS0.02941EPSS
Exploits1References7
Vulnrichment
Vulnrichmentadded 2026/05/07 9:0 p.m.7 views

CVE-2026-8112 8421bit MiniClaw kernel.ts executeCognitivePulse os command injection

A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84. Affected is the function executeCognitivePulse of the file src/kernel.ts. Performing a manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS6.2AI score0.02941EPSS
Exploits1References7
Rows per page
Query Builder