CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/02/15 11:20 p.m.•5 views

MAL-2026-910 Malicious code in dns-execution-test (PyPI)

5.8AI score

GithubExploit•added 2026/02/13 3:42 p.m.•99 views

Exploit for CVE-2025-40552

CVE-2025-40552 and CVE-2025-40553 SolarWinds Web Help Desk Pre...

9.8CVSS7.5AI score0.6039EPSS

Exploits1

CISA KEV Catalog•added 2026/02/13 12:0 a.m.•13 views

BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability

BeyondTrust Remote Support RS and Privileged Remote Access PRAcontain an OS command injection vulnerability. Successful exploitation could allow an unauthenticated remote attacker to execute operating system commands in the context of the site user. Successful exploitation requires no...

9.9CVSS6.2AI score0.86091EPSS

In wildExploits11

RedhatCVE•added 2026/02/12 7:28 p.m.•4 views

CVE-2026-2249

METIS DFS devices versions = oscore 2.1.234-r18 expose a web-based shell at the /console endpoint that does not require authentication. Accessing this endpoint allows a remote attacker to execute arbitrary operating system commands with 'daemon' privileges. This results in the compromise of the...

NVD•added 2026/02/11 3:16 p.m.•6 views

Exploits1References1

CVE-2026-2249

9.8CVSS0.00514EPSS

Cvelist•added 2026/02/11 2:16 p.m.•26 views

CVE-2026-2249 Unauthenticated Remote Command Execution via Web Console in METIS DFS

9.8CVSS0.00514EPSS

Vulnrichment•added 2026/02/11 2:16 p.m.•5 views

CVE-2026-2249 Unauthenticated Remote Command Execution via Web Console in METIS DFS

ATTACKERKB•added 2026/02/11 2:16 p.m.•4 views

CVE-2026-2249

CVE•added 2026/02/11 2:16 p.m.•22 views

CVE-2026-2249

METIS DFS devices expose an unauthenticated web-based shell at /console, allowing remote command execution with daemon privileges on affected versions (

OSSF Malicious Packages•added 2026/02/11 6:56 a.m.•9 views

Malicious code in jsonconfig-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 883897a307b53ac17e981eac46b8d6f8c31d88fc2628c6d57c5f7f191ed84b81 During installation, package installs a script that listens for remote commands and executes them. The script is also added to autostart configuration and...

OSV•added 2026/02/11 6:56 a.m.•5 views

MAL-2026-849 Malicious code in jsonconfig-utils (PyPI)

CNNVD•added 2026/02/11 12:0 a.m.•4 views

METIS DFS 安全漏洞

METIS DFS is a data processing software developed by the Greek company METIS. Versions of METIS DFS 2.1.234-r18 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the /console endpoint, which exposed a web-based shell without authentication requirements. This could...

Positive Technologies•added 2026/02/11 12:0 a.m.•4 views

PT-2026-7598

OSV•added 2026/02/10 10:45 p.m.•6 views

MAL-2026-847 Malicious code in requests-auth-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 03bb4c04410c4e3c58d7292eb47f8f76a2fbe5265abea29826ac910e890350d0 During installation, package installs a script that listens for remote commands and executes them. The script is also added to autostart configuration and...

RedhatCVE•added 2026/02/10 1:23 p.m.•5 views

CVE-2026-2227

A vulnerability was found in D-Link DCS-931L up to 1.13.0. Impacted is the function doSystem of the file /setSystemAdmin. Performing a manipulation of the argument AdminID results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This...

7.2CVSS5.4AI score0.05351EPSS

Exploits1References1

OSV•added 2026/02/10 7:42 a.m.•5 views

MAL-2026-825 Malicious code in devtools-webhook-cicd-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 807557cb6ac51aece00eeb28f55b89815176c95172780dcdded46b667f843771 During installation, package installs a script that listens for remote commands and executes them. The script is also added to autostart configuration and...