CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/06/02 12:31 a.m.•10 views

EUVD-2026-33849

A vulnerability was detected in itsourcecode Fees Management System 1.0. The affected element is an unknown function of the file index.php. Performing a manipulation of the argument page results in cross site scripting. The attack may be initiated remotely. The exploit is now public and may be us...

5.3CVSS4.3AI score0.00443EPSS

EUVD•added 2026/06/02 12:31 a.m.•8 views

EUVD-2026-33853

A vulnerability has been found in 1Panel-dev CordysCRM up to 1.6.2. This affects an unknown function of the file backend/framework/src/main/java/cn/cordys/config/RequestParamTrimConfig.java. The manipulation leads to cross site scripting. Remote exploitation of the attack is possible. The exploit...

4.8CVSS4.1AI score0.00251EPSS

EUVD•added 2026/06/02 12:31 a.m.•9 views

EUVD-2026-33833

A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/srt/lora/loramanager.py of the component Inference HTTP Endpoint. Such manipulation of the argument lorapath leads to reachable assertion. The attack can be launched...

6.3CVSS5.2AI score0.00565EPSS

EUVD•added 2026/06/02 12:31 a.m.•13 views

EUVD-2026-33828

A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /managecourse.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used...

6.5CVSS5.7AI score0.00319EPSS

EUVD•added 2026/06/02 12:31 a.m.•8 views

EUVD-2026-33816

A flaw has been found in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/formFireWall. This manipulation of the argument Profile causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be...

9CVSS6AI score0.00738EPSS

EUVD•added 2026/06/02 12:31 a.m.•11 views

EUVD-2026-33820

A security vulnerability has been detected in Enderfga claw-orchestrator up to 3.7.0. The impacted element is the function validateRegex of the file claw-orchestrator/src/embedded-server.ts of the component Session Grep Endpoint. The manipulation of the argument body.pattern leads to inefficient...

5.3CVSS5.4AI score0.00596EPSS

NVD•added 2026/06/02 12:16 a.m.•8 views

CVE-2026-10302

6.5CVSS0.00319EPSS

Cvelist•added 2026/06/02 12:15 a.m.•35 views

CVE-2026-10529 westboy CicadasCMS Task Scheduling Management ScheduleJobController.java cross site scripting

A weakness has been identified in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is an unknown function of the file src/main/java/com/zhiliao/module/web/system/ScheduleJobController.java of the component Task Scheduling Management Module. Executing a manipulation can...

4.8CVSS0.0021EPSS

EUVD•added 2026/06/02 12:15 a.m.•7 views

EUVD-2026-33855

4.8CVSS4.1AI score0.0021EPSS

ATTACKERKB•added 2026/06/02 12:15 a.m.•7 views

CVE-2026-10529

4.8CVSS4.1AI score0.0021EPSS

Positive Technologies•added 2026/06/02 12:0 a.m.•11 views

PT-2026-45685

A security vulnerability has been detected in 1Panel-dev CordysCRM up to 1.4.1. This impacts the function Save of the file src/main/java/cn/cordys/crm/system/service/ModuleFormService.java of the component ModuleFormController. The manipulation of the argument Description leads to cross site...

5.1CVSS4.1AI score0.00237EPSS

CNNVD•added 2026/06/02 12:0 a.m.•3 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the SurfaceCapture component’s ability to reuse resources after release, potentially allowing remote attackers to...

8.3CVSS5.3AI score0.0026EPSS

Exploits0References3

Positive Technologies•added 2026/06/02 12:0 a.m.•8 views

PT-2026-46651

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in Skia allows a remote attacker to potentially exploit heap corruption through a crafted HTML page. Heap corruption occurs when a program writes data outside the...

9.6CVSS6.2AI score0.00865EPSS

Exploits0References437

CNNVD•added 2026/06/02 12:0 a.m.•2 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the Printing component being reused after it was released, potentially allowing remote attackers to exploit the...

8.3CVSS5.4AI score0.00278EPSS

Exploits0References3

Positive Technologies•added 2026/06/02 12:0 a.m.•9 views

PT-2026-45818

Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7.88 Description A remote SQL injection is possible through the manipulation of the msg argument within the dede htmlspecialchars function located in the '/plus/flink.php' file. Recommendations As a temporary workaround,...

7.5CVSS7.3AI score0.00313EPSS

Positive Technologies•added 2026/06/02 12:0 a.m.•8 views

PT-2026-45853

Name of the Vulnerable Software and Affected Versions SourceCodester Human Resource Management version 1.0 Description An issue exists in the Employee View Page component within the '/detailview.php' endpoint. Remote manipulation of the employeeid argument leads to improper control of resource...

5.3CVSS5.7AI score0.00242EPSS