CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/06/03 1:16 a.m.•10 views

CVE-2026-10693

A security vulnerability has been detected in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the component Administrative Endpoint. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit...

6.5CVSS0.00214EPSS

Cvelist•added 2026/06/03 1:15 a.m.•39 views

CVE-2026-10705 dask HLL hyperloglog.py nunique_approx resource consumption

A flaw has been found in dask up to 3.0. Affected by this issue is the function nuniqueapprox of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...

3.1CVSS0.00287EPSS

ATTACKERKB•added 2026/06/03 1:15 a.m.•4 views

CVE-2026-10705

3.1CVSS5.1AI score0.00287EPSS

Vulnrichment•added 2026/06/03 12:45 a.m.•5 views

CVE-2026-10704 SourceCodester Pizzafy E-Commerce System Administrative Control Panel admin_class_novo.php login sql injection

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/adminclassnovo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack ca...

7.5CVSS6.9AI score0.00281EPSS

EUVD•added 2026/06/03 12:30 a.m.•10 views

EUVD-2026-34056

A security flaw has been discovered in wonderwhy-er DesktopCommanderMCP up to 0.2.38. This impacts an unknown function of the file src/search-manager.ts of the component startsearch. Performing a manipulation of the argument SearchResult results in inefficient regular expression complexity. It is...

5.3CVSS5.4AI score0.00354EPSS

Exploits0References10

EUVD•added 2026/06/03 12:30 a.m.•8 views

EUVD-2026-34037

A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The affected element is the function requests.get of the file src/blendermcp/server.py of the component ZIP File Handler. The manipulation of the argument zipfileurl results in server-side request...

6.5CVSS5.4AI score0.00227EPSS

Exploits0References9

EUVD•added 2026/06/03 12:30 a.m.•7 views

EUVD-2026-34034

A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lwssshparseplaintext of the file plugins/protocollwssshbase/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msglen can lead to resource consumption. The attack may be...

6.9CVSS5.4AI score0.00428EPSS

Exploits0References9

Cvelist•added 2026/06/03 12:30 a.m.•40 views

CVE-2026-10703 EIPStackGroup OpENer SendRRData cipmessagerouter.c CreateMessageRouterRequestStructure use after free

6.5CVSS0.00243EPSS

Cvelist•added 2026/06/03 12:15 a.m.•39 views

CVE-2026-10694 SourceCodester Online Food Ordering System index.php include file inclusion

A vulnerability was detected in SourceCodester Online Food Ordering System 2.0. Affected by this issue is the function include of the file /index.php. The manipulation of the argument page results in file inclusion. The attack can be launched remotely. The exploit is now public and may be used...

7.5CVSS0.00302EPSS

Vulnrichment•added 2026/06/03 12:15 a.m.•7 views

CVE-2026-10694 SourceCodester Online Food Ordering System index.php include file inclusion

7.5CVSS6.9AI score0.00302EPSS

Vulnrichment•added 2026/06/03 12:0 a.m.•6 views

CVE-2026-10693 SourceCodester Online Boat Reservation System Administrative Endpoint improper authorization

6.5CVSS6.2AI score0.00214EPSS

Cvelist•added 2026/06/03 12:0 a.m.•37 views

CVE-2026-10693 SourceCodester Online Boat Reservation System Administrative Endpoint improper authorization

6.5CVSS0.00214EPSS

Positive Technologies•added 2026/06/03 12:0 a.m.•10 views

PT-2026-45889

6.5CVSS6.2AI score0.00214EPSS

Positive Technologies•added 2026/06/03 12:0 a.m.•10 views

PT-2026-46071

Name of the Vulnerable Software and Affected Versions ealpha072 Student-Management-System versions prior to 01451bd7a2f58cdda07bd0b86e3967582e3ecd08 Description An issue in the Administrative Backend component, specifically within the 'admin/config.php' file, allows for improper authentication...

7.5CVSS7.1AI score0.00405EPSS

Positive Technologies•added 2026/06/03 12:0 a.m.•9 views

PT-2026-46067

Name of the Vulnerable Software and Affected Versions crmeb crmeb java version 1.4 Description An issue exists in the base64 Qrcode Endpoint where the manipulation of the url argument in the RestTemplate.getForEntity function within the file...

7.5CVSS7AI score0.00294EPSS

Tenable Nessus•added 2026/06/03 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-10650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lwssshparseplaintext of the file plugins/protocollwssshbase/sshd.c o...

6.9CVSS5.5AI score0.00428EPSS

Exploits0References3

Vulnrichment•added 2026/06/02 11:45 p.m.•6 views

CVE-2026-10692 johnhuang316 code-index-mcp search_code_advanced is_safe_regex_pattern redos

A weakness has been identified in johnhuang316 code-index-mcp up to 2.14.0. Affected is the function issaferegexpattern of the component searchcodeadvanced. Executing a manipulation of the argument regex can lead to inefficient regular expression complexity. It is possible to launch the attack...

5.3CVSS5.4AI score0.0031EPSS