Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1123517 matches found

EUVD
EUVDadded 2026/06/01 7:23 a.m.9 views

EUVD-2026-33578

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies every JMS message property into an HTTP response header without any validation. This can allow...

6.1CVSS5.8AI score0.00236EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/06/01 7:23 a.m.7 views

CVE-2026-42253

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies every JMS message property into an HTTP response header without any validation. This can allow...

5.8AI score0.00236EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichmentadded 2026/06/01 7:23 a.m.6 views

CVE-2026-42253 Apache ActiveMQ, Apache ActiveMQ Web: HTTP Response Header Injection via JMS Message Properties

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies every JMS message property into an HTTP response header without any validation. This can allow...

5.8AI score0.00236EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2026/06/01 7:23 a.m.8 views

CVE-2026-42253

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies every JMS message property into an HTTP response header without any validation. This can allow...

6.1CVSS5.8AI score0.00236EPSS
Exploits0
Cvelist
Cvelistadded 2026/06/01 7:0 a.m.36 views

CVE-2026-10234 Mettle sendportal Campaign webview cross site scripting

A vulnerability was detected in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be...

5.1CVSS0.00035EPSS
Exploits0References7
CVE
CVEadded 2026/06/01 7:0 a.m.15 views

CVE-2026-10234

CVE-2026-10234 affects Mettle SendPortal (up to 3.0.1). The vulnerability is a cross-site scripting issue in an unknown part of the file path /webview/ within the Campaign Handler, caused by manipulation of the argument content. It can be exploited remotely, and the exploit is public. No remediat...

5.1CVSS4.2AI score0.00035EPSS
Exploits0References7
Vulnrichment
Vulnrichmentadded 2026/06/01 7:0 a.m.10 views

CVE-2026-10234 Mettle sendportal Campaign webview cross site scripting

A vulnerability was detected in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be...

5.1CVSS4.2AI score0.00035EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 2026/06/01 7:0 a.m.6 views

CVE-2026-10234

A vulnerability was detected in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be...

5.1CVSS4.2AI score0.00035EPSS
Exploits0References7Affected Software1
EUVD
EUVDadded 2026/06/01 7:0 a.m.9 views

EUVD-2026-33568

A vulnerability was detected in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be...

5.1CVSS4.2AI score0.00035EPSS
Exploits0References7
OSV
OSVadded 2026/06/01 6:3 a.m.9 views

RLSA-2026:22142 Important: php:8.3 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...

7.5CVSS5.9AI score0.00123EPSS
Exploits1References5
Rockylinux
Rockylinuxadded 2026/06/01 6:3 a.m.19 views

php:8.3 security update

An update is available for php-pecl-redis6, php, module.php-pecl-redis6, module.php, php-pecl-rrd, module.php-pecl-xdebug3, module.php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-rrd, php-pecl-zip, module.php-pecl-zip, php-pecl-apcu. This update affects Rocky Linux 9. A Common Vulnerability...

8.8CVSS5.5AI score0.00123EPSS
Exploits1
Rockylinux
Rockylinuxadded 2026/06/01 6:3 a.m.20 views

php:8.2 security update

An update is available for php, php-pecl-rrd, module.php, module.php-pecl-xdebug3, module.php-pecl-apcu, php-pecl-xdebug3, module.php-pecl-rrd, php-pecl-zip, module.php-pecl-zip, php-pecl-apcu. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a...

8.8CVSS5.5AI score0.00123EPSS
Exploits1
OSV
OSVadded 2026/06/01 6:3 a.m.7 views

RLSA-2026:22143 Important: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...

7.5CVSS5.9AI score0.00123EPSS
Exploits1References5
EUVD
EUVDadded 2026/06/01 5:30 a.m.10 views

EUVD-2026-33561

A vulnerability was found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admissionformcheck.php. The manipulation of the argument Message results in cross site scripting. The attack can be...

5.1CVSS4.2AI score0.00035EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/01 5:30 a.m.8 views

CVE-2026-10228 raisulislamg4 student_management_system_by_php admission_form_check.php cross site scripting

A vulnerability was found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admissionformcheck.php. The manipulation of the argument Message results in cross site scripting. The attack can be...

5.1CVSS4.2AI score0.00035EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/01 5:30 a.m.9 views

CVE-2026-10228

A vulnerability was found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admissionformcheck.php. The manipulation of the argument Message results in cross site scripting. The attack can be...

5.1CVSS4.2AI score0.00035EPSS
Exploits0References6
CVE
CVEadded 2026/06/01 5:30 a.m.9 views

CVE-2026-10228

Technical details (affected software, components, vulnerable versions, and mitigations) are not publicly available in the provided documents. Monitor for updates and additional disclosures.

5.1CVSS4.2AI score0.00035EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/01 5:30 a.m.33 views

CVE-2026-10228 raisulislamg4 student_management_system_by_php admission_form_check.php cross site scripting

A vulnerability was found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admissionformcheck.php. The manipulation of the argument Message results in cross site scripting. The attack can be...

5.1CVSS0.00035EPSS
Exploits0References6
NVD
NVDadded 2026/06/01 4:16 a.m.11 views

CVE-2026-48209

An improper neutralization of user-controllable input in OTRS or OTRS Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting XSS attacks via crafted request parameters associated with ticket actions. By injecting malicious JavaScript into...

7.1CVSS0.0004EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2026/06/01 3:37 a.m.7 views

php: signed integer overflow in metaphone()

A flaw was found in PHP. The metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. When an input string is longer than 2,147,483,647 bytes, a signed integer overflow can occur, leading to undefined behavior and an...

7.5CVSS5.8AI score0.0009EPSS
Exploits0References5
Rows per page
Query Builder