Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

105 matches found

EUVD
EUVDadded 2026/05/21 12:47 a.m.14 views

EUVD-2026-31205

A missing authentication vulnerability exists in the Altium 365 SearchService. A legacy SOAP endpoint exposes search index operations without requiring authentication, session tokens, or any form of identity verification. An unauthenticated network attacker who can reference a target workspace's...

10CVSS5.8AI score0.00079EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/21 12:47 a.m.6 views

CVE-2026-9152 Unauthenticated SOAP Endpoint in Altium 365 SearchService Allows Cross-Tenant Data Exfiltration and Index Destruction

A missing authentication vulnerability exists in the Altium 365 SearchService. A legacy SOAP endpoint exposes search index operations without requiring authentication, session tokens, or any form of identity verification. An unauthenticated network attacker who can reference a target workspace's...

10CVSS5.8AI score0.00079EPSS
Exploits0References1
CVE
CVEadded 2026/05/21 12:47 a.m.19 views

CVE-2026-9152

The CVE-2026-9152 entry concerns Altium 365 SearchService with an unauthenticated legacy SOAP endpoint that exposes search index operations. The root cause is lack of authentication/identity verification, enabling an unauthenticated attacker who knows a workspace identifier to access and manipula...

10CVSS5.8AI score0.00079EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/05/21 12:0 a.m.7 views

PT-2026-42360

A missing authentication vulnerability exists in the Altium 365 SearchService. A legacy SOAP endpoint exposes search index operations without requiring authentication, session tokens, or any form of identity verification. An unauthenticated network attacker who can reference a target workspace's...

10CVSS5.8AI score0.00079EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/14 4:58 p.m.22 views

CVE-2026-27909 Windows Search Service Elevation of Privilege Vulnerability

...

7.8CVSS0.00076EPSS
Exploits0References1
CVE
CVEadded 2026/04/14 4:58 p.m.12 views

CVE-2026-27909

CVE-2026-27909 is a Windows Search Component elevation-of-privilege vulnerability (use-after-free) that could allow an authenticated local attacker to gain SYSTEM privileges. Connected advisories confirm the issue and indicate Microsoft has fixed vulnerabilities across Windows components in April...

7.8CVSS5.7AI score0.00076EPSS
Exploits0References1Affected Software14
Vulnrichment
Vulnrichmentadded 2026/04/14 4:58 p.m.2 views

CVE-2026-27909 Windows Search Service Elevation of Privilege Vulnerability

...

7.8CVSS6.2AI score0.00076EPSS
Exploits0References1
Microsoft CVE
Microsoft CVEadded 2026/04/14 2:0 p.m.3 views

Windows Search Service Elevation of Privilege Vulnerability

Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.00076EPSS
Exploits0
EUVD
EUVDadded 2026/04/05 12:30 p.m.3 views

EUVD-2026-19075

A weakness has been identified in code-projects Simple Laundry System 1.0. Affected by this vulnerability is an unknown functionality of the file /searchguest.php of the component Parameter Handler. This manipulation of the argument searchServiceId causes sql injection. The attack may be initiate...

7.5CVSS5.7AI score0.00043EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/04/05 11:30 a.m.0 views

CVE-2026-5564 code-projects Simple Laundry System Parameter searchguest.php sql injection

A weakness has been identified in code-projects Simple Laundry System 1.0. Affected by this vulnerability is an unknown functionality of the file /searchguest.php of the component Parameter Handler. This manipulation of the argument searchServiceId causes sql injection. The attack may be initiate...

7.5CVSS6.8AI score0.00043EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/04/05 12:0 a.m.2 views

PT-2026-30434

A weakness has been identified in code-projects Simple Laundry System 1.0. Affected by this vulnerability is an unknown functionality of the file /searchguest.php of the component Parameter Handler. This manipulation of the argument searchServiceId causes sql injection. The attack may be initiate...

7.5CVSS6.8AI score0.00043EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2025/11/25 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-62395

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing...

4.3CVSS6AI score0.00044EPSS
Exploits0References2
OSV
OSVadded 2025/11/17 11:47 p.m.1 views

BIT-MOODLE-2025-62395 Moodle: external cohort search service leaks system cohort data

A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...

4.3CVSS6.4AI score0.00044EPSS
Exploits0References3
NVD
NVDadded 2025/10/23 12:15 p.m.2 views

CVE-2025-62395

A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...

4.3CVSS0.00044EPSS
Exploits0References2
OSV
OSVadded 2025/10/23 12:15 p.m.3 views

UBUNTU-CVE-2025-62395

A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...

4.3CVSS5.8AI score0.00044EPSS
Exploits0References4
CVE
CVEadded 2025/10/23 11:29 a.m.23 views

CVE-2025-62395

CVE-2025-62395 affects Moodle LMS via a flaw in the cohort search web service. The issue allows users with permissions in lower contexts to access cohort information from the system context, potentially exposing restricted administrative data. The Connected documents confirm the vulnerability des...

4.3CVSS6.1AI score0.00044EPSS
Exploits0References2Affected Software1
EUVD
EUVDadded 2025/10/23 11:29 a.m.3 views

EUVD-2025-35666

A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...

4.3CVSS6AI score0.00044EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/10/23 12:0 a.m.2 views

PT-2025-43443

Name of the Vulnerable Software and Affected Versions cohort search web service affected versions not specified Description A flaw exists in the cohort search web service that allows users with limited permissions to access cohort information intended for system-level access. This results in the...

4.3CVSS6.2AI score0.00044EPSS
Exploits0References12
RedhatCVE
RedhatCVEadded 2025/10/16 3:19 p.m.3 views

CVE-2025-62395

A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...

4.3CVSS6.5AI score0.00044EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/10/14 5:1 p.m.5 views

CVE-2025-59253 Windows Search Service Denial of Service Vulnerability

...

5.5CVSS0.00056EPSS
Exploits0References1
Rows per page
Query Builder