CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Circl•added yesterday•3 views

CVE-2026-56285

creationtimestamp| type| source ---|---|--- 2026-06-29 18:52:45+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mph5vfc7nj2t 2026-06-29 22:00:03+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mphiebwibr25 2026-06-29 22:05:57+00:00| seen|...

8.6CVSS5.8AI score

Circl•added 3 days ago•10 views

CVE-2026-13295

creationtimestamp| type| source ---|---|--- 2026-06-27 09:58:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpb74x3lvn2b 2026-06-27 15:16:09+00:00| seen| https://bsky.app/profile/potato.software/post/3mpbquatp6e2i 2026-06-27 15:16:09+00:00| seen|...

6.4CVSS5.8AI score0.00241EPSS

Circl•added 4 days ago•6 views

CVE-2021-47987

creationtimestamp| type| source ---|---|--- 2026-06-26 02:47:41+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mp5wkxsk6n2h...

7.7CVSS5.8AI score0.0012EPSS

Circl•added 5 days ago•5 views

CVE-2026-55962

creationtimestamp| type| source ---|---|--- 2026-06-25 21:50:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp5fy2nkfc2s...

6.5CVSS5.8AI score0.00143EPSS

NVD•added 5 days ago•4 views

CVE-2026-47146

In EmberZNet v9.0.2 and earlier, malformed Color Control messages can lead to asserts that terminate the process. These messages must come from a device that has already joined the network. Only devices supporting the Color Control cluster may be impacted...

7.1CVSS0.00249EPSS

Circl•added 5 days ago•7 views

CVE-2026-8658

creationtimestamp| type| source ---|---|--- 2026-06-25 06:04:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp3r4c3iew2b 2026-06-29 21:46:13+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mphhlkyfhu2b...

8.8CVSS5.8AI score0.00729EPSS

Nuclei•added 5 days ago•23 views

Ruby on Rails - Open Redirect via Host Header Injection

Ruby on Rails action pack before 6.1.2.1, 6.0.3.5 contains an open redirect caused by special crafted Host headers in combination with allowed host formats, letting attackers redirect users to malicious websites, exploit requires attacker to control Host headers. id: CVE-2021-22881 info: name: Ru...

6.1CVSS6.6AI score0.87301EPSS

Exploits1References2

Circl•added 5 days ago•5 views

CVE-2026-37106

creationtimestamp| type| source ---|---|--- 2026-06-25 03:16:32+00:00| seen| https://gist.github.com/KyrieKlay/3260f4eeea025f2cd1daa7eb1360c5a1...

5.8AI score

Circl•added 6 days ago•6 views

CVE-2026-56111

creationtimestamp| type| source ---|---|--- 2026-06-24 17:02:36+00:00| seen| https://bsky.app/profile/securitycyberuk.bsky.social/post/3mp2ffu2mqq2o 2026-06-24 18:00:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mp2imyrtgz2d...

9.1CVSS5.8AI score0.00542EPSS

Exploits1References2

Circl•added 6 days ago•6 views

GHSA-WCMJ-X466-56MM

creationtimestamp| type| source ---|---|--- 2026-06-24 03:42:03+00:00| seen| https://gist.github.com/alon710/930931f8715581f8f0d0a4111bb621a6...

5.8AI score

Cvelist•added last week•35 views

CVE-2026-27604 FOSSBilling: Improper API Role Validation (system) Enables Unauthenticated Access to Privileged Admin Functions

FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization bypass in the API role handling allows unauthenticated access to privileged /api/system/ endpoints. Because system resolves to the cron admin identity,...

10CVSS0.00408EPSS

OSSF Malicious Packages•added last week•7 views

Malicious code in new-ecro-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0826d146dbc513ac14f403eaa9ba65dffbd04da52c55ff1840ad153dab96e87 The package publishes verbatim big.js v7.0.1 source including the upstream copyright header, README, repository URL pointing to MikeMcl/big.js, and t...

5.9AI score

OSSF Malicious Packages•added 2026/06/22 6:23 p.m.•9 views

Malicious code in vitest-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27abcc7f2373309feb253b0cc48b1a8bae7c54a3c43aed0c57add697f4067aba Package name vitest-cli impersonates the official Vitest project while declaring empty author, homepage, repository, and bugs metadata. The...

6AI score

Exploits0References6

Circl•added 2026/06/22 3:16 p.m.•6 views

CVE-2026-48970

creationtimestamp| type| source ---|---|--- 2026-06-22 15:16:08+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mov6jlwa6l2v...

8.1CVSS5.8AI score0.00322EPSS

Circl•added 2026/06/22 5:1 a.m.•5 views

CVE-2026-35221

creationtimestamp| type| source ---|---|--- 2026-06-22 05:01:44+00:00| seen| https://bsky.app/profile/securitycyberuk.bsky.social/post/3mou46ywiit2v...

9.8CVSS5.8AI score0.0031EPSS

Circl•added 2026/06/22 4:30 a.m.•5 views

CVE-2026-6645

creationtimestamp| type| source ---|---|--- 2026-06-22 04:30:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116791877623901189 2026-06-22 04:30:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mou2gzwtck2t 2026-06-22 04:37:44+00:00| seen|...

7.3CVSS5.8AI score0.00136EPSS

Exploits0References6

Circl•added 2026/06/21 7:30 a.m.•10 views

CVE-2026-12784

creationtimestamp| type| source ---|---|--- 2026-06-21 07:30:27+00:00| seen| https://infosec.exchange/users/offseq/statuses/116786923158989964 2026-06-21 07:30:28+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mortzyyqfs2t 2026-06-21 08:07:01+00:00| seen|...

8.5CVSS7.1AI score0.00113EPSS

Circl•added 2026/06/19 7:54 p.m.•8 views

CVE-2019-25762

creationtimestamp| type| source ---|---|--- 2026-06-19 19:54:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moo4oi4v5b2i...

8.7CVSS5.8AI score0.00442EPSS

Circl•added 2026/06/19 3:42 p.m.•7 views

GHSA-VCV2-R9JH-99M5

creationtimestamp| type| source ---|---|--- 2026-06-19 15:42:13+00:00| seen| https://gist.github.com/alon710/fca46c1ce608de0751f3ec7bdc815dc8...

5.8AI score