CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

8.6CVSS5.9AI score0.00101EPSS

Microsoft Purview 代码问题漏洞

Microsoft Purview is a data security and management software developed by the American company Microsoft. There is a code vulnerability in Microsoft Purview, which stems from server-side request forgery. This vulnerability could allow unauthorized attackers to gain elevated privileges through the...

Tenable Nessus•added 2026/03/19 12:0 a.m.•3 views

FreeBSD : Roundcube -- Multiple vulnerabilities (c5b93cb5-2363-11f1-81da-8447094a420f)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c5b93cb5-2363-11f1-81da-8447094a420f advisory. The Roundcube project reports: pre-auth arbitrary file write via unsafe deserialization in redis/memcac...

6AI score

Positive Technologies•added 2026/03/19 12:0 a.m.•2 views

PT-2026-26229

OpenClaw versions prior to 2026.3.1 contain a server-side request forgery vulnerability in web search citation redirect resolution that uses a private-network-allowing SSRF policy. An attacker who can influence citation redirect targets can trigger internal-network requests from the OpenClaw host...

7.4CVSS5.8AI score0.00062EPSS

Exploits0References8

10CVSS5.8AI score0.00108EPSS

Microsoft Azure Cloud Shell 代码问题漏洞

Microsoft Azure Cloud Shell is a browser-based cloud command-line environment developed by Microsoft Corporation. There is a code vulnerability in Microsoft Azure Cloud Shell, which stems from a server-side request forgeing issue. This vulnerability could allow unauthorized attackers to escalate...

7.5CVSS5.9AI score0.00021EPSS

SuiteCRM 代码问题漏洞

SuiteCRM is a customer relationship management system developed by the SuiteCRM team. Versions of SuiteCRM prior to 7.15.1 and 8.9.3 had code vulnerabilities. These vulnerabilities stemmed from a server-side request forgeing vulnerability present in the RSS Feed Dashlet component, which could lea...

Positive Technologies•added 2026/03/19 12:0 a.m.•4 views

PT-2026-26445

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Prior to versions 7.15.1 and 8.9.3, it is possible to create PDF templates with tags. When a PDF is exported using this template, the content for example, is rendered server side, and thus a...

5CVSS5.8AI score0.00044EPSS

Exploits0References4

7.5CVSS5.8AI score0.00056EPSS

wgcloud 安全漏洞

WGCloud is a lightweight distributed server monitoring and operation system developed by Tianshiyeben as an individual developer. Version 3.6.3 of WGCloud contains a security vulnerability. This vulnerability stems from a connection testing feature in the backend database management system, which...

Exploits1References2

CNNVD•added 2026/03/19 12:0 a.m.•2 views

Autogram 安全漏洞

Autogram is a multi-platform file signature and verification desktop application developed by Slovensko.Digital. There is a security vulnerability in Autogram, which stems from improper restrictions on XML external entity references in the XMLUtils.java file. This vulnerability could allow remote...

8.6CVSS5.8AI score0.00066EPSS

9.9CVSS5.8AI score0.00043EPSS

Microsoft 365 Copilot Business Chat 代码问题漏洞

Microsoft 365 Copilot Business Chat is an AI chat software developed by Microsoft Corporation in the United States. There are code-related vulnerabilities in Microsoft 365 Copilot Business Chat. These vulnerabilities stem from server-side request forgery, which may allow authorized attackers to...

Positive Technologies•added 2026/03/19 12:0 a.m.•5 views

PT-2026-26337

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, users with the Notes - my encounters role can fill Eye Exam forms in patient encounters. The answers to the form can be printed out in PDF form. An Out-of-Band Server-Side...

7.6CVSS5.8AI score0.0014EPSS

Exploits1References5

Vulnrichment•added 2026/03/19 12:0 a.m.•2 views

CVE-2026-30404

The backend database management connection test feature in wgcloud v3.6.3 has a server-side request forgery SSRF vulnerability. This issue can be exploited to make the server send requests to probe the internal network, remotely download malicious files, and perform other dangerous operations...

5.8AI score0.00056EPSS

Exploits1References2

7.5CVSS5.9AI score0.00092EPSS

Microsoft Bing 代码问题漏洞

Microsoft Bing is a web search engine developed by Microsoft Corporation in the United States. There are code vulnerabilities in Microsoft Bing, which stem from server-side request forgery attacks. These vulnerabilities may allow unauthorized attackers to perform tampering through the network...

CNNVD•added 2026/03/19 12:0 a.m.•5 views

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.2.22 had code-related vulnerabilities. These vulnerabilities stemmed from inconsistent validation of redirection chains, which could allow attackers to bypass SSRF protection...

6.5CVSS5.8AI score0.00042EPSS

Exploits0References4

7.1CVSS6.1AI score0.0196EPSS

BMC FootPrints 代码问题漏洞

BMC FootPrints is an IT service management and ticket tracking system provided by the American company BMC. Versions of BMC FootPrints prior to 20.24.01.001 contained code vulnerabilities. These vulnerabilities stemmed from a flaw in the searchWeb API component, where blind server-side request...

Exploits1References3

7.4CVSS5.9AI score0.00062EPSS

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.1 had code vulnerabilities. These vulnerabilities stemmed from server-side request forgeing during the redirection resolution of websearch, which could lead to requests being ma...