CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added yesterday•3 views

CVE-2026-35212

Exploits0References2Affected Software1

CVE•added yesterday•8 views

CVE-2026-35212

OpenCTI vulnerability CVE-2026-35212: XSS in rendering of email-message observable body data due to insufficient sanitization in versions prior to 7.260227.0. The body content is rendered without proper sanitization, requiring user interaction and could be triggered by sharing STIX or ingesters, ...

EUVD•added yesterday•4 views

EUVD-2026-34035

Vulnrichment•added yesterday•3 views

CVE-2026-35212 OpenCTI has XSS in the rendering of email-message observable body data

HackRead•added 2 days ago•8 views

Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accounts

pretalx XSS flaw lets attackers hijack conference organizer accounts, steal sessions, auto-accept talks, and demote admins. Patched in v2026.1.0...

5.8AI score

Exploits0

EUVD•added 6 days ago•6 views

EUVD-2026-33055

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, LinkAce contains a stored cross-site scripting vulnerability that allows a low-privilege user to execute arbitrary JavaScript in an administrator's browser session. This affects instances configured with SSO/OAuth...

8.5CVSS5.9AI score0.00094EPSS

Github Security Blog•added 2026/05/26 5:39 p.m.•12 views

Typebot has Stored XSS via Rating Block Custom Icon that Bypasses isUnsafe Sandbox in Builder Preview

Summary The rating block's custom icon feature accepts arbitrary HTML/SVG via the customIcon.svg field and renders it using Solid's innerHTML directive without any sanitization. When a malicious typebot is imported or crafted by a workspace collaborator, the payload executes in the builder's DOM...

8.7CVSS6.1AI score0.00031EPSS

Exploits0References6Affected Software1

NVD•added 2026/05/20 10:16 p.m.•7 views

CVE-2026-39960

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and below contain flawed logic that causes improper escaping of a textarea custom field's contents in the Update Issue page, bugupdatepage.php allowing an attacker to inject HTML and, if CSP settings permit, execute...

5.4CVSS0.00033EPSS

ATTACKERKB•added 2026/05/20 9:11 p.m.•3 views

CVE-2026-39960

5.4CVSS6AI score0.00033EPSS

Exploits0References3Affected Software1

EUVD•added 2026/05/20 9:11 p.m.•7 views

EUVD-2026-31192

5.4CVSS6AI score0.00033EPSS

CNNVD•added 2026/05/20 12:0 a.m.•4 views

Mantis Bug Tracker 跨站脚本漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker 2.28.1 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from improper escaping of custom field contents in the update page, allowing attackers ...

5.4CVSS5.9AI score0.00033EPSS

Cvelist•added 2026/05/16 3:25 p.m.•29 views

CVE-2020-37233 WordPress Plugin Buddypress 6.2.0 Persistent Cross-Site Scripting

WordPress Plugin Buddypress 6.2.0 contains a persistent cross-site scripting vulnerability that allows authenticated attackers with moderator privileges to inject malicious script code through the figure parameter in wp:html blocks. Attackers can inject iframe elements with event handlers like...

6.4CVSS0.00032EPSS

Exploits0References3

Snyk•added 2026/05/14 8:17 p.m.•6 views

Reliance on File Name or Extension of Externally-Supplied File

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Reliance on File Name or Extension of Externally-Supplied File via the audio transcription upload process. An attacker can execute arbitrary JavaScript in the context of another user's session by uploading a...

8.7CVSS6.1AI score0.00006EPSS

Exploits1References4

OSV•added 2026/05/14 8:17 p.m.•3 views

GHSA-W727-595X-PC3R pyLoad Has Incomplete Fix for CVE-2026-33509 -storage_folder Bypass via Session Directory in pyLoad

Summary The fix for CVE-2026-33509 prevents setting storagefolder inside PKGDIR or userdir, but does NOT protect the Flask session directory /tmp/pyLoad/flask. An authenticated attacker can set storagefolder to the session directory and download session files of other users via /files/get/, leadi...

6.5CVSS5.8AI score0.00028EPSS

Exploits0References3

Snyk•added 2026/05/11 7:34 p.m.•4 views

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper escaping of textarea custom field contents in the bugupdatepage.php process. An attacker can inject HTML and, if content security policy settings allow,...

5.4CVSS5.8AI score0.00033EPSS

Positive Technologies•added 2026/05/11 12:0 a.m.•11 views

PT-2026-39880

Name of the Vulnerable Software and Affected Versions Mantis Bug Tracker MantisBT versions prior to 2.28.2 Description Flawed logic in the Update Issue page 'bug update page.php' causes improper escaping of textarea custom field contents. This allows an authenticated user with low-privilege bug...

5.4CVSS6.2AI score0.00033EPSS

Exploits0References6

OSV•added 2026/05/09 12:31 p.m.•4 views

OESA-2026-2218 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. MultiPartParser allows remote attackers to degrade performance by submitting multipart uploads wi...

9.8CVSS5.8AI score0.00051EPSS

Exploits1References9

NVD•added 2026/05/08 11:16 p.m.•6 views

CVE-2026-42451

Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting XSS vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary JavaScript in a crafted EPUB file. When a victim opens the book, the script executes in their browser wi...

6.3CVSS0.00008EPSS