Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12172 matches found

OSV
OSVadded 2026/03/27 2:0 p.m.1 views

CVE-2026-33748 BuildKit Git URL subdir component can cause access to restricted files

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, insufficient validation of Git URL fragment subdir components may allow access to files outside the checked-out Git repository root. Possible access is...

8.2CVSS5.8AI score0.00032EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/03/27 2:0 p.m.0 views

CVE-2026-33748 BuildKit Git URL subdir component can cause access to restricted files

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, insufficient validation of Git URL fragment subdir components may allow access to files outside the checked-out Git repository root. Possible access is...

8.2CVSS5.8AI score0.00032EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2026/03/27 2:0 p.m.2 views

CVE-2026-33748

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, insufficient validation of Git URL fragment subdir components may allow access to files outside the checked-out Git repository root. Possible access is...

8.2CVSS5.8AI score0.00032EPSS
Exploits0
Circl
Circladded 2026/03/27 12:52 p.m.2 views

CVE-2026-34243

creationtimestamp| type| source ---|---|--- 2026-03-27 12:52:58+00:00| published-proof-of-concept| https://github.com/njzjz/wenxian/security/advisories/GHSA-r4fj-r33x-8v88 2026-03-31 16:28:40+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mieluuzr2r2c 2026-03-31...

9.8CVSS5.3AI score0.00081EPSS
Exploits1References5
Circl
Circladded 2026/03/27 9:0 a.m.0 views

CVE-2026-27858

creationtimestamp| type| source ---|---|--- 2026-03-27 09:00:45+00:00| seen| https://infosec.exchange/users/offseq/statuses/116300319602682921 2026-03-27 09:00:47+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mhzqyd3ezr2r 2026-03-27 11:16:46+00:00| seen|...

7.5CVSS4.7AI score0.00048EPSS
Exploits0References4
Circl
Circladded 2026/03/27 4:5 a.m.3 views

CVE-2026-4908

creationtimestamp| type| source ---|---|--- 2026-03-27 04:05:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhzahqhxyx24 2026-03-27 05:02:51+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mhzdovd6w72z 2026-03-27 05:15:30+00:00| published-proof-of-concept|...

9.8CVSS7.3AI score0.00015EPSS
Exploits1References3
Circl
Circladded 2026/03/27 3:17 a.m.7 views

CVE-2026-33725

creationtimestamp| type| source ---|---|--- 2026-03-27 03:17:50+00:00| published-proof-of-concept| Telegram/GblWBcVIPYIrXGBoPy7bAM0O64UdRepvGT6caCd3l3fA 2026-04-24 08:31:48+00:00| published-proof-of-concept| Telegram/LtB9Y94c6PJKjHswsiVaIiSzQ94DvfwAx2TFj5qjA9N4fg 2026-04-24 08:31:50+00:00|...

7.2CVSS4.8AI score0.00184EPSS
Exploits1References1
Circl
Circladded 2026/03/27 2:50 a.m.5 views

CVE-2026-33701

creationtimestamp| type| source ---|---|--- 2026-03-27 02:50:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhz4bjog5422 2026-03-27 03:00:30+00:00| seen| https://infosec.exchange/users/offseq/statuses/116298903055981699 2026-03-27 03:00:32+00:00| seen|...

9.8CVSS5.3AI score0.00214EPSS
Exploits1References7
Circl
Circladded 2026/03/27 1:30 a.m.1 views

CVE-2026-33728

creationtimestamp| type| source ---|---|--- 2026-03-27 01:30:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mhyxta3ux52y 2026-03-27 01:30:32+00:00| seen| https://infosec.exchange/users/offseq/statuses/116298549180324287 2026-03-27 03:05:08+00:00| seen|...

9.8CVSS4.8AI score0.00207EPSS
Exploits0References4
Circl
Circladded 2026/03/27 1:0 a.m.2 views

CVE-2026-33697

creationtimestamp| type| source ---|---|--- 2026-03-27 01:00:02+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhyw4nni6v2s 2026-03-27 01:00:25+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhyw5dztap2m 2026-03-27 01:18:53+00:00| seen|...

7.5CVSS4.8AI score0.00005EPSS
Exploits0References3
Circl
Circladded 2026/03/27 12:1 a.m.3 views

CVE-2026-33898

creationtimestamp| type| source ---|---|--- 2026-03-27 00:01:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhysuuob4v2n 2026-03-27 01:00:09+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhyw4vmu3g2w 2026-03-27 01:00:34+00:00| seen|...

8.8CVSS4.7AI score0.00028EPSS
Exploits0References3
FreeBSD
FreeBSDadded 2026/03/27 12:0 a.m.7 views

Grafana -- Public dashboards discloses all direct mode datasources

https://grafana.com/security/security-advisories/cve-2026-27877 reports: When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encourage all direct data-source...

7.5CVSS5.8AI score0.00017EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/03/27 12:0 a.m.3 views

Grafana 安全漏洞

Grafana is a set of open-source monitoring tools developed by Grafana Open Source, which provide a visual monitoring interface. This tool is primarily used for monitoring and analyzing Graphite, InfluxDB, and Prometheus. Grafana has security vulnerabilities; these vulnerabilities arise from...

7.5CVSS5.8AI score0.00017EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/03/27 12:0 a.m.2 views

PT-2026-28370

Name of the Vulnerable Software and Affected Versions Versions affected versions not specified Description When using public dashboards and direct data-sources, passwords for direct data-sources are exposed even if they are not actively used in dashboards. Passwords for proxied data-sources are n...

9.8CVSS5.6AI score0.00398EPSS
Exploits4References59
Circl
Circladded 2026/03/26 11:59 p.m.3 views

CVE-2026-33945

creationtimestamp| type| source ---|---|--- 2026-03-26 23:59:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhysrbvxdo2i 2026-03-27 00:00:43+00:00| seen| https://infosec.exchange/users/offseq/statuses/116298196062602424 2026-03-27 00:00:44+00:00| seen|...

9.9CVSS4.7AI score0.0003EPSS
Exploits0References5
Circl
Circladded 2026/03/26 10:18 p.m.2 views

CVE-2026-33686

creationtimestamp| type| source ---|---|--- 2026-03-26 22:18:35+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhyn3ypzwa2x 2026-03-26 22:18:36+00:00| seen| https://bsky.app/profile/potato.software/post/3mhyn3zn4td2z 2026-03-26 22:56:19+00:00| seen|...

8.8CVSS5.3AI score0.00031EPSS
Exploits0References5
Circl
Circladded 2026/03/26 7:30 p.m.2 views

CVE-2026-33152

creationtimestamp| type| source ---|---|--- 2026-03-26 19:30:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116297133534658631 2026-03-26 19:30:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mhydphpyav2b 2026-03-26 20:34:21+00:00| seen|...

9.1CVSS4.8AI score0.00039EPSS
Exploits1References4
Circl
Circladded 2026/03/26 7:16 p.m.1 views

CVE-2026-33530

creationtimestamp| type| source ---|---|--- 2026-03-26 19:16:15+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-33530 2026-03-26 19:57:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhyfafsvbz2n 2026-03-26 21:01:09+00:00| seen|...

7.7CVSS4.8AI score0.00041EPSS
Exploits0References4
Snyk
Snykadded 2026/03/26 6:27 p.m.3 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack when processing Git URL fragment subdir components. An attacker can access files outside the intended Git repository root by specifying a crafted subdir value in the URL fragment. Note: This is only exploitable if builds...

8.2CVSS5.9AI score0.00032EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2026/03/26 6:27 p.m.3 views

BuildKit Git URL subdir component can cause access to restricted files

Impact Insufficient validation of Git URL fragment subdir components :, docs may allow access to files outside the checked-out Git repository root. Possible access is limited to files on the same mounted filesystem. Patches The issue has been fixed in version v0.28.1 Workarounds The issue affects...

8.2CVSS5.7AI score0.00032EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder