CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

271 matches found

NVD•added 2026/06/11 7:16 p.m.•27 views

CVE-2026-47162

Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave in the netrw plugin runtime/pack/dist/opt/netrw/autoload/netrw.vim when serializing browsed directory paths to the history file /.vim/.netrwhist. A...

8.8CVSS0.00269EPSS

Exploits0References3

Spring Security Advisories•added 2026/05/12 12:0 a.m.•9 views

This Week in Spring - May 12th, 2026

Hi, Spring fans! As I write this I am in Miami, FL at the CodeRemix.ai show, focused on the wide and wonderful world of OpenRewrite and Moderne. I've got a talk to give so let's dive right into it! a quick note about the upcoming release train dates in last week's installment of A Bootiful Podcas...

5.8AI score

Exploits0

Spring Security Advisories•added 2026/05/05 12:0 a.m.•4 views

This Week in Spring - May 5th, 2026

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's May 5th, 2026, and I'm in Mainz, Germany, for the legendary JAX conference! It's been infinitely far too long since I've been at this amazing show, and I'm oh-so happy to be back here! Tonight, after my two talks here, I...

5.8AI score

Exploits0

Vulnrichment•added 2026/02/19 7:7 p.m.•5 views

CVE-2026-26189 Trivy Action has a script injection via sourced env file in composite action

Trivy Action runs Trivy as GitHub action to scan a Docker container image for vulnerabilities. A command injection vulnerability exists in aquasecurity/trivy-action versions 0.31.0 through 0.33.1 due to improper handling of action inputs when exporting environment variables. The action writes...

5.9CVSS5.9AI score0.01298EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 8:51 a.m.•2 views

CVE-2021-2263

Vulnerability in the Oracle Sourcing product of Oracle E-Business Suite component: Intelligence, RFx. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Sourcing. Successful...

8.1CVSS6.5AI score0.00987EPSS

Exploits0References1

OSV•added 2025/12/04 3:15 p.m.•2 views

CVE-2025-54306

An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. A remote code execution vulnerability exists in the network configuration functionality, stemming from insufficient input validation when processing network configuration parameters through administrative...

7.2CVSS6.6AI score0.00682EPSS

Exploits0References3