Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23576 matches found

Nuclei
Nucleiadded 10 hours ago37 views

SuperWebMailer 9.00.0.01710 - Cross-Site Scripting

An issue was discovered in SuperWebMailer 9.00.0.01710 allowing XSS via crafted incorrect passwords. id: CVE-2023-38192 info: name: SuperWebMailer 9.00.0.01710 - Cross-Site Scripting author: ritikchaddha severity: medium description: | An issue was discovered in SuperWebMailer 9.00.0.01710 allowi...

6.1CVSS6.3AI score0.01116EPSS
Exploits1References3
Nuclei
Nucleiadded 10 hours ago31 views

Reprise License Manager 14.2 - Cross-Site Scripting

Reprise License Manager 14.2 contains a cross-site scripting vulnerability in the /goform/activateprocess "count" parameter via GET. id: CVE-2021-45422 info: name: Reprise License Manager 14.2 - Cross-Site Scripting author: edoardottt severity: medium description: | Reprise License Manager 14.2...

6.1CVSS6.2AI score0.03313EPSS
Exploits3References5
Nuclei
Nucleiadded 10 hours ago15 views

WordPress Post Status Notifier Lite <1.10.1 - Cross-Site Scripting

WordPress Post Status Notifier Lite plugin before 1.10.1 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the...

6.1CVSS6.4AI score0.00902EPSS
Exploits2References3
Nuclei
Nucleiadded 10 hours ago79 views

CData API Server < 23.4.8844 - Path Traversal

A path traversal vulnerability exists in the Java version of CData API Server 23.4.8844 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application. id: CVE-2024-31848 info: name: CData API Server...

9.8CVSS7.4AI score0.08151EPSS
Exploits1References5
Nuclei
Nucleiadded 10 hours ago22 views

Emlog Pro v2.1.14 - Cross-Site Scripting

Cross Site Scripting XSS vulnerability in Emlog Pro v2.1.14 via /admin/store.php. id: CVE-2023-41621 info: name: Emlog Pro v2.1.14 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Cross Site Scripting XSS vulnerability in Emlog Pro v2.1.14 via /admin/store.php. impact: ...

6.1CVSS6.3AI score0.01146EPSS
Exploits1References2
Nuclei
Nucleiadded 10 hours ago29 views

Jenkins build-metrics 1.3 - Cross-Site Scripting

Jenkins build-metrics 1.3 is vulnerable to a reflected cross-site scripting vulnerability that allows attackers to inject arbitrary HTML and JavaScript into the web pages the plugin provides. id: CVE-2019-10475 info: name: Jenkins build-metrics 1.3 - Cross-Site Scripting author: madrobot severity...

6.1CVSS6.4AI score0.57735EPSS
Exploits5References5
Circl
Circladded 15 hours ago8 views

CVE-2026-54233

creationtimestamp| type| source ---|---|--- 2026-06-23 00:17:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mow4qv4vqu2m...

6.5CVSS5.8AI score0.0003EPSS
Exploits0References1
NVD
NVDadded yesterday6 views

CVE-2026-56323

Capgo before 12.128.2 contains an information disclosure vulnerability in the /functions/v1/channelself endpoint that allows unauthenticated attackers to enumerate non-public channel names and determine app existence and subscription status. Remote attackers can send GET requests with arbitrary...

8.7CVSS
Exploits0References2
EUVD
EUVDadded yesterday4 views

EUVD-2026-38373

Capgo before 12.128.2 contains an information disclosure vulnerability in the /functions/v1/channelself endpoint that allows unauthenticated attackers to enumerate non-public channel names and determine app existence and subscription status. Remote attackers can send GET requests with arbitrary...

8.7CVSS5.9AI score
Exploits0References2
CVE
CVEadded yesterday5 views

CVE-2026-56323

Capgo CVE-2026-56323 affects Capgo before 12.128.2. The /functions/v1/channel_self endpoint allows unauthenticated information disclosure, enabling enumeration of non-public channel names, app existence, and subscription status. Remote attackers can issue GET requests with arbitrary app_id to rev...

8.7CVSS5.9AI score
Exploits0References2
RedHat Linux
RedHat Linuxadded yesterday4 views

httpd: mod_md: unrestricted OCSP response leads to resource exhaustion

A flaw was found in the modmd module of httpd. When processing OCSP Online Certificate Status Protocol responses from a malicious or compromised OCSP responder, the module fails to enforce proper size limits on the incoming data. This issue leads to memory exhaustion and a denial of service...

7.3CVSS5.8AI score0.00628EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded yesterday4 views

httpd: mod_md: unrestricted OCSP response leads to resource exhaustion

A flaw was found in the modmd module of httpd. When processing OCSP Online Certificate Status Protocol responses from a malicious or compromised OCSP responder, the module fails to enforce proper size limits on the incoming data. This issue leads to memory exhaustion and a denial of service...

7.3CVSS5.8AI score0.00628EPSS
Exploits0References5
OSV
OSVadded yesterday3 views

MINI-WRJG-485M-87R3

Bulletin has no description...

8.1CVSS5.8AI score
Exploits0
CVE
CVEadded yesterday10 views

CVE-2026-8074

Mattermost CVE-2026-8074 affects Mattermost versions 11.7.x (&lt;=11.7.0) and 10.11.x (

3.8CVSS5.9AI score
Exploits0References1
OSV
OSVadded yesterday6 views

ROOT-APP-MAVEN-CVE-2021-46877 CVE-2021-46877 in io.root.com.fasterxml.jackson.core:jackson-databind - Patched by Root

Root has patched CVE-2021-46877 in the io.root.com.fasterxml.jackson.core:jackson-databind package for Root:Maven. Multiple fixed versions available...

7.5CVSS7.1AI score0.01124EPSS
Exploits1
OSV
OSVadded yesterday4 views

ROOT-OS-UBUNTU-2404-CVE-2026-31487 CVE-2026-31487 in rootio-linux - Patched by Root

Root has patched CVE-2026-31487 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.5CVSS5.8AI score0.00094EPSS
Exploits0
OSV
OSVadded yesterday4 views

ROOT-OS-UBUNTU-2404-CVE-2026-43115 CVE-2026-43115 in rootio-linux - Patched by Root

Root has patched CVE-2026-43115 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.5CVSS5.8AI score0.001EPSS
Exploits0
OSV
OSVadded yesterday3 views

ROOT-OS-UBUNTU-2404-CVE-2025-37846 CVE-2025-37846 in rootio-linux - Patched by Root

Root has patched CVE-2025-37846 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

7.1CVSS7.5AI score0.00225EPSS
Exploits0
OSV
OSVadded yesterday2 views

ROOT-OS-UBUNTU-2404-CVE-2026-23351 CVE-2026-23351 in rootio-linux - Patched by Root

Root has patched CVE-2026-23351 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

7.8CVSS5.9AI score0.00119EPSS
Exploits0
OSV
OSVadded yesterday3 views

ROOT-OS-UBUNTU-2404-CVE-2026-23091 CVE-2026-23091 in rootio-linux - Patched by Root

Root has patched CVE-2026-23091 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.5CVSS5.4AI score0.00123EPSS
Exploits0
Rows per page
Query Builder