CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

49 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в ceph

A key length flaw was discovered in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed during the encryption algorithm process, resulting in the creation of a non-random key. Such a key is weaker and can be exploited to compromise the confidentiality...

6.5CVSS6.9AI score0.00275EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в chromium

Before version 97.0.4692.71, using the "After Free" feature in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.5AI score0.00531EPSS

Exploits1References2

CVE•added 2026/03/26 3:37 a.m.•13 views

CVE-2026-4329

The CVE-2026-4329 entry concerns the WordPress plugin “Blackhole for Bad Bots” (versions

7.2CVSS6AI score0.00237EPSS

Exploits0References12

Positive Technologies•added 2026/03/13 12:0 a.m.•4 views

PT-2026-25366

LibreChat is a ChatGPT clone with additional features. From 0.8.2 to 0.8.2-rc3, The MCP Model Context Protocol OAuth callback endpoint accepts the redirect from the identity provider and stores OAuth tokens for the user who initiated the flow, without verifying that the browser hitting the redire...

7.6CVSS5.8AI score0.0004EPSS

Exploits1References8

Vulnrichment•added 2026/03/03 12:0 a.m.•2 views

CVE-2024-55027

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uactemp.db...

5.9AI score0.0001EPSS

Exploits0References2

CNNVD•added 2026/02/07 12:0 a.m.•3 views

WordPress plugin Bold Page Builder 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.7AI score0.00016EPSS

Exploits0References3

NVD•added 2026/01/14 3:16 p.m.•2 views

CVE-2026-22240

The vulnerability exists in BLUVOYIX due to an improper password storage implementation and subsequent exposure via unauthenticated APIs. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable users API to retrieve the...

10CVSS0.00022EPSS

Exploits0References1

Vulnrichment•added 2026/01/14 2:42 p.m.•3 views

CVE-2026-22240 Plaintext Passwords Vulnerability in BLUVOYIX

10CVSS7AI score0.00022EPSS

Exploits0References1

Cvelist•added 2026/01/14 2:42 p.m.•20 views

CVE-2026-22240 Plaintext Passwords Vulnerability in BLUVOYIX

10CVSS0.00022EPSS

Exploits0References1

OSV•added 2026/01/08 5:58 p.m.•2 views

CVE-2025-68158 Authlib: 1-click Account Takeover

Authlib is a Python library which builds OAuth and OpenID Connect servers. In versions 1.0.0 through 1.6.5, cache-backed state/request-token storage is not tied to the initiating user session, so CSRF is possible for any attacker that has a valid state easily obtainable via an attacker-initiated...

5.7CVSS5.8AI score0.00017EPSS

Exploits1References5

NVD•added 2025/12/02 8:15 a.m.•2 views

CVE-2025-10971

Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve Embedded Sensitive Data. This issue affects MeetMe: through v2.2.5...

8.8CVSS0.00015EPSS

Exploits0References1

OSV•added 2025/11/06 10:15 p.m.•2 views

CVE-2025-11216

Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. Chromium security severity: Low...

6.3CVSS5.8AI score

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-12555

Malware in sbrugna...

7.5CVSS7.4AI score0.01885EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-0792

Malware in sbrugna...

8.2CVSS8.2AI score0.00267EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-14814

Malicious code in bioql PyPI...

8CVSS6.4AI score0.00243EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-32203

Malicious code in bioql PyPI...

7.3CVSS7.5AI score0.00049EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-1681

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.0972EPSS

Exploits1References7

SUSE CVE•added 2025/10/01 11:25 p.m.•3 views

SUSE CVE-2025-11216

6.3CVSS6.6AI score0.00031EPSS

Exploits0References3

Positive Technologies•added 2025/01/01 12:0 a.m.•1 views

PT-2025-41495

Name of the Vulnerable Software and Affected Versions Chromium versions prior to 141.0.7390.65 Microsoft Edge versions prior to 141.0.7390.65 Description A use-after-free issue exists in the Storage component of Google Chrome and Microsoft Edge browsers. Exploitation of this issue could allow a...

10CVSS9AI score0.00125EPSS

Exploits1References24

OSV•added 2024/12/13 8:53 p.m.•2 views

CVE-2024-55946 Playloom Engine Data Storage Vulnerability

Playloom Engine is an open-source, high-performance game development engine. Engine Beta v0.0.1 has a security vulnerability related to data storage, specifically when using the collaboration features. When collaborating with another user, they may have access to personal information you have...

8.7CVSS6.7AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by