Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1095 matches found

EUVD
EUVDadded 2026/04/28 4:28 a.m.7 views

EUVD-2026-25987

The Social Post Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Threads embed handler in all versions up to, and including, 2.0.1. This is due to insufficient input sanitization and output escaping on the user-supplied URL. This makes it possible for authenticated...

6.4CVSS5.5AI score0.00195EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/04/28 12:0 a.m.5 views

PT-2026-35660

The Social Post Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Threads embed handler in all versions up to, and including, 2.0.1. This is due to insufficient input sanitization and output escaping on the user-supplied URL. This makes it possible for authenticated...

6.4CVSS5.5AI score0.00195EPSS
Exploits0References9
RedHat Linux
RedHat Linuxadded 2026/04/27 5:38 a.m.1 views

freerdp: FreeRDP heap-use-after-free

A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial-IrpThreads while another reads it...

8.1CVSS5.2AI score0.00286EPSS
Exploits1References6
CVE
CVEadded 2026/04/24 2:42 p.m.17 views

CVE-2026-31628

CVE-2026-31628 concerns the Linux kernel on Zen1 CPUs, where the x86/CPU FPDSS issue could allow a local attacker to leak partial results from prior operations via the hardware divider. Patches fix the vulnerability by applying a kernel change (the “chicken bit”) to prevent leakage. Connected adv...

5.5CVSS5.3AI score0.00125EPSS
Exploits0References9Affected Software1
CNNVD
CNNVDadded 2026/04/24 12:0 a.m.6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the Zen1 hardware divider potentially leaking some results of previous operations under certain...

5.5CVSS5.8AI score0.00125EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/23 9:58 p.m.5 views

CVE-2026-41358

OpenClaw before 2026.4.2 fails to filter Slack thread context by sender allowlist, allowing non-allowlisted messages to enter agent context. Attackers can inject unauthorized thread messages through allowlisted user replies to bypass sender access controls and manipulate model context...

5.4CVSS5.8AI score0.0014EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 2026/04/23 1:25 a.m.2 views

SUSE CVE-2026-31465

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SBINODATAINTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set, sy...

5.4AI score0.00121EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/04/23 12:0 a.m.5 views

PT-2026-34789

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.2 Description OpenClaw fails to filter Slack thread context by sender allowlist, which allows messages from non-allowlisted senders to enter the agent context. This enables attackers to inject unauthorized...

5.4CVSS5.8AI score0.0014EPSS
Exploits0References9
EUVD
EUVDadded 2026/04/22 3:31 p.m.7 views

EUVD-2026-24809

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SBINODATAINTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set, sy...

5.4AI score0.00121EPSS
Exploits0References4
NVD
NVDadded 2026/04/22 2:16 p.m.4 views

CVE-2026-31465

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SBINODATAINTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set, sy...

5.5CVSS0.00121EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/22 1:53 p.m.28 views

CVE-2026-31465 writeback: don't block sync for filesystems with no data integrity guarantees

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SBINODATAINTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set, sy...

0.00121EPSS
Exploits0References3
CVE
CVEadded 2026/04/22 1:53 p.m.11 views

CVE-2026-31465

CVE-2026-31465 in the Linux kernel concerns the writeback path for filesystems without data integrity guarantees (e.g., fuse). The fix adds a SB_I_NO_DATA_INTEGRITY superblock flag; when set, sync kicks off writeback of dirty inodes but does not wait for flusher threads to finish. The change move...

5.5CVSS5.4AI score0.00121EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linuxadded 2026/04/22 7:54 a.m.13 views

freerdp: FreeRDP heap-use-after-free

A heap use after free flaw has been discovered in FreeRDP. A race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial-IrpThreads while another reads it...

8.1CVSS5.7AI score0.00286EPSS
Exploits1References6
CNNVD
CNNVDadded 2026/04/22 12:0 a.m.6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to clear the delayed release list when creating kernel threads. This can lead to memo...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/22 12:0 a.m.2 views

PT-2026-34370

In the Linux kernel, the following vulnerability has been resolved: writeback: don't block sync for filesystems with no data integrity guarantees Add a SB I NO DATA INTEGRITY superblock flag for filesystems that cannot guarantee data persistence on sync eg fuse. For superblocks with this flag set...

5.4AI score0.00121EPSS
Exploits0References4
CVE
CVEadded 2026/04/21 5:4 p.m.7 views

CVE-2026-41189

FreeScout prior to 1.8.215 is vulnerable: customer-thread editing bypasses the assigned-only visibility due to ThreadPolicy::edit() not enforcing ConversationPolicy restrictions, allowing a user who cannot view a conversation to load and edit hidden customer-authored threads. The issue is address...

7.1CVSS5.8AI score0.00223EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/21 5:4 p.m.1 views

EUVD-2026-24193

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, customer-thread editing is authorized through ThreadPolicy::edit, which checks mailbox access but does not apply the assigned-only restriction from ConversationPolicy. A user who cannot view a conversation can...

7.1CVSS5.8AI score0.00223EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/21 5:4 p.m.28 views

CVE-2026-41189 FreeScout has assigned-only visibility bypass that allows editing hidden customer-authored threads

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, customer-thread editing is authorized through ThreadPolicy::edit, which checks mailbox access but does not apply the assigned-only restriction from ConversationPolicy. A user who cannot view a conversation can...

7.1CVSS0.00223EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/04/21 5:4 p.m.2 views

CVE-2026-41189

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, customer-thread editing is authorized through ThreadPolicy::edit, which checks mailbox access but does not apply the assigned-only restriction from ConversationPolicy. A user who cannot view a conversation can...

7.1CVSS5.8AI score0.00223EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/21 5:4 p.m.2 views

CVE-2026-41189 FreeScout has assigned-only visibility bypass that allows editing hidden customer-authored threads

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, customer-thread editing is authorized through ThreadPolicy::edit, which checks mailbox access but does not apply the assigned-only restriction from ConversationPolicy. A user who cannot view a conversation can...

7.1CVSS5.8AI score0.00223EPSS
Exploits0References3
Rows per page
Query Builder