Lucene search
K

341 matches found

CVE
CVE
added 2026/07/02 11:15 a.m.11 views

CVE-2026-57684

CVE-2026-57684 describes a Cross Site Scripting (XSS) vulnerability in WordPress TheFox theme (versions

6.5CVSS5.8AI score0.00171EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 3:16 p.m.5 views

CVE-2026-54847

Unauthenticated Broken Access Control in Stylish Cost Calculator = 8.3.9 versions...

7.5CVSS0.00278EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.5 views

EUVD-2026-39684

Unauthenticated Broken Access Control in Stylish Cost Calculator = 8.3.9 versions...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.15 views

CVE-2026-54847

The CVE-2026-54847 entry concerns the WordPress plugin “Stylish Cost Calculator” (versions

7.5CVSS5.8AI score0.00278EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.10 views

Oracle Linux 9 : python3.9 (ELSA-2026-18693)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18693 advisory. - Security fixes for CVE-2026-4786 and CVE-2026-6100 Resolves: RHEL-167919, RHEL-168161 - Security fix for CVE-2026-4519 Resolves: RHEL-158117 Tenable has...

9.1CVSS7AI score0.00579EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 1:51 p.m.12 views

EUVD-2026-37713

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Travel WP Travel Gutenberg Blocks allows Blind SQL Injection. This issue affects WP Travel Gutenberg Blocks: from n/a through 3.9.4...

9.3CVSS5.6AI score0.00317EPSS
Exploits0References1
NVD
NVD
added 2026/06/15 9:16 p.m.9 views

CVE-2026-42651

Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...

6.3CVSS0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:41 p.m.33 views

CVE-2026-48714 i18next-http-middleware missingKeyHandler does not reject keys whose segments contain prototype-polluting names

i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. In versions prior to 3.9.7, the missingKeyHandler blocked the literal request-body keys proto, constructor, and prototype added in 3.9.3, see GHSA-5fgg-jcpf-8jjw, but did not...

9.1CVSS0.00419EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 8:18 p.m.10 views

EUVD-2026-36819

Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...

6.3CVSS5.1AI score0.00242EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/15 8:18 p.m.7 views

CVE-2026-42651 WordPress Classified Listing plugin <= 5.3.9 - Broken Access Control vulnerability

Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...

6.3CVSS5.1AI score0.00242EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.11 views

PT-2026-49445

Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...

6.3CVSS5.1AI score0.00242EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 8:59 p.m.9 views

CVE-2026-48303 Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863)

Adobe Campaign Classic ACC versions 7.4.3 build 9394 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

10CVSS6.2AI score0.00553EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.16 views

EulerOS 2.0 SP11 : glibc (EulerOS-SA-2026-2243)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or...

7.5CVSS5.5AI score0.00357EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/28 5:17 p.m.17 views

EUVD-2026-32959

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confidentiality and integrity failures for synced bookmark/profile data. Attackers can crack common...

6CVSS5.8AI score0.00105EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 6:46 a.m.29 views

CVE-2026-3897

The CVE-2026-3897 entry describes a Stored XSS in the Livemesh Addons for Beaver Builder WordPress plugin, via the labb_admin_ajax action. Affected versions are all up to 3.9.2. Root cause is missing authorization checks despite nonce verification, enabling authenticated Subscriber+ users to modi...

6.4CVSS5.8AI score0.00223EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/26 8:15 p.m.15 views

EUVD-2026-31986

A vulnerability was determined in JeecgBoot up to 3.9.1. The affected element is the function LoginController.selectDepart of the file /sys/selectDepart. This manipulation causes improper access controls. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and m...

7.5CVSS6.7AI score0.00291EPSS
Exploits0References7
OSV
OSV
added 2026/05/21 10:8 a.m.10 views

RHSA-2026:19571 Red Hat Security Advisory: python3.9 security update

Bulletin has no description...

8.1CVSS5.7AI score0.00579EPSS
Exploits0References20
OSV
OSV
added 2026/05/21 10:8 a.m.8 views

RHSA-2026:19570 Red Hat Security Advisory: python3.9 security update

Bulletin has no description...

8.1CVSS7.2AI score0.00579EPSS
Exploits0References20
OSV
OSV
added 2026/05/20 10:9 a.m.8 views

RHSA-2026:18693 Red Hat Security Advisory: python3.9 security update

Bulletin has no description...

4.5CVSS7AI score0.00463EPSS
Exploits0References11
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in libcommons-net-java

Prior to Apache Commons Net 3.9.0, Net’s FTP client trusted the host based on the PASV response by default. A malicious server could redirect the Commons Net code to use a different host, but the user had to connect to the malicious server in the first place. This could result in the leakage of...

6.5CVSS6.5AI score0.01858EPSS
Exploits0References1
Rows per page
Query Builder