Lucene search
K

6562 matches found

CVE
CVE
added 2026/06/16 11:52 a.m.19 views

CVE-2026-12322

CVE-2026-12322 is a clickjacking vulnerability in the Gtk Widget component affecting Mozilla Firefox and Thunderbird. The issue, described across multiple sources, is due to a UI framing/embedding flaw that could enable deceptive UI interaction. Affected products were updated to mitigate the vuln...

5.4CVSS5.2AI score0.00165EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2026/06/16 11:52 a.m.30 views

CVE-2026-12322 Clickjacking issue in the Widget: Gtk component

Clickjacking issue in the Widget: Gtk component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

0.00165EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/06/16 7:39 a.m.71 views

Exploit for UNIX Symbolic Link Following in Litespeedtech Litespeed_Cpanel_Plugin

CVE-2026-54420 Mitigation Toolkit !Licensehttps://img.shie...

8.5CVSS5.8AI score0.01261EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.11 views

PT-2026-49691

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 152 Thunderbird versions prior to 152 Description A clickjacking issue exists in the Widget: Gtk component. Clickjacking is a technique where an attacker tricks a user into clicking something different from what the...

9.6CVSS5.8AI score0.00476EPSS
Exploits0References49
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 9:52 p.m.11 views

Malicious code in twrap-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 174cba09d5ec9724bd55871c7f74c27ff8592bf55c06464204e0591667377259 twraptoolkit/init.py defines getpayload which issues a plaintext HTTP request to http://194.5.152.9:8080/hacks/textwrap-toolkit/textwraptoolkit/init....

6.5AI score
Exploits0References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.9 views

EUVD-2025-210161

Unauthenticated Cross Site Scripting XSS in Okay Toolkit = 2.3 versions...

7.1CVSS5.1AI score0.00186EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.9 views

CVE-2025-68851

Unauthenticated Cross Site Scripting XSS in Okay Toolkit = 2.3 versions...

7.1CVSS0.00186EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:17 p.m.28 views

CVE-2025-68851 WordPress Okay Toolkit plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Okay Toolkit = 2.3 versions...

7.1CVSS0.00186EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:17 p.m.20 views

CVE-2025-68851

CVE-2025-68851 refers to the WordPress Okay Toolkit plugin (&lt;= 2.3) and describes an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability. The vulnerability was identified by Skalucy. The provided documents do not specify the exact vulnerable input, affected product version(s) be...

7.1CVSS5.1AI score0.00186EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49351

Unauthenticated Cross Site Scripting XSS in Okay Toolkit = 2.3 versions...

7.1CVSS5.1AI score0.00186EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/13 2:28 a.m.9 views

SUSE CVE-2026-12034

Insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

8.3CVSS5.4AI score0.0018EPSS
Exploits0References3
OSV
OSV
added 2026/06/12 9:2 p.m.12 views

MAL-2026-5722 Malicious code in textwrap-toolkit-stager (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fc85924d5672f7c91c2dd5e97c46cc48e3ae48084f906b7b0ba9d606c433fa4 On import textwraptoolkitstager, the package's init.py unconditionally fetches Python source from...

5.5AI score
Exploits0References2
GithubExploit
GithubExploit
added 2026/06/12 7:21 p.m.94 views

aetherion

/\ | | | | | |...

8.8CVSS5.4AI score0.00541EPSS
Exploits12
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/12 4:11 p.m.13 views

Malicious code in vite-react-toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 879905a93676f42398cca583eb921d5ee04a7c84068d7aa0123a7cefdf26d995 On import/require of vite-react-toolkit, src/features/extras/config.js reached via the package main → createConfig.js → features/plugins.js side-effe...

5.3AI score
Exploits0References2
OSV
OSV
added 2026/06/12 4:11 p.m.12 views

MAL-2026-5701 Malicious code in vite-react-toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 879905a93676f42398cca583eb921d5ee04a7c84068d7aa0123a7cefdf26d995 On import/require of vite-react-toolkit, src/features/extras/config.js reached via the package main → createConfig.js → features/plugins.js side-effe...

5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/06/12 4:11 p.m.10 views

Malicious Package

Overview vite-react-toolkit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
NVD
NVD
added 2026/06/12 4:17 a.m.17 views

CVE-2026-47365

Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM, allows remote authenticated users to bypass cross-tenant authorization and execute arbitrary wp-toolkit CLI commands as another account...

9.9CVSS0.00409EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 2:27 a.m.30 views

CVE-2026-47365

Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM, allows remote authenticated users to bypass cross-tenant authorization and execute arbitrary wp-toolkit CLI commands as another account...

9.9CVSS0.00409EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 2:27 a.m.11 views

CVE-2026-47365

Argument injection vulnerability in WordPress Toolkit before 6.11.0 as used in cPanel & WHM, allows remote authenticated users to bypass cross-tenant authorization and execute arbitrary wp-toolkit CLI commands as another account...

9.9CVSS5.8AI score0.00409EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 2:27 a.m.33 views

CVE-2026-47365

CVE-2026-47365 affects WordPress Toolkit (before 6.11.0) as used in cPanel & WHM. An argument injection flaw enables remote authenticated users to bypass cross-tenant authorization and run arbitrary wp-toolkit CLI commands as another account. The description and connected records confirm the affe...

9.9CVSS5.9AI score0.00409EPSS
Exploits0References1
Rows per page
Query Builder