Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

107421 matches found

EUVD
EUVDadded 2026/06/08 2:45 p.m.6 views

EUVD-2026-35080

A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...

9CVSS8.4AI score0.00466EPSS
Exploits0References6
SUSE Linux
SUSE Linuxadded 2026/06/08 1:55 p.m.6 views

Security update for mutt

This update for mutt fixes the following issues CVE-2026-43859: strfcpy used instead of memcpy for the IMAP authcram MD5 digest bsc1263897. CVE-2026-43860: truncation of hashpasswd by one byte for IMAP authcram MD5 digest bsc1263896. CVE-2026-43861: missing check for \0 in urlpctdecode bsc1263895...

6.9CVSS5.4AI score0.00201EPSS
Exploits0References26
OSV
OSVadded 2026/06/08 1:55 p.m.3 views

SUSE-SU-2026:2301-1 Security update for mutt

This update for mutt fixes the following issues - CVE-2026-43859: strfcpy used instead of memcpy for the IMAP authcram MD5 digest bsc1263897. - CVE-2026-43860: truncation of hashpasswd by one byte for IMAP authcram MD5 digest bsc1263896. - CVE-2026-43861: missing check for \0 in urlpctdecode...

3.7CVSS5.4AI score0.00201EPSS
Exploits0References14
SUSE Linux
SUSE Linuxadded 2026/06/08 1:54 p.m.4 views

Security update for mutt

This update for mutt fixes the following issues CVE-2026-43859: strfcpy used instead of memcpy for the IMAP authcram MD5 digest bsc1263897. CVE-2026-43860: truncation of hashpasswd by one byte for IMAP authcram MD5 digest bsc1263896. CVE-2026-43861: missing check for \0 in urlpctdecode bsc1263895...

6.9CVSS5.4AI score0.00201EPSS
Exploits0References26
Circl
Circladded 2026/06/08 1:41 p.m.6 views

CVE-2026-11528

creationtimestamp| type| source ---|---|--- 2026-06-08 13:41:37+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116714772643192342...

9CVSS5.3AI score0.00466EPSS
Exploits0References1
OSV
OSVadded 2026/06/08 1:16 p.m.7 views

UBUNTU-CVE-2026-7186

Stored cross-site scripting in the URL dashboard widget in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows a user with dashboard editing permissions to store a URL with a dangerous URI scheme such as javascript: that executes scripts in other users' browsers when they view the...

8.5CVSS5.2AI score0.00136EPSS
Exploits0References3
OSV
OSVadded 2026/06/08 1:15 p.m.6 views

JLSEC-2026-577

libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded...

9.8CVSS7.2AI score0.0523EPSS
Exploits0References32
RedHat Linux
RedHat Linuxadded 2026/06/08 1:14 p.m.6 views

net/url: Incorrect parsing of IPv6 host literals in net/url

The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...

7.5CVSS7.7AI score0.0052EPSS
Exploits0References8
EUVD
EUVDadded 2026/06/08 12:51 p.m.1 views

EUVD-2026-21581

GeoNode contains a server-side request forgery vulnerability in the service registration endpoint...

6.3CVSS5.4AI score0.00172EPSS
Exploits0References6
EUVD
EUVDadded 2026/06/08 12:6 p.m.7 views

EUVD-2026-35053

Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an authenticated user to bypass URL validation and inject malicious URLs such as javascript: URIs, resulting in cross-site scripting when another...

8.5CVSS5.2AI score0.0014EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/06/08 12:6 p.m.8 views

CVE-2026-8833 XSS in urls

Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an authenticated user to bypass URL validation and inject malicious URLs such as javascript: URIs, resulting in cross-site scripting when another...

8.5CVSS5.2AI score0.0014EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/08 12:6 p.m.41 views

CVE-2026-8833 XSS in urls

Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an authenticated user to bypass URL validation and inject malicious URLs such as javascript: URIs, resulting in cross-site scripting when another...

8.5CVSS0.0014EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/08 10:54 a.m.34 views

CVE-2026-11569 Quay: quay: stored xss via filedrop svg upload

A flaw was found in Quay. The filedrop endpoint accepts any mime type without validation, allowing an authenticated user with repository write access to upload a malicious SVG file containing JavaScript. The file is stored and served inline through the CDN, enabling stored cross-site scripting wh...

5.4CVSS0.00138EPSS
Exploits0References2
Circl
Circladded 2026/06/08 10:1 a.m.6 views

CVE-2026-41724

creationtimestamp| type| source ---|---|--- 2026-06-08 10:01:31+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnrgg4qvqn25 2026-06-08 10:24:16+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/broadcom-vmware-security-advisory-av26-560 2026-06-08 10:50:45+00:00| seen|...

8CVSS4.9AI score0.00201EPSS
Exploits0References6
Circl
Circladded 2026/06/08 7:0 a.m.11 views

CVE-2026-11494

creationtimestamp| type| source ---|---|--- 2026-06-08 07:00:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnr4bn2rxr2o...

5.3CVSS5.3AI score0.00215EPSS
Exploits0References1
Circl
Circladded 2026/06/08 5:24 a.m.6 views

CVE-2021-47984

creationtimestamp| type| source ---|---|--- 2026-06-08 05:24:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnqwxof6ya24...

6.4CVSS5.3AI score0.00187EPSS
Exploits0References1
Circl
Circladded 2026/06/08 4:55 a.m.6 views

CVE-2024-58348

creationtimestamp| type| source ---|---|--- 2026-06-08 04:55:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnqvcnmdvl2r...

9.8CVSS5.3AI score0.00767EPSS
Exploits0References1
Circl
Circladded 2026/06/08 4:46 a.m.7 views

CVE-2021-47983

creationtimestamp| type| source ---|---|--- 2026-06-08 04:46:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnqutppcwy2r...

6.4CVSS5.3AI score0.00187EPSS
Exploits0References1
Circl
Circladded 2026/06/08 1:6 a.m.7 views

CVE-2026-11466

creationtimestamp| type| source ---|---|--- 2026-06-08 01:06:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnqijr7ejc26...

5.5CVSS5.8AI score0.00253EPSS
Exploits0References1
Circl
Circladded 2026/06/08 12:56 a.m.8 views

CVE-2026-11469

creationtimestamp| type| source ---|---|--- 2026-06-08 00:56:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnqhxu5wkz2y...

5.8CVSS5.3AI score0.00379EPSS
Exploits0References1
Rows per page
Query Builder