Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

107421 matches found

Positive Technologies
Positive Technologiesadded 2026/06/08 12:0 a.m.8 views

PT-2026-47584

Summary An unauthenticated attacker Alice connects to FUXA's Socket.IO endpoint and emits a device-webapi-request event whose property.address field names an arbitrary URL. FUXA's DEVICE WEBAPI REQUEST handler at server/runtime/index.js:296 calls axios.getaddress server-side and broadcasts the fu...

8.2CVSS5.7AI score
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/06/08 12:0 a.m.6 views

PT-2026-47616

Summary An unauthenticated attacker Alice connects to FUXA's Socket.IO endpoint and emits a device-webapi-request event whose property.address field names an arbitrary URL. FUXA's DEVICE WEBAPI REQUEST handler at server/runtime/index.js:296 calls axios.getaddress server-side and broadcasts the fu...

8.2CVSS5.7AI score0.00101EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/06/08 12:0 a.m.8 views

PT-2026-47287

Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an authenticated user to bypass URL validation and inject malicious URLs such as javascript: URIs, resulting in cross-site scripting when another...

8.5CVSS5.2AI score0.0014EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/08 12:0 a.m.7 views

PT-2026-47284

Stored cross-site scripting in the URL dashboard widget in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows a user with dashboard editing permissions to store a URL with a dangerous URI scheme such as javascript: that executes scripts in other users' browsers when they view the...

8.5CVSS5.2AI score0.00136EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/06/08 12:0 a.m.6 views

Checkmk 跨站脚本漏洞

Checkmk is an IT monitoring platform developed by Checkmk Corporation. Versions of Checkmk prior to 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions contain a cross-site scripting vulnerability. This vulnerability stems from a storage-based cross-site scripting vulnerability within the URL...

8.5CVSS5.1AI score0.00136EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/06/08 12:0 a.m.4 views

RHEL 10 : podman (RHSA-2026:24386)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:24386 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...

7.5CVSS5.7AI score0.0052EPSS
Exploits0References4
Circl
Circladded 2026/06/06 4:45 p.m.7 views

CVE-2026-11436

creationtimestamp| type| source ---|---|--- 2026-06-06 16:45:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnn42sa3ui2b...

5.3CVSS5.3AI score0.00422EPSS
Exploits0References1
NVD
NVDadded 2026/06/06 4:16 p.m.9 views

CVE-2026-11436

A vulnerability was detected in Mage AI up to 0.9.79. This impacts the function useMutation of the file mageai/frontend/components/Sessions/SignForm/index.tsx of the component Sign-in Flow. Performing a manipulation of the argument query.redirecturl results in cross site scripting. Remote...

5.3CVSS0.00422EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/06/06 3:45 p.m.6 views

CVE-2026-11436

A vulnerability was detected in Mage AI up to 0.9.79. This impacts the function useMutation of the file mageai/frontend/components/Sessions/SignForm/index.tsx of the component Sign-in Flow. Performing a manipulation of the argument query.redirecturl results in cross site scripting. Remote...

5.3CVSS4AI score0.00422EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/06/06 3:45 p.m.4 views

CVE-2026-11436 Mage AI Sign-in Flow index.tsx useMutation cross site scripting

A vulnerability was detected in Mage AI up to 0.9.79. This impacts the function useMutation of the file mageai/frontend/components/Sessions/SignForm/index.tsx of the component Sign-in Flow. Performing a manipulation of the argument query.redirecturl results in cross site scripting. Remote...

5.3CVSS4.1AI score0.00422EPSS
Exploits0References5
CVE
CVEadded 2026/06/06 3:45 p.m.21 views

CVE-2026-11436

Mage AI up to version 0.9.79 is affected in the Sign-in Flow. The vulnerability is in the useMutation function within mage_ai/frontend/components/Sessions/SignForm/index.tsx, where manipulating the query.redirect_url argument triggers cross site scripting. Remote exploitation is possible, and the...

5.3CVSS4.1AI score0.00422EPSS
Exploits0References5
Circl
Circladded 2026/06/06 1:0 p.m.6 views

CVE-2026-11411

creationtimestamp| type| source ---|---|--- 2026-06-06 13:00:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnmpi4r52i23...

4.8CVSS5.3AI score0.00171EPSS
Exploits0References1
Circl
Circladded 2026/06/06 12:50 p.m.6 views

CVE-2026-11412

creationtimestamp| type| source ---|---|--- 2026-06-06 12:50:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnmow7vypb2d...

6.5CVSS6.5AI score0.00303EPSS
Exploits0References1
Circl
Circladded 2026/06/06 11:3 a.m.6 views

CVE-2026-6419

creationtimestamp| type| source ---|---|--- 2026-06-06 11:03:00+00:00| seen| https://bsky.app/profile/keiwork35.bsky.social/post/3mnmiwbavbk27...

8.8CVSS5.3AI score0.00353EPSS
Exploits0References1
Circl
Circladded 2026/06/06 8:49 a.m.7 views

CVE-2026-9016

creationtimestamp| type| source ---|---|--- 2026-06-06 08:49:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnmbhfnw6f2n 2026-06-14 12:16:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3moaqqe3bb626...

5.3CVSS5AI score0.00256EPSS
Exploits0References2
Circl
Circladded 2026/06/06 8:44 a.m.7 views

CVE-2026-7624

creationtimestamp| type| source ---|---|--- 2026-06-06 08:44:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnmb6h7h7r24...

4.3CVSS5.3AI score0.00299EPSS
Exploits0References1
Circl
Circladded 2026/06/06 5:1 a.m.7 views

CVE-2023-34282

creationtimestamp| type| source ---|---|--- 2026-06-06 05:01:16+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mnlupg7x5h2r...

8.8CVSS5.3AI score0.01108EPSS
Exploits0References1
Circl
Circladded 2026/06/06 4:52 a.m.7 views

CVE-2026-9281

creationtimestamp| type| source ---|---|--- 2026-06-06 04:52:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnlu7w5twa2d 2026-06-12 05:16:47+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mo2yeoi32w2w...

6.4CVSS5AI score0.00221EPSS
Exploits0References2
Circl
Circladded 2026/06/06 4:50 a.m.8 views

CVE-2026-8438

creationtimestamp| type| source ---|---|--- 2026-06-06 04:50:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnlu3eviqm2n 2026-06-07 00:01:08+00:00| seen| https://bsky.app/profile/pulse-wp.com/post/3mnnufnkfqi2a...

7.2CVSS5.3AI score0.0034EPSS
Exploits0References2
CVE
CVEadded 2026/06/06 2:28 a.m.17 views

CVE-2026-7796

Technical details (affected plugin version, root cause, exploit specifics) are not provided in the supplied documents; monitor for updates.

6.4CVSS5.7AI score0.00241EPSS
Exploits0References11
Rows per page
Query Builder