Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8007 matches found

Positive Technologies
Positive Technologiesadded 2026/05/13 12:0 a.m.7 views

PT-2026-40774

Name of the Vulnerable Software and Affected Versions Hermes WebUI versions prior to 0.51.44 Release T Description A path traversal issue exists in the session import endpoint. Authenticated attackers can read arbitrary files by importing a crafted session containing an unrestricted workspace...

6.5CVSS5.9AI score0.00376EPSS
Exploits0References6
EUVD
EUVDadded 2026/05/12 9:9 p.m.45 views

EUVD-2026-29845

efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file modifications. When protected=true, elfindercheckRisk enforces that the client sends readonly=true matching the session value, but no event handler checks the readonly...

8.1CVSS5.8AI score0.00301EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/12 9:9 p.m.52 views

CVE-2026-44260 efw4.X: readonly Flag Not Enforced Server-Side

efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file modifications. When protected=true, elfindercheckRisk enforces that the client sends readonly=true matching the session value, but no event handler checks the readonly...

8.1CVSS0.00301EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/05/12 8:21 p.m.9 views

CVE-2026-28971

The issue was addressed with improved UI handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. A malicious iframe may use another website’s download settings...

4.3CVSS5.8AI score0.00308EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/05/12 8:21 p.m.6 views

CVE-2026-35157

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV File vulnerability in the UI. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to remote...

9.8CVSS5.8AI score0.00317EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/12 6:30 p.m.5 views

EUVD-2026-29715

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS5.8AI score0.00285EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/12 6:30 p.m.10 views

EUVD-2026-29633

User interface ui misrepresentation of critical information in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network...

4.3CVSS5.8AI score0.00497EPSS
Exploits0References2
NVD
NVDadded 2026/05/12 6:17 p.m.11 views

CVE-2026-42891

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

6.5CVSS0.00285EPSS
Exploits0References1
NVD
NVDadded 2026/05/12 6:17 p.m.5 views

CVE-2026-40416

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

4.3CVSS0.00349EPSS
Exploits0References1
NVD
NVDadded 2026/05/12 6:16 p.m.9 views

CVE-2025-46311

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2. An app may be able to access sensitive user data...

7.5CVSS0.00231EPSS
Exploits0References1
CVE
CVEadded 2026/05/12 5:35 p.m.13 views

CVE-2025-46311

Technical details for CVE-2025-46311 are not publicly available in the supplied documents. Monitor for updates from Apple and security advisories to determine affected products, impact, and fixes.

7.5CVSS5.8AI score0.00231EPSS
Exploits0References1Affected Software2
ATTACKERKB
ATTACKERKBadded 2026/05/12 5:35 p.m.5 views

CVE-2025-46311

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2. An app may be able to access sensitive user data...

7.5CVSS5.8AI score0.00231EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/12 5:35 p.m.5 views

CVE-2025-46311

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2. An app may be able to access sensitive user data...

5.8AI score0.00231EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/12 12:32 p.m.12 views

EUVD-2025-209782

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.1, RUGGEDCOM ROX MX5000RE All versions V2.17.1, RUGGEDCOM ROX RX1400 All versions V2.17.1, RUGGEDCOM ROX RX1500 All versions V2.17.1, RUGGEDCOM ROX RX1501 All versions V2.17.1, RUGGEDCOM ROX RX1510 All versions V2.17.1...

9.1CVSS6.1AI score0.00542EPSS
Exploits0References2
NVD
NVDadded 2026/05/12 10:16 a.m.26 views

CVE-2025-40949

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.1, RUGGEDCOM ROX MX5000RE All versions V2.17.1, RUGGEDCOM ROX RX1400 All versions V2.17.1, RUGGEDCOM ROX RX1500 All versions V2.17.1, RUGGEDCOM ROX RX1501 All versions V2.17.1, RUGGEDCOM ROX RX1510 All versions V2.17.1...

9.1CVSS0.00542EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/12 8:20 a.m.3 views

CVE-2025-40949

A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions V2.17.1, RUGGEDCOM ROX MX5000RE All versions V2.17.1, RUGGEDCOM ROX RX1400 All versions V2.17.1, RUGGEDCOM ROX RX1500 All versions V2.17.1, RUGGEDCOM ROX RX1501 All versions V2.17.1, RUGGEDCOM ROX RX1510 All versions V2.17.1...

9.1CVSS6.1AI score0.00542EPSS
Exploits0References2
CVE
CVEadded 2026/05/12 8:20 a.m.17 views

CVE-2025-40949

The CVE-2025-40949 issue affects RUGGEDCOM ROX devices (MX5000, MX5000RE, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, RX5000) with all versions

9.1CVSS6.1AI score0.00542EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/05/12 8:20 a.m.8 views

CVE-2026-42571

Pelican is a platform for creating data federations. From versions 7.21.0 to before 7.21.5, 7.22.0 to before 7.22.3, 7.23.0 to before 7.23.3, and 7.24.0 to before 7.24.2, there is a a privilege escalation vulnerability affecting Pelican's Web User Interface WebUI. This attack allows any user...

9CVSS5.7AI score0.0032EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/12 3:31 a.m.4 views

EUVD-2026-29368

SAPUI5 Search UI allows an unauthenticated attacker to manipulate specific URL parameters on the Search UI to include malicious content. Successful exploitation may mislead victim users into clicking and accessing attacker-controlled pages rendered by the application. This vulnerability has a low...

4.7CVSS5.8AI score0.00249EPSS
Exploits0References3
CVE
CVEadded 2026/05/12 2:19 a.m.11 views

CVE-2026-34258

SAPUI5 (Search UI) is affected by CVE-2026-34258. An unauthenticated attacker can manipulate specific URL parameters in the Search UI to deliver attacker-controlled content, potentially misleading users into clicking on pages rendered by the application. Impact is confined to confidentiality (low...

4.7CVSS5.8AI score0.00249EPSS
Exploits0References2
Rows per page
Query Builder