CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

289 matches found

CVE•added 2026/04/24 10:54 a.m.•15 views

CVE-2025-62233

CVE-2025-62233 concerns Apache DolphinScheduler’s RPC module. A deserialization of untrusted data vulnerability affects versions >= 3.2.0 and

6.3CVSS5.3AI score0.00059EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/04/18 9:26 a.m.•1 views

CVE-2026-2505 Categories Images <= 3.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'z_taxonomy_image' Shortcode

The Categories Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.3.1, via the 'ztaxonomyimage' shortcode. This is due to the shortcode rendering path passing attacker-controlled class input into a fallback image builder that concatenates...

5.4CVSS5.9AI score0.00011EPSS

Exploits0References2

Cvelist•added 2026/04/18 9:26 a.m.•26 views

CVE-2026-2505 Categories Images <= 3.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'z_taxonomy_image' Shortcode

5.4CVSS0.00011EPSS

Exploits0References2

Patchstack•added 2026/04/17 9:16 p.m.•4 views

WordPress Categories Images plugin <= 3.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by ? in WordPress Plugin Categories Images versions = 3.3.1...

5.4CVSS5.8AI score0.00011EPSS

Exploits0References1Affected Software1

RedHat Linux•added 2026/04/17 11:10 a.m.•4 views

Important: Red Hat Security Advisory: Red Hat AI Inference Server 3.3.1 (CUDA)

Red Hat AI Inference Server 3.3.1 CUDA is now available. Red Hat® AI Inference Server...

8.8CVSS7.2AI score0.00737EPSS

Exploits7References18

RedHat Linux•added 2026/04/17 11:10 a.m.•5 views

Important: Red Hat Security Advisory: Red Hat AI Inference Server 3.3.1 (ROCm)

Red Hat AI Inference Server 3.3.1 ROCm is now available. Red Hat® AI Inference Server...

8.8CVSS7.3AI score0.00737EPSS

Exploits7References18

ATTACKERKB•added 2026/04/15 10:21 a.m.•2 views

CVE-2026-40734

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Zahlan Categories Images categories-images allows DOM-Based XSS.This issue affects Categories Images: from n/a through = 3.3.1...

5.8AI score0.00039EPSS

Exploits0References2

Vulnrichment•added 2026/04/15 10:21 a.m.•2 views

CVE-2026-40734 WordPress Categories Images plugin <= 3.3.1 - Cross Site Scripting (XSS) vulnerability

5.8AI score0.00039EPSS

Exploits0References1

Cvelist•added 2026/04/15 10:21 a.m.•27 views

CVE-2026-40734 WordPress Categories Images plugin <= 3.3.1 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00039EPSS

Exploits0References1

Positive Technologies•added 2026/04/15 12:0 a.m.•2 views

PT-2026-33042

Name of the Vulnerable Software and Affected Versions Zahlan Categories Images versions n/a through 3.3.1 Description Improper neutralization of input during web page generation in the categories-images component allows DOM-Based Cross-Site Scripting XSS, a flaw where the application contains...

6.5CVSS5.8AI score0.00039EPSS

Exploits0References4

SUSE CVE•added 2026/03/28 12:25 a.m.•3 views

SUSE CVE-2026-33320

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can supply YAML for processing to trigger extreme CPU and memory consumption. The issue is in the...

6.2CVSS5.9AI score0.00008EPSS

Exploits1References3

RedhatCVE•added 2026/03/26 3:18 p.m.•3 views

CVE-2026-32363

Missing Authorization vulnerability in Funlus Oy WPLifeCycle free-php-version-info allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPLifeCycle: from n/a through = 3.3.1...

5.3CVSS5.8AI score0.00042EPSS

Exploits0References1

EUVD•added 2026/03/13 9:31 p.m.•3 views

EUVD-2026-11855

5.8AI score0.00042EPSS

Exploits0References2

Vulnrichment•added 2026/03/13 11:42 a.m.•3 views

CVE-2026-32363 WordPress WPLifeCycle plugin <= 3.3.1 - Broken Access Control vulnerability

5.3CVSS5.8AI score0.00042EPSS

Exploits0References1

ATTACKERKB•added 2026/03/13 11:42 a.m.•2 views

CVE-2026-32363

5.8AI score0.00042EPSS

Exploits0References2

Positive Technologies•added 2026/03/13 12:0 a.m.•3 views

PT-2026-25210

5.3CVSS5.8AI score0.00042EPSS

Exploits0References3

Cvelist•added 2026/02/17 1:22 p.m.•22 views

CVE-2025-7706 Improper Access Control in TUBITAK BILGEM's Liderahenk

Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Remote Code Inclusion.This issue affects Liderahenk: from 3.0.0 to 3.3.1 before 3.5.0...

6.1CVSS0.00063EPSS

Exploits0References1

CNNVD•added 2026/02/17 12:0 a.m.•3 views

TÜBİTAK BİLGEM Liderahenk 访问控制错误漏洞

TÜBİTAK BİLGEM Liderahenk is a central management system of the Turkish company TÜBİTAK BİLGEM. Versions 3.3.1 and earlier, including 3.5.0, had access control vulnerabilities due to the lack of authentication for key functions, which could lead to remote code execution...

6.1CVSS6.2AI score0.00063EPSS

Exploits0References1

NVD•added 2026/02/11 7:15 p.m.•4 views

CVE-2025-70296

A stored HTML injection vulnerability in the Recipe Notes rendering component in Mealie 3.3.1 allows remote authenticated users to inject arbitrary HTML, resulting in user interface redressing within the recipe view...

5.4CVSS0.00053EPSS

Exploits1References3

CNNVD•added 2026/02/11 12:0 a.m.•2 views

Mealie 安全漏洞

Mealie is a self-hosted recipe manager and meal planner developed by Hayden in the United States. Version 3.3.1 of Mealie contains a security vulnerability. This vulnerability stems from the use of storage-oriented cross-site scripting in the recipe asset upload and media service components. It m...

6.1CVSS5.8AI score0.00062EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by