Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2026/04/10 1:30 a.m.5 views

CVE-2026-5998

The CVE-2026-5998 vulnerability affects zhayujie chatgpt-on-wechat CowAgent (up to 2.0.4) in the API Memory Content Endpoint’s dispatch function (service.py). An attacker can manipulate the filename argument, enabling path traversal and remote exploitation. The issue has been publicly reported wi...

6.9CVSS5.6AI score0.0002EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/04/03 12:0 a.m.1 views

PT-2026-30223

OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To...

7.8CVSS6.3AI score0.00102EPSS
Exploits0References8
NVD
NVDadded 2026/03/16 2:20 p.m.0 views

CVE-2026-4255

A DLL search order hijacking vulnerability in Thermalright TR-VISION HOME on Windows 64-bit allows a local attacker to escalate privileges via DLL side-loading. The application loads certain dynamic-link library DLL dependencies using the default Windows search order, which includes directories...

8.4CVSS0.00008EPSS
Exploits0References1
CVE
CVEadded 2026/03/16 7:14 a.m.7 views

CVE-2026-4255

The CVE-2026-4255 entry describes a DLL search order hijacking in Thermalright TR-VISION HOME (Windows 64-bit) that allows local privilege escalation via DLL side-loading. Affected: TR-VISION HOME versions up to 2.0.5. Root cause: the application loads DLL dependencies using the default Windows s...

8.4CVSS6.3AI score0.00008EPSS
Exploits0References1
Patchstack
Patchstackadded 2024/09/30 9:54 a.m.2 views

WordPress Automatically Hierarchic Categories in Menu plugin <= 2.0.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Automatically Hierarchic Categories in Menu versions = 2.0.5...

6.5CVSS6.1AI score0.00193EPSS
Exploits0Affected Software1
OSV
OSVadded 2022/03/04 10:15 p.m.2 views

CVE-2021-27756

"TLS-RSA cipher suites are not disabled in BigFix Compliance up to v2.0.5. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it."...

7.5CVSS5.7AI score0.00142EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2021/02/02 12:0 a.m.2 views

PT-2021-11705 · Harbor · Harbor

Name of the Vulnerable Software and Affected Versions: Harbor versions 2.0 through 2.0.4 Harbor versions 2.1.x through 2.1.1 Description: The catalog's registry API is exposed on an unauthenticated path, allowing bypass of authorization. The vulnerable API endpoint is "GET /v2/ catalog/" which ca...

5.3CVSS7.6AI score0.00235EPSS
Exploits0References13
Rows per page
Query Builder