Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Vulnrichment
Vulnrichmentadded 2026/01/15 6:43 p.m.4 views

CVE-2026-22249 Docmost affected by an Arbitrary File Write via Zip Import Feature (ZipSlip)

Docmost is an open-source collaborative wiki and documentation software. From 0.21.0 to before 0.24.0, Docmost is vulnerable to Arbitrary File Write via Zip Import Feature ZipSlip. In apps/server/src/integrations/import/utils/file.utils.ts, there are no validation on filename. This vulnerability ...

7.1CVSS6.5AI score0.00502EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/10/07 6:9 a.m.11 views

CVE-2025-54374

Eidos is an extensible framework for Personal Data Management. Versions 0.21.0 and below contain a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted eidos: URL on any website, including a malicious one they control. When a...

8.8CVSS7.9AI score0.00538EPSS
Exploits1References1
OSV
OSVadded 2025/10/03 8:0 p.m.2 views

CVE-2025-54374 Eidos: One-click Remote Code Execution through Custom URL Handling

Eidos is an extensible framework for Personal Data Management. Versions 0.21.0 and below contain a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted eidos: URL on any website, including a malicious one they control. When a...

8.8CVSS7.9AI score0.00538EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/03 8:0 p.m.2 views

EUVD-2025-32374

Eidos is an extensible framework for Personal Data Management. Versions 0.21.0 and below contain a one-click remote code execution vulnerability. An attacker can exploit this vulnerability by embedding a specially crafted eidos: URL on any website, including a malicious one they control. When a...

8.8CVSS7.4AI score0.00538EPSS
Exploits1References1
CNNVD
CNNVDadded 2025/08/25 12:0 a.m.2 views

Docmost 安全漏洞

Docmost is an open collaboration wiki and documentation software from Docmost Open Source. A security vulnerability exists in Docmost 0.21.0 and earlier versions, which stems from vulnerability to cross-site scripting attacks that could lead to the execution of arbitrary code...

6.1CVSS6.3AI score0.00265EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/08/31 12:0 a.m.4 views

多款 NodeBB 产品 安全特征问题漏洞

NodeBB is a forum system from the Design Create Play team built using Node.js, a web application platform built on top of Google's V8 JavaScript engine. A security signature issue vulnerability exists in NodeBB versions v0.21.0 through v0.31.0, which originates from a vulnerability that allows an...

9.8CVSS6.7AI score0.01014EPSS
Exploits0References4
CNNVD
CNNVDadded 2022/08/31 12:0 a.m.6 views

Flux2 路径遍历漏洞

Flux2 is a tool from the Cloud Native Computing Foundation that keeps Kubernetes clusters synchronized with their configuration sources. A path traversal vulnerability exists in Flux2 versions v0.21.0 through v0.31.0, which stems from mishandling of user-supplied input and can be exploited by an...

7.8CVSS6.7AI score0.00306EPSS
Exploits0References4
Rows per page
Query Builder