Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

155 matches found

EUVD
EUVDadded 2026/05/29 5:8 p.m.8 views

EUVD-2026-33371

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.0, the unauthenticated GET /api/app-images/logo endpoint reflects a user-supplied color query parameter into the body of an SVG document via strings.ReplaceAll with no escaping. The substitution...

8.2CVSS5.8AI score0.00035EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/29 12:39 p.m.34 views

CVE-2026-46376 FreePBX: Unauthenticated Use of Hard-Coded Credentials Vulnerability in FreePBX UCP Interface

FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel UCP using hard-coded initial template credentials if these were not immediately changed by the Administrator who enabled UCP. Authenticated access to ACP...

9.3CVSS0.00084EPSS
Exploits1References1
OSV
OSVadded 16 hours ago3 views

ROOT-OS-DEBIAN-12-CVE-2024-57883 CVE-2024-57883 in rootio-linux - Patched by Root

Root has patched CVE-2024-57883 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

5.5CVSS7.6AI score0.00028EPSS
Exploits0
OSV
OSVadded 16 hours ago2 views

ROOT-OS-DEBIAN-11-CVE-2024-50032 CVE-2024-50032 in rootio-linux - Patched by Root

Root has patched CVE-2024-50032 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

7.8AI score
Exploits0
NVD
NVDadded 2026/05/28 10:16 p.m.9 views

CVE-2026-44849

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

9.4CVSS0.00054EPSS
Exploits1References1
EUVD
EUVDadded 2026/05/28 2:28 p.m.7 views

EUVD-2026-32908

Espressif Shared GitHub DangerJS is a reusable GitHub Action CI DangerJS workflow for Espressif GitHub projects. Prior to 1.0.1, the action's entrypoint.sh invoked DangerJS from the caller's workspace after copying the fork's checkout into it, creating an untrusted search path for both binary...

8.2CVSS6AI score0.00029EPSS
Exploits0References2
Ubuntu
Ubuntuadded 2026/05/28 11:38 a.m.19 views

USN-8330-1: OpenJDK 8 vulnerabilities

Thomas Beckers discovered that the JAXP component of OpenJDK 8 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the JSSE component of OpenJDK 8 d...

7.5CVSS7.2AI score0.00154EPSS
Exploits0
OSV
OSVadded 2 days ago3 views

ROOT-OS-UBUNTU-2204-CVE-2023-53657 CVE-2023-53657 in rootio-linux - Patched by Root

Root has patched CVE-2023-53657 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.5CVSS8.2AI score0.00013EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2026/05/26 12:0 a.m.8 views

PT-2026-43298

Algernon is a small self-contained pure-Go web server. Prior to 1.17.6, uploadedFileSaveIn in lua/upload/upload.go uses filepath.Join with the caller-supplied directory but performs no boundary check after joining. A directory of ../../../tmp resolves cleanly to /tmp, outside the web root. This...

8.7CVSS5.8AI score0.00061EPSS
Exploits0References3
OSV
OSVadded 2 days ago2 views

ROOT-OS-UBUNTU-2404-CVE-2025-68364 CVE-2025-68364 in rootio-linux - Patched by Root

Root has patched CVE-2025-68364 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

5.4AI score0.00066EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2026/05/21 2:0 p.m.14 views

Chromium: CVE-2026-8521 Use after free in Tab Groups

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

7.5CVSS5.8AI score0.00044EPSS
Exploits0
OSV
OSVadded 2026/06/03 2:51 p.m.2 views

ROOT-APP-PYPI-GHSA-58PV-8J8X-9VJ2 GHSA-58pv-8j8x-9vj2 in rootio-jaraco.context - Patched by Root

Root has patched GHSA-58pv-8j8x-9vj2 in the rootio-jaraco.context package for Root:PyPI. Multiple fixed versions available...

8.6CVSS5.4AI score
Exploits0
OSV
OSVadded 2026/05/20 10:10 a.m.4 views

RHSA-2026:19224 Red Hat Security Advisory: vim security update

Bulletin has no description...

8.2CVSS6.2AI score0.00034EPSS
Exploits0References11
OSV
OSVadded 2026/05/20 10:10 a.m.5 views

RHSA-2026:19177 Red Hat Security Advisory: python3.12 security update

Bulletin has no description...

8.1CVSS6.6AI score0.00205EPSS
Exploits1References93
Debian CVE
Debian CVEadded 2026/05/19 5:44 p.m.7 views

CVE-2026-33637

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Versions 2.0.0 through 2.14.1 still allow protocol-relative host override when the request target is passed as a URI object rather than a String to Faraday::Connectionbuildexclusiveurl. This...

6.5CVSS5.7AI score0.0001EPSS
Exploits1
EUVD
EUVDadded 2026/05/19 2:27 p.m.9 views

EUVD-2026-30943

Firefox for iOS hosted Reader mode on an unauthenticated local web server, allowing another application on the same device to request arbitrary URLs and receive the response rendered with the signed-in user's cookies. This vulnerability was fixed in Firefox for iOS 151.0...

6.5CVSS5.9AI score0.00022EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/19 12:30 p.m.5 views

CVE-2026-8963

Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

7.5CVSS5.8AI score0.00037EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/19 12:0 a.m.6 views

PT-2026-41914

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 151 Thunderbird versions prior to 151 Description A spoofing issue exists in WebExtensions. Recommendations Update to version 151 for Firefox. Update to version 151 for Thunderbird...

9.8CVSS5.8AI score0.00164EPSS
Exploits0References39
Microsoft CVE
Microsoft CVEadded 2026/05/16 12:20 a.m.9 views

Chromium: CVE-2026-8519 Integer overflow in ANGLE

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.8AI score0.00092EPSS
Exploits0
OSV
OSVadded 2026/05/13 7:17 p.m.3 views

UBUNTU-CVE-2026-42578

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandler constructs HTTP CONNECT requests with header validation explicitly disabled. The newInitialMessage method creates headers using...

7.5CVSS6AI score0.0001EPSS
Exploits1References4
Rows per page
Query Builder