CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 4 days ago•30 views

CVE-2026-10169 OUSL-GROUP-BrinaryBrains School Student Management System Forgot Password Endpoint Login.php ajax_forgot_password password recovery

6.3CVSS0.00028EPSS

EUVD•added 4 days ago•9 views

EUVD-2026-33489

6.3CVSS5.1AI score0.00028EPSS

Positive Technologies•added 4 days ago•8 views

PT-2026-45172

A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajax forgot password of the file application/controllers/Login.php of the component Forgot Password Endpoint. Th...

6.3CVSS5.1AI score0.00028EPSS

RedhatCVE•added last week•7 views

CVE-2026-9466

A vulnerability was determined in Tiandy Easy7 Integrated Management Platform 7.17.0. This issue affects some unknown processing of the file /rest/user/updateUserPassword of the component API Endpoint. Executing a manipulation can lead to weak password recovery. The attack can be executed remotel...

6.9CVSS5.7AI score0.00037EPSS

Exploits0References1

NVD•added 2026/05/27 2:16 a.m.•5 views

CVE-2026-9609

A vulnerability was identified in QianFox FoxCMS up to 1.2.6. This affects the function Edit of the file Admin.php. The manipulation leads to weak password recovery. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem...

5.8CVSS0.00046EPSS

CVE•added 2026/05/27 12:30 a.m.•8 views

CVE-2026-9609

CVE-2026-9609 affects QianFox FoxCMS up to version 1.2.6, targeting the Admin.php Edit function. The vulnerability enables weak password recovery through manipulation of the admin password flow, with remote initiation. Public exploit code exists, and the issue was reported via an issue but not ye...

ATTACKERKB•added 2026/05/27 12:30 a.m.•6 views

CVE-2026-9609

Exploits0References5Affected Software1

EUVD•added 2026/05/27 12:30 a.m.•8 views

EUVD-2026-32029

Cvelist•added 2026/05/27 12:30 a.m.•25 views

CVE-2026-9609 QianFox FoxCMS Admin.php edit password recovery

5.8CVSS0.00046EPSS

Positive Technologies•added 2026/05/27 12:0 a.m.•7 views

PT-2026-43471

CVE•added 2026/05/25 2:30 p.m.•12 views

Exploits0References6

CVE-2026-9466

Tiandy Easy7 Integrated Management Platform 7.17.0 contains an API Endpoint vulnerability in /rest/user/updateUserPassword, where input manipulation can lead to weak password recovery. The issue is exploitable remotely and has publicly disclosed exploit activity. No remediation details are provid...

6.9CVSS5.7AI score0.00037EPSS

Snyk•added 2026/05/20 3:46 p.m.•6 views

Weak Password Recovery Mechanism for Forgotten Password

Overview phpmyfaq/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Weak Password Recovery Mechanism for Forgotten Password via the updatePassword process. An attacker can gain unauthorized access to any user account,...

8.8CVSS5.8AI score0.00129EPSS