CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

251 matches found

NVD•added 2026/05/15 10:16 p.m.•20 views

CVE-2026-45315

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the audio transcription upload endpoint takes the file extension from the user-supplied filename and saves the file under CACHEDIR/audio/transcriptions/.. The /cache/path route serve...

8.7CVSS0.0018EPSS

Exploits1References1

NVD•added 2026/04/21 5:16 p.m.•5 views

CVE-2026-40568

FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a stored cross-site scripting XSS vulnerability in the mailbox signature feature. The sanitization function Helper::stripDangerousTags app/Misc/Helper.php:568 uses an incomplete blocklist of only four HTM...

8.5CVSS0.00238EPSS

Exploits0References3

ATTACKERKB•added 2026/04/21 4:8 p.m.•5 views

CVE-2026-40568

8.5CVSS5.8AI score0.00238EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/04/21 4:8 p.m.•31 views

CVE-2026-40568 FreeScout Vulnerable to XSS via Mailbox Signature Due to Incomplete HTML Sanitization

8.5CVSS0.00238EPSS

Exploits0References3

Positive Technologies•added 2026/04/21 12:0 a.m.•11 views

PT-2026-34012

8.5CVSS5.8AI score0.00238EPSS

Exploits0References4

RedhatCVE•added 2026/02/21 7:27 a.m.•8 views

CVE-2026-2820

A security flaw has been discovered in Fujian Smart Integrated Management Platform System up to 7.5. This issue affects some unknown processing of the file /Module/CRXT/Controller/XAccessPermissionPlus.ashx. The manipulation of the argument DeviceIDS results in sql injection. The attack may be...

7.5CVSS7.1AI score0.00344EPSS

Exploits0References1