Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

520705 matches found

EUVD
EUVDadded 2026/06/11 11:30 a.m.7 views

EUVD-2026-36236

A vulnerability was determined in TwiN gatus 5.36.0. Impacted is the function setSessionCookie of the file security/oidc.go of the component OIDC Session Cookie Handler. Executing a manipulation can lead to sensitive cookie without secure attribute. The attack can be launched remotely. This attac...

6.3CVSS4.9AI score0.00278EPSS
Exploits0References6
CVE
CVEadded 2026/06/11 11:30 a.m.17 views

CVE-2026-11956

CVE-2026-11956 affects TwiN gatus 5.36.0, specifically the OIDC Session Cookie Handler (setSessionCookie). The issue is a missing Secure attribute on the session cookie, enabling potential exposure of sensitive cookie data via remote manipulation. The description indicates high attack complexity ...

6.3CVSS4.9AI score0.00278EPSS
Exploits0References6
Friends Of PHP
Friends Of PHPadded 2026/06/11 10:41 a.m.4 views

CompilerRuntime code injection via unescaped function names

More info at https://github.com/jmespath/jmespath.php/security/advisories/GHSA-pcw8-m77r-2528...

9.8CVSS5.2AI score0.0032EPSS
Exploits0Affected Software1
OSV
OSVadded 2026/06/11 10:16 a.m.6 views

DEBIAN-CVE-2026-11850

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

5CVSS5.2AI score0.00261EPSS
Exploits0References1
NVD
NVDadded 2026/06/11 10:16 a.m.10 views

CVE-2026-11850

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

5CVSS0.00261EPSS
Exploits0References3
OSV
OSVadded 2026/06/11 10:16 a.m.5 views

UBUNTU-CVE-2026-11850

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

5CVSS5.3AI score0.00261EPSS
Exploits0References6
GithubExploit
GithubExploitadded 2026/06/11 10:6 a.m.144 views

Exploit for CVE-2026-10795

CVE-2026-10795 CVE-2026-10795 – UpdraftPlus Authentication Byp...

8.1CVSS5.8AI score0.01252EPSS
Exploits3
Cvelist
Cvelistadded 2026/06/11 9:49 a.m.25 views

CVE-2026-11850 Krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

5CVSS0.00261EPSS
Exploits0References3
EUVD
EUVDadded 2026/06/11 9:49 a.m.7 views

EUVD-2026-36219

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

5CVSS5.4AI score0.00261EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/11 9:49 a.m.8 views

CVE-2026-11850 Krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

5CVSS5.4AI score0.00261EPSS
Exploits0References3
CVE
CVEadded 2026/06/11 9:49 a.m.32 views

CVE-2026-11850

CVE-2026-11850 affects MIT Kerberos 5; the vulnerability is an integer underflow in berval2tl_data() inside ldap_principal2.c, where unsigned bv_len - 2 lacks bounds checking. When bv_len is 0 or 1, the subtraction underflows to 0xFFFE/0xFFFF and is then memcpy’d from a 0–1 byte buffer, causing a...

5CVSS5.4AI score0.00261EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2026/06/11 9:49 a.m.8 views

CVE-2026-11850

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

5CVSS5.3AI score0.00261EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2026/06/11 9:49 a.m.7 views

CVE-2026-11850

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

5CVSS4.8AI score0.00261EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/11 9:44 a.m.10 views

Malicious code in swagger-express-routes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 342bf1e361c6684c276c1afc618d78d82268e93898daddaef74873a49c6111b2 On require'swagger-express-routes', the package's main entry transitively loads src/utils/lib.min.js through src/connector/index.js line 1:...

5.7AI score
Exploits0References2
OSV
OSVadded 2026/06/11 9:44 a.m.5 views

MAL-2026-5636 Malicious code in swagger-express-routes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 342bf1e361c6684c276c1afc618d78d82268e93898daddaef74873a49c6111b2 On require'swagger-express-routes', the package's main entry transitively loads src/utils/lib.min.js through src/connector/index.js line 1:...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/11 9:44 a.m.7 views

Malicious code in react-photo-views (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0a47353c6255d7edb625c7ea890545e106900caeae477f0ebff432ae39c53e5 Package name 'react-photo-views' plural impersonates the popular 'react-photo-view' singular component — README badges, downloads URLs, and...

5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/11 9:44 a.m.5 views

Malicious code in tw-fluid-type (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c3bc3497d6c683f52210ca201500d27cf9e2bcccd976883be2ed85d17569b54 The package advertises itself as a Tailwind CSS fluid-type plugin but ships src/utils/lib.min.js, which is loaded as a side effect when the package's...

5.7AI score
Exploits0References2
OSV
OSVadded 2026/06/11 9:44 a.m.5 views

MAL-2026-5634 Malicious code in react-photo-views (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0a47353c6255d7edb625c7ea890545e106900caeae477f0ebff432ae39c53e5 Package name 'react-photo-views' plural impersonates the popular 'react-photo-view' singular component — README badges, downloads URLs, and...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/11 9:44 a.m.8 views

Malicious code in tailwindcss-animotion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 774c1b953da3225f63374a2054512d7715ce872f4a82278fc0954fe3133e7e0b The package's main entry dist/index.cjs, with the same code in src/utils/helper.min.js aliases require to global.r and module to global.m, then...

5.5AI score
Exploits0References2
OSV
OSVadded 2026/06/11 9:44 a.m.6 views

MAL-2026-5637 Malicious code in tailwindcss-animotion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 774c1b953da3225f63374a2054512d7715ce872f4a82278fc0954fe3133e7e0b The package's main entry dist/index.cjs, with the same code in src/utils/helper.min.js aliases require to global.r and module to global.m, then...

5.6AI score
Exploits0References2
Rows per page
Query Builder