Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:18 p.m.7 views

CVE-2026-45364

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it received in x-forwarded-for or the configured IP-bearing header. IPv6 clients controlling a typical /6...

7.3CVSS5.5AI score0.00295EPSS
Exploits0References1
CVE
CVEadded 2026/05/28 9:34 p.m.25 views

CVE-2026-45364

The CVE-2026-45364 issue affects Better Auth (TypeScript) where the HTTP rate limiter keyed by the leftmost x-forwarded-for value could be bypassed for IPv6. Before fixes, IPv6 prefix rotation (e.g., /64) and multiple textual representations could produce 2^64 distinct keys, letting an attacker p...

7.3CVSS5.8AI score0.00295EPSS
Exploits0References5
NVD
NVDadded 2026/03/13 7:54 p.m.5 views

CVE-2026-22199

Voltronic Power SNMP Web Pro version 1.1 contains a pre-authentication path traversal vulnerability in the upload.cgi endpoint that allows unauthenticated attackers to read arbitrary files on the device filesystem by supplying directory traversal sequences in the params parameter. Attackers can...

8.7CVSS0.00976EPSS
Exploits0References4
The Hacker News
The Hacker Newsadded 2025/04/07 1:40 p.m.18 views

CISA and FBI Warn Fast Flux is Powering Resilient Malware, C2, and Phishing Networks

Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a command-and-control C2 channel. "'Fast flux' is a technique used to...

7.1AI score
Exploits0
Code423n4
Code423n4added 2023/08/10 12:0 a.m.7 views

replaceMember&rotateMember; has no voting process

Lines of code Vulnerability details Impact The execution of the two methods replaceMember&rotateMember does not implement the voting process, which will violate the provisions of the following articles Address rotation: As a practical matter, a council member can rotate one of their own keys. Thi...

7AI score
Exploits0
Kitploit
Kitploitadded 2020/04/07 9:30 p.m.83 views

MSOLSpray - A Password Spraying Tool For Microsoft Online Accounts (Azure/O365)

A password spraying tool for Microsoft Online accounts Azure/O365. The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS! Why...

7.4AI score
Exploits0References2
Rows per page
Query Builder