Lucene search
K

5 matches found

NVD
NVD
added 2 days ago6 views

CVE-2026-61500

Rejetto HFS 3.0.0 through 3.2.0 derives its session-cookie signing key from the non-cryptographic Math.random generator and discloses outputs of the same generator to unauthenticated clients during login. A remote attacker can collect a small number of login responses, reconstruct the generator's...

9.8CVSS0.00747EPSS
Exploits0References2
CVE
CVE
added 2026/03/23 12:9 p.m.12 views

CVE-2026-31848

Nexxt Solutions Nebula 300+ firmware

9.8CVSS5.8AI score0.00281EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/20 2:38 a.m.30 views

CVE-2026-32891 Anchorr Privilege Escalation: Jellyseerr User → Anchorr Admin via Stored XSS

Anchorr is a Discord bot for requesting movies and TV shows and receiving notifications when items are added to a media server. Versions 1.4.1 and below contain a stored XSS vulnerability in the Jellyseerr user selector. Jellyseerr allows any account holder to execute arbitrary JavaScript in the...

9CVSS0.00164EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-29265

Malicious code in bioql PyPI...

8.1CVSS6.6AI score0.00393EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/09/15 12:0 a.m.10 views

CVE-2025-56274

SourceCodester Web-based Pharmacy Product Management System 1.0 is vulnerable to Incorrect Access Control, which allows low-privileged users to forge high privileged such as admin sessions and perform sensitive operations such as adding new users...

0.00393EPSS
Exploits1References1
Rows per page
Query Builder