CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

GithubExploit•added 2026/04/09 11:9 a.m.•188 views

Exploit for Improper Input Validation in N8N

CVE-2026-21858 + CVE-2025-68613 - n8n Full Chain Unauthenti...

10CVSS7.6AI score0.98011EPSS

Exploits41

Cvelist•added 2026/04/07 6:19 a.m.•25 views

CVE-2026-1114 Improper Access Control via Weak JWT Token in parisneo/lollms

In parisneo/lollms version 2.1.0, the application's session management is vulnerable to improper access control due to the use of a weak secret key for signing JSON Web Tokens JWT. This vulnerability allows an attacker to perform an offline brute-force attack to recover the secret key. Once the...

9.8CVSS0.0054EPSS

Exploits1References2

Vulnrichment•added 2026/02/03 12:0 a.m.•2 views

CVE-2025-69971

FUXA v1.2.7 contains a hard-coded credential vulnerability in server/api/jwt-helper.js. The application uses a hard-coded secret key to sign and verify JWT Tokens. This allows remote attackers to forge valid admin tokens and bypass authentication to gain full administrative access...

5.5AI score0.02036EPSS

Exploits0References1

GithubExploit•added 2026/01/30 10:38 p.m.•195 views

Exploit for Improper Input Validation in N8N

CVE-2026-21858 + CVE-2025-68613 - n8n Full Chain Unauthenti...

10CVSS6AI score0.98011EPSS

Exploits41

GithubExploit•added 2026/01/07 7:32 p.m.•256 views

Exploit for CVE-2026-21858

CVE-2026-21858 + CVE-2025-68613 - n8n Full Chain Unauthenti...

9.9CVSS8.4AI score0.98011EPSS

Exploits40