CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

86637 matches found

ATTACKERKB•added 2026/06/08 11:44 a.m.•3 views

CVE-2026-11577

A flaw was found in Keycloak. A limited administrator can exploit an improper access control vulnerability in the POST /admin/realms/realm/partialImport endpoint. This allows them to bypass Fine-Grained Admin Permissions FGAP and escalate their privileges to a full realm administrator by importin...

7.2CVSS5.5AI score0.00322EPSS

Exploits0References4

Cvelist•added 2026/06/08 11:44 a.m.•36 views

CVE-2026-11577 Keycloak: keycloak: privilege escalation via partialimport fgap permission bypass

7.2CVSS0.00322EPSS

Exploits0References3

ATTACKERKB•added 2026/06/08 11:30 a.m.•4 views

CVE-2026-11510

A security flaw has been discovered in CodeAstro Leave Management System 1.0. This affects an unknown part of the file /admin/addleave.php. Performing a manipulation of the argument typeofleave results in sql injection. It is possible to initiate the attack remotely. The exploit has been released...

6.5CVSS6.5AI score0.002EPSS

Exploits0References6Affected Software1

EUVD•added 2026/06/08 11:30 a.m.•8 views

EUVD-2026-35050

6.5CVSS6.5AI score0.002EPSS

Exploits0References6

CVE•added 2026/06/08 11:30 a.m.•13 views

CVE-2026-11510

CVE-2026-11510 affects CodeAstro Leave Management System 1.0. The vulnerability resides in an unknown area of the file /admin/add_leave.php, where manipulating the argument type_of_leave leads to an SQL injection. The issue can be exploited remotely, and public exploit activity is noted. The CVSS...

6.5CVSS6.5AI score0.002EPSS

Exploits0References6

ATTACKERKB•added 2026/06/08 11:15 a.m.•3 views

CVE-2026-11509

A vulnerability was identified in CodeAstro Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/searchstaffforupdation.php. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote...

6.5CVSS6.5AI score0.00192EPSS

Exploits0References6Affected Software1

Vulnrichment•added 2026/06/08 11:15 a.m.•7 views

CVE-2026-11509 CodeAstro Leave Management System search_staff_for_updation.php sql injection

6.5CVSS6.5AI score0.00192EPSS

Exploits0References5

EUVD•added 2026/06/08 11:15 a.m.•10 views

EUVD-2026-35048

6.5CVSS6.5AI score0.00192EPSS

Exploits0References5

CVE•added 2026/06/08 11:15 a.m.•16 views

CVE-2026-11509

CodeAstro Leave Management System 1.0 is affected by a SQL injection in /admin/search_staff_for_updation.php triggered by manipulation of the Name parameter. The issue can be exploited remotely; CVE-2026-11509 is identified with multiple CVSS vectors (e.g., 3.1 and 3.0) indicating network access,...

6.5CVSS6.5AI score0.00192EPSS

Exploits0References5

CVE•added 2026/06/08 11:0 a.m.•16 views

CVE-2026-11508

CodeAstro Leave Management System 1.0 contains a SQL injection in /admin/search_staff_to_assign_pc.php via manipulation of the Name parameter. The vulnerability is exploitable remotely, with exploit information publicly disclosed and proof-of-concept activity indicated by CVSS/ExploitMaturity dat...

6.5CVSS6.5AI score0.002EPSS

Exploits0References6

Cvelist•added 2026/06/08 11:0 a.m.•33 views

CVE-2026-11508 CodeAstro Leave Management System search_staff_to_assign_pc.php sql injection

A vulnerability was determined in CodeAstro Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/searchstafftoassignpc.php. This manipulation of the argument Name causes sql injection. The attack is possible to be carried out remotely. The...

6.5CVSS0.002EPSS

Exploits0References6

EUVD•added 2026/06/08 11:0 a.m.•5 views

EUVD-2026-35045

6.5CVSS6.5AI score0.002EPSS

Exploits0References6

Vulnrichment•added 2026/06/08 11:0 a.m.•7 views

CVE-2026-11508 CodeAstro Leave Management System search_staff_to_assign_pc.php sql injection

6.5CVSS5.4AI score0.002EPSS

Exploits0References6

ATTACKERKB•added 2026/06/08 10:30 a.m.•3 views

CVE-2026-11506

A vulnerability has been found in CodeAstro Leave Management System 1.0. This impacts an unknown function of the file /admin/searchstafffordeletion.php. The manipulation of the argument Name leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to t...

6.5CVSS6.4AI score0.002EPSS

Exploits0References6Affected Software1

Cvelist•added 2026/06/08 10:30 a.m.•31 views

CVE-2026-11506 CodeAstro Leave Management System search_staff_for_deletion.php sql injection

6.5CVSS0.002EPSS

Exploits0References6

EUVD•added 2026/06/08 10:30 a.m.•7 views

EUVD-2026-35042

6.5CVSS6.4AI score0.002EPSS

Exploits0References6

CVE•added 2026/06/08 10:30 a.m.•16 views

CVE-2026-11506

CVE-2026-11506 affects CodeAstro Leave Management System 1.0. The vulnerability is an SQL injection in the file /admin/search_staff_for_deletion.php caused by manipulation of the Name parameter, enabling remote exploitation. Public exploit disclosure is noted. The connected records indicate this ...

6.5CVSS6.4AI score0.002EPSS

Exploits0References6

NVD•added 2026/06/08 9:16 a.m.•10 views

CVE-2026-41722

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS0.00201EPSS

Exploits0References1

GithubExploit•added 2026/06/08 8:59 a.m.•47 views

dcat-admin

No d...

5.4AI score

Exploits0

Vulnrichment•added 2026/06/08 7:7 a.m.•6 views

CVE-2026-41724 VMSA-2026-0004: VMware Cloud Foundation Operations updates address multiple vulnerabilities (CVE-2026-41722, CVE-2026-41723 and CVE-2026-41724)

8CVSS5.2AI score0.00201EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by