CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

58 matches found

CVE-2026-10693

A security vulnerability has been detected in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the component Administrative Endpoint. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit...

6.5CVSS6.1AI score0.00043EPSS

Exploits0References1

CVE•added 4 days ago•10 views

CVE-2026-10693

SourceCodester Online Boat Reservation System 1.0 is affected by an improper authorization issue in the Administrative Endpoint. The vulnerability enables remote manipulation across multiple endpoints, with exploit publicly disclosed and documented at CVE-2026-10693. CVSS metrics indicate network...

6.5CVSS6.2AI score0.00043EPSS

Exploits0References6

ATTACKERKB•added 4 days ago•5 views

CVE-2026-10693

6.5CVSS5.5AI score0.00043EPSS

Exploits0References6Affected Software1

Vulnrichment•added 4 days ago•5 views

CVE-2026-10693 SourceCodester Online Boat Reservation System Administrative Endpoint improper authorization

6.5CVSS6.2AI score0.00043EPSS

Exploits0References6

Cvelist•added 4 days ago•33 views

CVE-2026-10693 SourceCodester Online Boat Reservation System Administrative Endpoint improper authorization

6.5CVSS0.00043EPSS

Exploits0References6

EUVD•added 4 days ago•7 views

EUVD-2026-34058

6.5CVSS6.2AI score0.00043EPSS

Exploits0References6

Positive Technologies•added 4 days ago•10 views

PT-2026-45889

6.5CVSS6.2AI score0.00043EPSS

Exploits0References7

NVD•added 2026/04/14 1:16 a.m.•5 views

CVE-2026-39424

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, the chat export feature is vulnerable to Improper Neutralization of Formula Elements in a CSV File. When an administrator exports the application chat history to an Excel file .xlsx via the...

5.3CVSS0.00028EPSS

Exploits0References3

EUVD•added 2026/04/12 12:30 p.m.•1 views

EUVD-2026-21730

A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The exploit has been made...

7.5CVSS6.8AI score0.00125EPSS

Exploits0References7

Cvelist•added 2026/04/12 10:30 a.m.•30 views

CVE-2026-6126 zhayujie chatgpt-on-wechat CowAgent Administrative HTTP Endpoint missing authentication

7.5CVSS0.00125EPSS

Exploits0References6

ATTACKERKB•added 2026/04/12 10:30 a.m.•2 views

CVE-2026-6126

7.5CVSS6.8AI score0.00125EPSS

Exploits0References6Affected Software1

Vulnrichment•added 2026/04/12 10:30 a.m.•3 views

CVE-2026-6126 zhayujie chatgpt-on-wechat CowAgent Administrative HTTP Endpoint missing authentication

7.5CVSS6.8AI score0.00125EPSS

Exploits0References6

CNNVD•added 2026/04/12 12:0 a.m.•1 views

CowAgent 访问控制错误漏洞

CowAgent is an intelligent assistant and scalable agent framework developed by zhayujie’s individual developer. Version 2.0.4 of CowAgent contains a vulnerability related to access control. This vulnerability stems from the lack of authentication in the Administrative HTTP Endpoint component, whi...

7.5CVSS7.2AI score0.00125EPSS

Exploits0References6

Positive Technologies•added 2026/04/12 12:0 a.m.•2 views

PT-2026-32158

7.5CVSS6.8AI score0.00125EPSS

Exploits0References7

RedhatCVE•added 2026/04/06 10:57 a.m.•4 views

CVE-2026-28767

A specific administrative endpoint notifications is accessible without proper authentication...

6.9CVSS5.9AI score0.0008EPSS

Exploits1References1

RedhatCVE•added 2026/04/06 10:57 a.m.•3 views