CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

103 matches found

The Hacker News•added 2026/04/28 6:37 a.m.•3 views

Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover

An administrative role meant for artificial intelligence AI agents within Microsoft Entra ID could enable privilege escalation and identity takeover attacks, according to new findings from Silverfort. Agent ID Administrator is a privileged built-in role introduced by Microsoft as part of its agen...

6AI score

Exploits0

RedhatCVE•added 2026/02/26 10:34 p.m.•2 views

CVE-2026-28193

In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint...

8.8CVSS5.3AI score0.00001EPSS

Exploits0References1

EUVD•added 2026/02/25 3:31 p.m.•3 views

EUVD-2026-8651

In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint...

8.8CVSS5.3AI score0.00001EPSS

Exploits0References2

NVD•added 2026/02/25 2:16 p.m.•2 views

CVE-2026-28193

In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint...

8.8CVSS0.00001EPSS

Exploits0References1

OSV•added 2026/02/25 2:16 p.m.•0 views

CVE-2026-28193

In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint...

5.3CVSS5.8AI score0.00001EPSS

Exploits0References1

CVE•added 2026/02/25 12:57 p.m.•11 views

CVE-2026-28193

CVE-2026-28193 (JetBrains YouTrack) : Affects YouTrack builds prior to 2025.3.121962 where apps could send requests to the app permissions endpoint. The CVSS 3.1 vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H with base score 8.8 (HIGH). Attack vector: NETWORK; Attack complexity: LOW; Priv...

8.8CVSS5.3AI score0.00001EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/02/25 12:57 p.m.•2 views

CVE-2026-28193

In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint...

8.8CVSS5.9AI score0.00001EPSS

Exploits0References2

Vulnrichment•added 2026/02/25 12:57 p.m.•3 views

CVE-2026-28193

In JetBrains YouTrack before 2025.3.121962 apps were able to send requests to the app permissions endpoint...

8.8CVSS5.3AI score0.00001EPSS

Exploits0References1

Positive Technologies•added 2026/02/25 12:0 a.m.•2 views

PT-2026-21903

Name of the Vulnerable Software and Affected Versions JetBrains YouTrack versions prior to 2025.3.121962 Description The software allows applications to send requests to the app permissions endpoint without authorization. This could lead to unauthorized actions related to application permissions...

8.8CVSS5.9AI score0.00001EPSS

Exploits0References5

OSV•added 2025/12/01 12:0 a.m.•6 views

ASB-A-301952571

In DefaultTransitionHandler.java, there is a possible way to unknowingly grant permissions to an app due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

7.3CVSS6.5AI score0.00007EPSS

Exploits0References3

Apple•added 2025/11/03 12:0 a.m.•13 views

About the security content of tvOS 26.1

About the security content of tvOS 26.1 This document describes the security content of tvOS 26.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

8.8CVSS8.3AI score0.00303EPSS

Exploits3References1Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-6398

Malware in sbrugna...

7.8CVSS7.6AI score0.00102EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-6433

Malware in sbrugna...

7.8CVSS7.7AI score0.00102EPSS

Exploits0References2