Lucene search
K

30181 matches found

Circl
Circl
added 16 hours ago8 views

CVE-2025-71353

creationtimestamp| type| source ---|---|--- 2026-07-04 04:38:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpsahzpup32z 2026-07-04 16:00:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mptgmha4ar2u...

8.1CVSS5.9AI score
Exploits0References2
Nuclei
Nuclei
added 18 hours ago26 views

WordPress Stacks Mobile App Builder <=5.2.3 - Authentication Bypass

Stacks Mobile App Builder WordPress plugin ≤ 5.2.3 suffers from an authentication bypass vulnerability via improper handling of query parameters, allowing attackers to impersonate arbitrary users. id: CVE-2024-50477 info: name: WordPress Stacks Mobile App Builder =5.2.3 - Authentication Bypass...

9.8CVSS6AI score0.07959EPSS
Exploits3References4
Nuclei
Nuclei
added 18 hours ago58 views

modoboa 2.0.4 - Admin TakeOver

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4. id: CVE-2023-0777 info: name: modoboa 2.0.4 - Admin TakeOver author: r3Y3r53 severity: critical description: | Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to...

9.8CVSS7.2AI score0.15088EPSS
Exploits4References4
Nuclei
Nuclei
added 18 hours ago25 views

WPMobile.App <= 11.56 - Open Redirect

The WPMobile.App plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 11.56. This is due to insufficient validation on the redirect URL supplied via the 'redirect' parameter. This makes it possible for unauthenticated attackers to redirect users to potentially...

7.2CVSS7.2AI score0.00746EPSS
Exploits0References2
Nuclei
Nuclei
added 18 hours ago7 views

Vite dev server - Cross-Site Scripting

Vite's dev server, when used with appType: 'custom' and manually invoking server.transformIndexHtml using the unmodified request URL, is vulnerable to XSS via a crafted URL payload. If the HTML being served includes an inline module script ..., an attacker can inject a script via the URL,...

6.1CVSS6.8AI score0.00997EPSS
Exploits1References2
Nuclei
Nuclei
added 18 hours ago10 views

Hippoo Mobile App for WooCommerce <= 1.7.1 - Unauthenticated Arbitrary File Read

The Hippoo Mobile App for WooCommerce plugin for WordPress is vulnerable to Path Traversal in all versions up to and including 1.7.1 via the templateredirect function. The plugin registers 'hippooserve' as a WordPress query variable and uses it to serve PWA files from the pwa/ directory. In...

7.5CVSS6AI score0.02056EPSS
Exploits0References3
Nuclei
Nuclei
added 18 hours ago13 views

Hippoo Mobile App for WooCommerce <= 1.9.4 - Authentication Bypass to Admin Account Takeover

Hippoo Mobile App for WooCommerce WordPress plugin = 1.9.4 contains an authentication bypass caused by logic conflation in user permission checks, letting unauthenticated attackers take over administrator accounts via REST API password reset. id: CVE-2026-10580 info: name: Hippoo Mobile App for...

9.8CVSS5.9AI score0.02841EPSS
Exploits1References2
Nuclei
Nuclei
added 18 hours ago9 views

Wordpress WPMobile.App >= 11.42 - Cross-Site Scripting

WPMobile.App versions up to 11.41 contain a reflected cross-site scripting XSS caused by improper input neutralization during web page generation, letting attackers execute scripts in the victim's browser, exploit requires attacker to craft malicious input. id: CVE-2024-35694 info: name: Wordpres...

7.1CVSS5.8AI score0.00668EPSS
Exploits0References1
Nuclei
Nuclei
added 18 hours ago57 views

OX Appsuite - Cross-Site Scripting

OX App Suite through 7.10.4 allows XSS via the app loading mechanism the PATHINFO to the /appsuite URI. id: CVE-2020-24701 info: name: OX Appsuite - Cross-Site Scripting author: DhiyaneshDk severity: medium description: | OX App Suite through 7.10.4 allows XSS via the app loading mechanism the...

6.1CVSS6.4AI score0.06788EPSS
Exploits3References5
Circl
Circl
added yesterday7 views

CVE-2026-56015

creationtimestamp| type| source ---|---|--- 2026-07-03 14:26:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpqquiykdy2k 2026-07-03 14:57:07+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mpqslp3c2k24 2026-07-04 04:13:10+00:00| seen|...

5.9AI score
Exploits0References3
Nuclei
Nuclei
added yesterday27 views

Adlisting Classified Ads 2.14.0 - Information Disclosure

Information disclosure issue in the redirect responses, When accessing any page on the website, Sensitive data, such as API keys, server keys, and app IDs, is being exposed in the body of these redirects. id: CVE-2023-4168 info: name: Adlisting Classified Ads 2.14.0 - Information Disclosure autho...

7.5CVSS6.3AI score0.36205EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday18 views

Apache Tomcat Examples Web Application - Cross-Site Scripting

Apache Tomcat 8.5.50 to 8.5.81, 9.0.30 to 9.0.64, 10.0.0-M1 to 10.0.22, and 10.1.0-M1 to 10.1.0-M16 contain a reflected cross-site scripting caused by displaying unfiltered user data in the Form authentication example, letting attackers execute scripts in victim browsers, exploit requires attacke...

6.1CVSS6.8AI score0.06156EPSS
Exploits0References4
Circl
Circl
added yesterday5 views

CVE-2026-8351

creationtimestamp| type| source ---|---|--- 2026-07-03 10:03:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpqc7hkl742w 2026-07-03 20:16:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mpreg665oi2z 2026-07-03 22:35:03+00:00| seen|...

6.4CVSS5.9AI score
Exploits0References4
Circl
Circl
added yesterday7 views

CVE-2026-14352

creationtimestamp| type| source ---|---|--- 2026-07-03 06:27:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mppw4orvsr2t 2026-07-03 15:16:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mpqtnpaiqq2v 2026-07-03 20:50:20+00:00| seen|...

7.5CVSS5.9AI score
Exploits0References4
Circl
Circl
added yesterday5 views

CVE-2022-4989

creationtimestamp| type| source ---|---|--- 2026-07-03 06:08:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mppuzyti5h22 2026-07-03 19:37:43+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mprcbj4ze42w...

8.5CVSS5.9AI score
Exploits0References2
Circl
Circl
added yesterday6 views

CVE-2026-10134

creationtimestamp| type| source ---|---|--- 2026-07-03 02:37:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mppjaj2iin2r 2026-07-04 02:15:17+00:00| seen| https://bsky.app/profile/securityonline.bsky.social/post/3mpryifbgxm2k...

10CVSS5.9AI score0.00314EPSS
Exploits0References2
EUVD
EUVD
added yesterday7 views

EUVD-2026-41482

An Improper Export of Android Application Components vulnerability in ASUS Router App allows a third-party application on the same device to send a crafted Intent that causes ASUS Router App to open an specified URL. Refer to the ' Security Update for ASUS Router Android App ' section on the ASUS...

6CVSS5.8AI score
Exploits0References1
CVE
CVE
added yesterday10 views

CVE-2026-12960

CVE-2026-12960 affects the ASUS Router Android app. The issue is an Improper Export of Android Application Components, where a local third-party app on the same device can send a crafted Intent that causes the ASUS Router App to open a specified URL. CVSS metrics indicate local access, low comple...

6CVSS5.8AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-12960

An Improper Export of Android Application Components vulnerability in ASUS Router App allows a third-party application on the same device to send a crafted Intent that causes ASUS Router App to open an specified URL. Refer to the ' Security Update for ASUS Router Android App ' section on the ASUS...

6CVSS5.8AI score
Exploits0References2
Circl
Circl
added 2 days ago7 views

CVE-2026-45499

creationtimestamp| type| source ---|---|--- 2026-07-02 23:29:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpp6quxoyk23 2026-07-03 17:58:38+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpr4qdd4pd2m 2026-07-03 22:00:04+00:00| seen|...

9.9CVSS5.9AI score
Exploits0References3
Rows per page
Query Builder