Lucene search
+L

30535 matches found

Cvelist
Cvelist
added last week29 views

CVE-2026-56329 Capgo - Cross-Tenant Preview Namespace Collision via Non-Bijective Underscore Decoding

Capgo before 12.128.2 contains a cross-tenant preview namespace collision vulnerability caused by non-bijective decoding of double underscores to dots in preview hostname parsing. Attackers can register app IDs with underscores that collide with other tenants' dotted app IDs, causing preview...

6.4CVSS0.00237EPSS
Exploits0References2
Circl
Circl
added 2026/07/10 5:39 a.m.7 views

CVE-2026-5069

creationtimestamp| type| source ---|---|--- 2026-07-10 05:39:55+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbgptqx442d 2026-07-11 00:43:56+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdgnihrty2e...

5.4CVSS6.1AI score0.00176EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/10 4:58 a.m.31 views

CVE-2026-21053

Improper input validation in Samsung Email prior to version 6.2.13.1 allows local attackers to create arbitrary files within the application sandbox...

5.1CVSS0.00111EPSS
Exploits0References1
CVE
CVE
added 2026/07/10 12:0 a.m.8 views

CVE-2026-51119

Invixium IXM WEB 2.3.85.25 is affected. The issue allows privilege escalation via the /SystemUsers/CreateAppUser component, as described in CVE-2026-51119, with CVSS 3.1 base score 9.1 (CRITICAL). No specific root-cause, vulnerable version ranges, exploit details, or fixes are provided beyond thi...

9.1CVSS6.1AI score0.00382EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/10 12:0 a.m.29 views

CVE-2026-51119

An issue in Invixium IXM WEB v.2.3.85.25 allows an attacker to escalate privileges via the /SystemUsers/CreateAppUser components...

0.00382EPSS
Exploits0References4
Circl
Circl
added 2026/07/09 11:7 p.m.10 views

CVE-2026-4653

creationtimestamp| type| source ---|---|--- 2026-07-09 23:07:27+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqaqs2htoe2y 2026-07-09 23:07:28+00:00| seen| https://bsky.app/profile/qiancx.bsky.social/post/3mqaqs2m7yb27...

6.4CVSS5.9AI score0.00201EPSS
Exploits0References2
Circl
Circl
added 2026/07/09 10:37 p.m.7 views

CVE-2026-55604

creationtimestamp| type| source ---|---|--- 2026-07-09 22:37:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqap3r6pk42e 2026-07-10 05:01:55+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqbeluswmw2a...

8.6CVSS6.1AI score0.00225EPSS
Exploits0References2
Circl
Circl
added 2026/07/09 10:30 p.m.10 views

CVE-2026-12170

creationtimestamp| type| source ---|---|--- 2026-07-09 22:30:04+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqaop7hjtu2i...

6.4CVSS5.9AI score0.00256EPSS
Exploits0References1
Circl
Circl
added 2026/07/09 6:47 p.m.8 views

CVE-2026-59734

creationtimestamp| type| source ---|---|--- 2026-07-09 18:47:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqacbssmiz2z 2026-07-13 22:00:04+00:00| seen| https://t.me/GithubRedTeam/92945 2026-07-14 00:00:08+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/92945...

8.8CVSS6.1AI score0.00417EPSS
Exploits1References2
NVD
NVD
added 2026/07/09 5:16 p.m.6 views

CVE-2026-13462

PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends...

7.5CVSS0.00229EPSS
Exploits0References2
NVD
NVD
added 2026/07/09 5:16 p.m.8 views

CVE-2026-13461

When coupled with the SSL bypass vulnerability, JavaScript can be injected into a WebView in the PayRange version 7.0.7 app. The injection of specific JavaScript function calls allows the attacker to escape the WebView sandbox and perform a number of dangerous actions on the user's device...

9.6CVSS0.0034EPSS
Exploits0References2
CVE
CVE
added 2026/07/09 5:10 p.m.13 views

CVE-2026-13462

PayRange Android app (version 7.0.7 and below) is affected by CVE-2026-13462 due to an SSL bypass in WebViews, allowing invalid certificates to be accepted. This enables a remote, unauthenticated attacker to intercept and exfiltrate data the user submits via the app. Attack surface is the app’s W...

7.5CVSS6AI score0.00229EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/09 5:10 p.m.7 views

EUVD-2026-42637

PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends...

7.5CVSS6AI score0.00229EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/09 5:8 p.m.8 views

EUVD-2026-42635

When coupled with the SSL bypass vulnerability, JavaScript can be injected into a WebView in the PayRange version 7.0.7 app. The injection of specific JavaScript function calls allows the attacker to escape the WebView sandbox and perform a number of dangerous actions on the user's device...

6AI score0.0034EPSS
Exploits0References2
Circl
Circl
added 2026/07/09 4:10 p.m.9 views

CVE-2026-59207

creationtimestamp| type| source ---|---|--- 2026-07-09 16:10:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq7zibfybn25...

7.1CVSS5.9AI score0.00263EPSS
Exploits0References1
Circl
Circl
added 2026/07/09 4:3 p.m.11 views

CVE-2026-59208

creationtimestamp| type| source ---|---|--- 2026-07-09 16:03:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq7z3sn6kq2i 2026-07-15 15:22:07+00:00| seen| https://bsky.app/profile/hn100.bsky.social/post/3mqozlgli3q2t 2026-07-15 15:27:26+00:00| seen|...

7.6CVSS6.2AI score0.00143EPSS
Exploits0References10
Circl
Circl
added 2026/07/09 11:37 a.m.9 views

CVE-2017-2845

creationtimestamp| type| source ---|---|--- 2026-07-09 11:37:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq7k7ms5iz2n...

8.8CVSS7.2AI score0.07233EPSS
Exploits1References1
Circl
Circl
added 2026/07/09 9:44 a.m.9 views

CVE-2026-2342

creationtimestamp| type| source ---|---|--- 2026-07-09 09:44:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mq7dvjy7wm2w...

9.3CVSS5.9AI score0.00391EPSS
Exploits0References1
Circl
Circl
added 2026/07/09 3:52 a.m.8 views

CVE-2026-15137

creationtimestamp| type| source ---|---|--- 2026-07-09 03:52:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq6qa72g7o2k...

7.5CVSS7.1AI score0.00263EPSS
Exploits0References1
Circl
Circl
added 2026/07/09 1:30 a.m.6 views

CVE-2026-15112

creationtimestamp| type| source ---|---|--- 2026-07-09 01:30:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116887429378642543 2026-07-09 01:30:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mq6icwy3iv23 2026-07-09 04:45:15+00:00| seen|...

8.8CVSS5.9AI score0.0026EPSS
Exploits0References4
Rows per page
Query Builder