Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

102506 matches found

UbuntuCve
UbuntuCveadded 2026/05/19 2:16 p.m.7 views

CVE-2026-8952

Privilege escalation in the Application Update component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

8.8CVSS5.8AI score0.00363EPSS
Exploits0References5
OSV
OSVadded 2026/05/19 2:16 p.m.2 views

UBUNTU-CVE-2026-8952

Privilege escalation in the Application Update component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

8.8CVSS5.8AI score0.00363EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/05/19 2:12 p.m.36 views

CVE-2026-2586

An authenticated Remote Code Execution RCE vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of arbitrary operating system commands with the privileges of the application service user...

9.1CVSS0.00819EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/05/19 2:12 p.m.6 views

CVE-2026-2586

An authenticated Remote Code Execution RCE vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of arbitrary operating system commands with the privileges of the application service user...

9.1CVSS6.1AI score0.00819EPSS
Exploits1References2
EUVD
EUVDadded 2026/05/19 2:12 p.m.8 views

EUVD-2026-30939

An authenticated Remote Code Execution RCE vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of arbitrary operating system commands with the privileges of the application service user...

9.1CVSS6.1AI score0.00819EPSS
Exploits1References1
CVE
CVEadded 2026/05/19 2:12 p.m.23 views

CVE-2026-2586

CVE-2026-2586: An authenticated RCE in GlassFish Administration Console. A user with console access can send crafted requests to execute arbitrary OS commands with the privileges of the application service user. Affected: GlassFish Admin Console. Impact (per provided metrics): high confidentialit...

9.1CVSS6.1AI score0.00819EPSS
Exploits1References1Affected Software1
GithubExploit
GithubExploitadded 2026/05/19 1:53 p.m.56 views

py-waf

py-waf Python rever...

5.8AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2026/05/19 1:41 p.m.10 views

org.apache.tomcat/tomcat-catalina: tomcat: Apache Tomcat: session fixation via rewrite valve

A session fixation vulnerability has been identified in Apache Tomcat, affecting its rewrite functionality. If the rewrite valve is enabled for a web application, an attacker can craft a specific URL. If a victim clicks on this malicious URL, their subsequent interaction with the resource will...

6.5CVSS6.5AI score0.00775EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2026/05/19 1:1 p.m.5 views

CVE-2025-14575

An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS backend of Qt Network qtbase in Qt Qt Framework Unix allows a local attacker to load a rogue CA certificate as a trusted system authority via a crafted certificate file placed in the application's working directory...

1.8CVSS5.8AI score0.00083EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2026/05/19 12:29 p.m.11 views

CVE-2026-8952

CVE-2026-8952 describes a privilege-escalation issue in the Application Update component. Public documentation consistently states the vulnerability was fixed in Firefox 151 and Thunderbird 151. Affected product scope shown in connected sources includes Mozilla Thunderbird versions earlier than 1...

8.8CVSS5.8AI score0.00363EPSS
Exploits0References3Affected Software2
AlpineLinux
AlpineLinuxadded 2026/05/19 12:29 p.m.8 views

CVE-2026-8952

Privilege escalation in the Application Update component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

8.8CVSS5.8AI score0.00363EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/05/19 12:29 p.m.34 views

CVE-2026-8952 Privilege escalation in the Application Update component

Privilege escalation in the Application Update component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

0.00363EPSS
Exploits0References3
EUVD
EUVDadded 2026/05/19 12:29 p.m.8 views

EUVD-2026-30902

Privilege escalation in the Application Update component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

6.5CVSS5.8AI score0.00363EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/05/19 12:29 p.m.4 views

CVE-2026-8952

Privilege escalation in the Application Update component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

6.5CVSS5.8AI score0.00363EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/19 12:29 p.m.5 views

CVE-2026-8952 Privilege escalation in the Application Update component

Privilege escalation in the Application Update component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

5.8AI score0.00363EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2026/05/19 12:29 p.m.5 views

CVE-2026-8952

Privilege escalation in the Application Update component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

8.8CVSS5.8AI score0.00363EPSS
Exploits0
Cvelist
Cvelistadded 2026/05/19 10:28 a.m.37 views

CVE-2026-4630 Keycloak: keycloak: unauthorized resource access and data modification via insecure direct object reference

A flaw was found in Keycloak. An authenticated client could exploit an Insecure Direct Object Reference IDOR vulnerability in the Authorization Services Protection API endpoint. By knowing or obtaining a resource's unique identifier UUID belonging to another Resource Server within the same realm,...

6.8CVSS0.00303EPSS
Exploits0References4
OSV
OSVadded 2026/05/19 10:6 a.m.12 views

RHSA-2026:18054 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.6 security update

Bulletin has no description...

9.1CVSS6.7AI score0.08341EPSS
Exploits6References108
OSV
OSVadded 2026/05/19 10:6 a.m.4 views

RHSA-2026:18055 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.1.6 security update

Bulletin has no description...

9.1CVSS6.7AI score0.08341EPSS
Exploits6References108
RedHat Linux
RedHat Linuxadded 2026/05/19 9:0 a.m.11 views

org.apache.tomcat/tomcat-catalina: tomcat: Apache Tomcat: session fixation via rewrite valve

A session fixation vulnerability has been identified in Apache Tomcat, affecting its rewrite functionality. If the rewrite valve is enabled for a web application, an attacker can craft a specific URL. If a victim clicks on this malicious URL, their subsequent interaction with the resource will...

6.5CVSS6.5AI score0.00775EPSS
Exploits0References8
Rows per page
Query Builder