CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Wiz blog•added 4 days ago•10 views

Eliminate Critical API Attack Paths with Wiz API SPM

Wiz API SPM is now GA, enabling customers to discover APIs, assess APIs for exploitability, and prioritize remediation to mitigate the risk of an API-related breach...

Packet Storm News•added 4 days ago•6 views

UniFi Network Application Path Traversal Vulnerability Assessment Tool

This tool lets you safely detect whether a UniFi Network Application controller is vulnerable to CVE-2026-22557 without causing any disruption. CVE-2026-22557 is an unauthenticated path traversal vulnerability in the UniFi Network Application's guest captive portal that allows remote attackers to...

10CVSS6.2AI score0.00032EPSS

Exploits2

Packet Storm News•added 4 days ago•5 views

Apache ActiveMQ Jolokia Security Auditor

This is a security assessment tool for Apache ActiveMQ deployments that expose the Jolokia management interface. It verifies connectivity, evaluates authentication status, retrieves Jolokia agent information, and identifies accessible ActiveMQ broker instances through JMX endpoints...

Packet Storm News•added 4 days ago•6 views

FortiClient EMS 7.4.6 Detection Scanner

FortiClient EMS CVE-2026-35616 Detection Scanner is a non-destructive security assessment module designed to identify whether Fortinet hotfix protections for CVE-2026-35616 are properly applied on FortiClient EMS servers. The scanner performs safe behavioral validation by comparing server respons...

9.8CVSS6.1AI score0.34753EPSS

Exploits7

Packet Storm News•added 5 days ago•5 views

Needles at Scale: LLM-Assisted Target Selection for Windows Vulnerability Research

The attack surface of a modern operating system is a haystack: thousands of signed binaries and millions of functions, almost none relevant to any given vulnerability. A human analyst or an LLM agent must pick the function worth reading before analyzing it. At whole-OS scope, this target selectio...

GithubExploit•added 2026/05/29 12:3 p.m.•61 views

nessus-metasploit-pentest

Project 7 — Nessus Vulnerability Assessment + Metasploit Explo...

10CVSS7.3AI score0.94282EPSS

Exploits29

ICS•added 2026/05/28 6:0 a.m.•5 views

KMW CCTV Security Cameras

ADVISORY SUMMARY Successful exploitation of this vulnerability may grant full unauthorized access to camera feeds and settings. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all...

9.1CVSS5.8AI score0.0006EPSS

Exploits0References13

NVD•added 2026/05/26 6:16 p.m.•7 views

CVE-2026-44669

FACTION is a PenTesting Report Generation and Collaboration Framework. Prior to 1.8.3, Faction is vulnerable to stored cross-site scripting XSS via attachment filenames in assessment file preview flows. User-supplied filename values are persisted and later rendered into HTML/attribute contexts...

8.7CVSS0.00033EPSS

ATTACKERKB•added 2026/05/26 5:43 p.m.•6 views

CVE-2026-44669

8.7CVSS5.8AI score0.00033EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/05/26 5:43 p.m.•24 views

CVE-2026-44669 Faction: Stored XSS in Assessment Attachment Filename Preview Rendering

8.7CVSS0.00033EPSS

CVE•added 2026/05/26 5:43 p.m.•14 views

CVE-2026-44669

CVE-2026-44669 affects FACTION, a PenTesting Report Generation and Collaboration Framework. Before version 1.8.3, it is vulnerable to stored XSS in attachment filenames used in the assessment file preview flow. User-supplied filename values are persisted server-side and later rendered into HTML/a...

8.7CVSS5.8AI score0.00033EPSS

CNNVD•added 2026/05/26 12:0 a.m.•5 views

SourceCodester CET Automated Grading System with AI Predictive Analytics 安全漏洞

SourceCodester CET Automated Grading System with AI Predictive Analytics is an open-source English language assessment system based on artificial intelligence predictive analytics, developed by SourceCodester. Version 1.0 of the SourceCodester CET Automated Grading System with AI Predictive...

5.3CVSS5.8AI score0.00036EPSS

Exploits0References6

Positive Technologies•added 2026/05/26 12:0 a.m.•5 views

PT-2026-43347

8.7CVSS5.8AI score0.00033EPSS

Exploits0References3

Packet Storm News•added 2026/05/26 12:0 a.m.•9 views

Lessons from Penetration Tests on Large-Scale Agent Systems

As AI systems gain increasing autonomy and execution capability, the number of discovered security vulnerabilities continues to rise. However, many of these vulnerabilities are not fundamentally novel, but instead reflect recurring classes of weaknesses long observed in prior computing systems...

6AI score

Packet Storm News•added 2026/05/25 12:0 a.m.•7 views

"What Is the Problem Space?" Defining Host-Space Adversarial Perturbations against Network Intrusion Detection Systems

Network Intrusion Detection Systems NIDS are now increasingly leveraging Machine Learning ML techniques to detect malicious network activities. Numerous papers have scrutinized the security of ML-based NIDS ML-NIDS by testing them against various attacks involving adversarial perturbations. The...

CNNVD•added 2026/05/22 12:0 a.m.•5 views

CIOP-PIB STER SQL注入漏洞

CIOP-PIB STER is a occupational safety and human factors risk assessment software system developed by the Polish company CIOP-PIB. Versions of CIOP-PIB STER prior to version 9.5 contained a SQL injection vulnerability. This vulnerability stemmed from improper handling of multiple search filter...

8.7CVSS5.8AI score0.00034EPSS