CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3912 matches found

Positive Technologies•added 2026/05/29 12:0 a.m.•4 views

PT-2026-47577

Summary defaultSandboxPrepareStackTrace in lib/setup-sandbox.js lines 605, 607 appends to a fresh sandbox-realm lines = via lineslines.length = value. This is the exact invariant-violating pattern that GHSA-9qj6-qjgg-37qq commit ca195f0, 2026-05-01 just patched in neutralizeArraySpeciesBatch and...

2.1CVSS5.4AI score

Exploits0References5

GithubExploit•added 2026/05/28 4:47 p.m.•63 views

Exploit for Incorrect Privilege Assignment in Litespeedtech Litespeed_Cpanel_Plugin

CVE-2026-48172 - LiteSpeed cPanel Plugin Vulnerability Auditor...

10CVSS6AI score0.07956EPSS

Exploits1

RedhatCVE•added 2026/05/28 1:19 p.m.•6 views

CVE-2026-46214

A flaw was found in the Linux kernel's vsock/virtio component. This vulnerability occurs when virtiotransportrecvlisten calls skacceptqadded before transport validation, leading to a permanent increment of the skackbacklog counter if transport assignment fails. A remote attacker could exploit thi...

5.5CVSS5.7AI score0.00032EPSS

Exploits0References4

Vulnrichment•added 2026/05/27 4:58 p.m.•9 views

CVE-2026-48150 Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/assign

Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-budibase-app-id header. That check admits both global builders and workspace-scoped builders...

9CVSS5.8AI score0.00064EPSS

Exploits0References1

NVD•added 2026/05/27 2:17 p.m.•7 views

CVE-2026-46048

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix usbdev refcount leak on probe failure createcard takes a reference on the USB device with usbgetdev and stores the matching usbputdev in cardfree, which is installed as the sndcard's -privatefree destructor...

0.00032EPSS

Exploits0References8

EUVD•added 2026/05/27 12:57 p.m.•6 views

EUVD-2026-32430

5.8AI score0.00032EPSS

Exploits0References5

NVD•added 2026/05/27 11:16 a.m.•7 views

CVE-2026-42758

Incorrect Privilege Assignment vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through 4.08.253...

9.8CVSS0.00054EPSS

Exploits0References1

EUVD•added 2026/05/27 9:49 a.m.•5 views

EUVD-2026-32207

Incorrect Privilege Assignment vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through 4.08.253...

9.8CVSS5.8AI score0.00054EPSS

Exploits0References1

ATTACKERKB•added 2026/05/27 9:49 a.m.•4 views

CVE-2026-42758

Incorrect Privilege Assignment vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through 4.08.253...

9.8CVSS5.8AI score0.00054EPSS

Exploits0References2

CVE•added 2026/05/27 9:49 a.m.•17 views

CVE-2026-42758

CVE-2026-42758 is a privilege-escalation vulnerability in the WordPress WebinarIgnition plugin (Saleswonder Team: Tobias WebinarIgnition). The issue is described as Incorrect Privilege Assignment and affects WebinarIgnition versions before 4.08.253. The vulnerability is categorized with a high/cr...

9.8CVSS5.8AI score0.00054EPSS

Exploits0References1

Vulnrichment•added 2026/05/27 9:49 a.m.•6 views

CVE-2026-42731 WordPress miniorange otp verification plugin <= 5.4.9 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in miniOrange miniorange otp verification miniorange-otp-verification allows Privilege Escalation.This issue affects miniorange otp verification: from n/a through = 5.4.9...

9.8CVSS5.8AI score0.00054EPSS

Exploits0References1

CVE•added 2026/05/27 9:49 a.m.•13 views

CVE-2026-42731

CVE-2026-42731 affects the WordPress plugin miniorange OTP verification (miniorange-otp-verification) up to and including version 5.4.9. Root cause: Incorrect Privilege Assignment leading to Privilege Escalation . Affected component: the plugin’s privilege handling; impact is described as high (c...

9.8CVSS5.8AI score0.00054EPSS

Exploits0References1

EUVD•added 2026/05/27 9:49 a.m.•6 views

EUVD-2026-32177

9.8CVSS5.8AI score0.00054EPSS

Exploits0References1

Positive Technologies•added 2026/05/27 12:0 a.m.•6 views

PT-2026-43643

9.8CVSS5.8AI score0.00054EPSS

Exploits0References2

Positive Technologies•added 2026/05/27 12:0 a.m.•4 views

PT-2026-43666

Incorrect Privilege Assignment vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through 4.08.253...

9.8CVSS5.8AI score0.00054EPSS

Exploits0References2

Redos•added 2026/05/27 12:0 a.m.•11 views

ROS-20260527-73-0005

Vulnerability in openbao related to security token assignment restriction errors. Exploitation of the vulnerability could allow an attacker to escalate their privileges...

2.7CVSS5.8AI score0.0005EPSS

Exploits0

Vulnrichment•added 2026/05/25 10:30 p.m.•6 views

CVE-2026-45216 WordPress Smart Manager plugin <= 8.85.0 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in StoreApps Smart Manager allows Privilege Escalation. This issue affects Smart Manager: from n/a through 8.85.0...

8.8CVSS5.8AI score0.00044EPSS

Exploits0References1

Cvelist•added 2026/05/25 10:30 p.m.•17 views

CVE-2026-45216 WordPress Smart Manager plugin <= 8.85.0 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in StoreApps Smart Manager allows Privilege Escalation. This issue affects Smart Manager: from n/a through 8.85.0...

8.8CVSS0.00044EPSS

Exploits0References1

EUVD•added 2026/05/25 10:30 p.m.•5 views

EUVD-2026-31767

Incorrect Privilege Assignment vulnerability in StoreApps Smart Manager allows Privilege Escalation. This issue affects Smart Manager: from n/a through 8.85.0...

8.8CVSS5.8AI score0.00044EPSS

Exploits0References1

CVE•added 2026/05/25 10:30 p.m.•12 views

CVE-2026-45216

CVE-2026-45216 affects WordPress Smart Manager plugin (

8.8CVSS5.8AI score0.00044EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by