CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/05/28 12:0 a.m.•5 views

PT-2026-44204

5.3CVSS5.9AI score0.0004EPSS

Exploits0References6

CNNVD•added 2026/05/28 12:0 a.m.•6 views

Mantis Bug Tracker 跨站脚本漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker prior to 2.28.2 contained a cross-site scripting vulnerability. This vulnerability occurred when using the showinline=1 parameter and a valid CSRF token, allowing attackers to...

7.5CVSS5.8AI score0.00072EPSS

Exploits0References4

NVD•added 2026/05/27 6:16 p.m.•11 views

CVE-2026-46426

Budibase is an open-source low-code platform. Prior to 3.38.2, the file upload endpoint POST /api/attachments/process does not enforce active-content restrictions for authenticated users. The checks for dangerous file extensions are conditionally wrapped inside if isPublicUser or if isPublicUser ...

7.6CVSS0.00033EPSS

EUVD•added 2026/05/27 2:37 p.m.•5 views

EUVD-2026-32532

Webmin before 2.640 does not safely construct a filename for saving of an attachment within the mailboxes component. This occurs in mailboxes/detachall.cgi...

9.4CVSS5.8AI score0.00051EPSS

Positive Technologies•added 2026/05/27 12:0 a.m.•5 views

PT-2026-44031

Webmin before 2.640 does not safely construct a filename for saving of an attachment within the mailboxes component. This occurs in mailboxes/detachall.cgi...

9.4CVSS5.8AI score0.00051EPSS

Exploits0References3

CNNVD•added 2026/05/27 12:0 a.m.•4 views

Webmin 跨站脚本漏洞

Webmin is a set of web-based system management tools for Unix-like operating systems, developed by the Webmin community. Versions of Webmin prior to 2.640 contained a cross-site scripting vulnerability. This vulnerability occurred when viewing SVG document attachments in the mailboxes component,...

6.1CVSS5.6AI score0.00031EPSS

RedhatCVE•added 2026/05/26 8:14 p.m.•8 views

CVE-2026-4915

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to filter nil elements from outgoing webhook attachment payloads before processing, which allows an authenticated user to cause a denial of service server process termination via a crafted webhook...

Vulnrichment•added 2026/05/26 7:49 p.m.•6 views

CVE-2026-44844 eml_parser: Recursion DoS via nested message/rfc822 attachments

emlparser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to 3.0.1, EmlParser.getrawbodytext recurses unconditionally for every nested message/rfc822 attachment without any depth limit. An attacker who ca...

6.3CVSS5.8AI score0.0002EPSS

Cvelist•added 2026/05/26 7:49 p.m.•28 views

CVE-2026-44844 eml_parser: Recursion DoS via nested message/rfc822 attachments

6.3CVSS0.0002EPSS

CNNVD•added 2026/05/26 12:0 a.m.•5 views

eml_parser 安全漏洞

EmlParser is an open-source Python library for parsing email files, developed by GOVCERT.LU. Versions of EmlParser prior to 3.0.1 contained security vulnerabilities. These vulnerabilities stemmed from the use of EmlParser.getrawbodytext, which performed unrestricted recursive processing on nested...

6.3CVSS5.8AI score0.0002EPSS

NVD•added 2026/05/25 8:16 a.m.•11 views

CVE-2026-4915

6.5CVSS0.00047EPSS

Cvelist•added 2026/05/25 7:10 a.m.•33 views

CVE-2026-4915 Server panic via outgoing webhook responses

6.5CVSS0.00047EPSS

EUVD•added 2026/05/25 7:10 a.m.•8 views

EUVD-2026-31646

ATTACKERKB•added 2026/05/25 7:10 a.m.•8 views

CVE-2026-4915

Exploits0References2Affected Software1

CNNVD•added 2026/05/25 12:0 a.m.•5 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability in Mattermost versions 11.6.0 and prior to 11.6.x, 11.5.3 and prior to 11.5.x, 11.4.4 and prior to 11.4.x, and 10.11.14 and prior to 10.11.x, which stems from a failure to filt...