Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/06/06 12:44 a.m.12 views

CVE-2026-42329

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 contain a weakness where an attacker can misuse it to redirect the user to a malicious website controlled by an attacker. Version 2.4.28 fixes the issue...

4.7CVSS5.5AI score0.00174EPSS
Exploits0References1
CVE
CVEadded 2026/05/25 2:5 p.m.24 views

CVE-2026-9078

Firefox for iOS suffers a rendering issue in link-preview UI where specially crafted RTL and internationalized domain names could cause the displayed domain to visually reorder, making attacker-controlled sites appear as trusted origins. The vulnerability affects the RTL/IDN rendering surface wit...

5.4CVSS5.8AI score0.00199EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/05/12 12:0 a.m.10 views

PT-2026-39930

SAP TAF APPLAUNCHER within Business Server Pages allows an unauthenticated attacker to craft malicious links that, when clicked by a victim, redirects them to attacker?controlled sites, potentially exposing or altering sensitive information in the victim�s browser. This results in a low impact on...

6.1CVSS5.8AI score0.00211EPSS
Exploits0References3
NVD
NVDadded 2026/02/10 4:16 a.m.8 views

CVE-2026-0505

The BSP applications allow an unauthenticated user to manipulate user-controlled URL parameters that are not sufficiently validated. This could result in unvalidated redirection to attacker-controlled websites, leading to a low impact on confidentiality and integrity, and no impact on the...

6.1CVSS0.00211EPSS
Exploits0References2
NVD
NVDadded 2025/10/10 11:15 a.m.3 views

CVE-2025-11190

The Kiwire Captive Portal contains an open redirection issue via the login-url parameter, allowing an attacker to redirect users to an attacker controlled website...

5.4CVSS0.00318EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/10/10 12:0 a.m.4 views

PT-2025-41543

Name of the Vulnerable Software and Affected Versions Kiwire Captive Portal affected versions not specified Description The software contains an open redirection issue. An attacker can redirect users to a website controlled by the attacker through manipulation of the login-url parameter. The...

5.4CVSS6.2AI score0.00318EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/09/05 6:18 p.m.8 views

CVE-2025-20291

A vulnerability in Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to redirect a targeted Webex Meetings user to an untrusted website. Cisco has addressed this vulnerability in the Cisco Webex Meetings service, and no customer action is needed. This vulnerability exist...

6.1CVSS6.9AI score0.00219EPSS
Exploits0References1
OSV
OSVadded 2025/01/21 9:10 p.m.0 views

GHSA-C76H-2CCP-4975 Use of Insufficiently Random Values in undici

Impact Undici fetch uses Math.random to choose the boundary for a multipart/form-data request. It is known that the output of Math.random can be predicted if several of its generated values are known. If there is a mechanism in an app that sends multipart requests to an attacker-controlled websit...

6.8CVSS6.8AI score0.00705EPSS
Exploits0References9
Rows per page
Query Builder