Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2026/06/10 12:16 a.m.11 views

CVE-2026-41716

Spring Data's internal property-lookup cache accepts and permanently retains attacker-supplied strings as cache keys, allowing heap exhaustion through repeated requests. Affected versions: Spring Data Commons 2.7.0 through 2.7.19; 3.3.0 through 3.3.16; 3.4.0 through 3.4.14; 3.5.0 through 3.5.11;...

7.5CVSS0.00363EPSS
Exploits0References1
CVE
CVEadded 2026/06/09 4:0 a.m.26 views

CVE-2026-41007

Technical details are not publicly available in the provided documents. Monitor for updates.

7.5CVSS5.5AI score0.00299EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2026/06/09 4:0 a.m.11 views

EUVD-2026-35346

Spring HATEOAS maintains an unbounded static cache of StringLinkRelation instances keyed on attacker-supplied strings. Affected versions: Spring HATEOAS 1.5.0 through 1.5.6; 2.3.0 through 2.3.4; 2.4.0 through 2.4.1; 2.5.0 through 2.5.2; 3.0.0 through 3.0.3...

7.5CVSS5.4AI score0.00299EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/06/09 12:0 a.m.12 views

PT-2026-48318

Name of the Vulnerable Software and Affected Versions Spring Data Commons versions 2.7.0 through 2.7.19 Spring Data Commons versions 3.3.0 through 3.3.16 Spring Data Commons versions 3.4.0 through 3.4.14 Spring Data Commons versions 3.5.0 through 3.5.11 Spring Data Commons versions 4.0.0 through...

7.5CVSS5.8AI score0.00363EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/06/09 12:0 a.m.13 views

PT-2026-47645

Name of the Vulnerable Software and Affected Versions Spring HATEOAS versions 1.5.0 through 1.5.6 Spring HATEOAS versions 2.3.0 through 2.3.4 Spring HATEOAS versions 2.4.0 through 2.4.1 Spring HATEOAS versions 2.5.0 through 2.5.2 Spring HATEOAS versions 3.0.0 through 3.0.3 Description Spring...

7.5CVSS5.2AI score0.00299EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/05/12 12:0 a.m.9 views

PT-2026-40537

Name of the Vulnerable Software and Affected Versions protobufjs versions prior to 7.5.6 protobufjs versions prior to 8.0.2 Description protobufjs uses plain objects with inherited prototypes for internal type lookup tables within generated encode and decode functions. If Object.prototype is...

8.1CVSS6AI score0.00499EPSS
Exploits0References9
NVD
NVDadded 2026/05/08 4:16 a.m.14 views

CVE-2026-41501

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux function appends attacker-controlled remote version strings directly into an...

9.8CVSS0.01302EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/05/08 2:51 a.m.31 views

CVE-2026-41501 electerm has Command Injection Vulnerability via runLinux function

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux function appends attacker-controlled remote version strings directly into an...

9.8CVSS0.01302EPSS
Exploits0References3
Rows per page
Query Builder