Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

160571 matches found

GithubExploit
GithubExploitadded 6 days ago101 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 - React2Shell Pre-authentication RCE in Reac...

10CVSS8.6AI score0.99562EPSS
Exploits366
EUVD
EUVDadded 6 days ago9 views

EUVD-2026-36653

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability CWE-287 in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 administrator in response to any HTTP POST request that supplie...

9.8CVSS5.7AI score0.00548EPSS
Exploits0References4
CVE
CVEadded 6 days ago21 views

CVE-2026-12183

CVE-2026-12183 affects Nefteprodukttekhnika BUK TS-G Gas Station Automation System versions 2.9.1–2.10.2 on Linux. The vulnerability is an improper authentication (CWE-287) in the system configuration module: the /php/ajax-login.php endpoint can return userid=1 (administrator) for any HTTP POST w...

9.8CVSS5.7AI score0.00548EPSS
Exploits0References4
Cvelist
Cvelistadded 6 days ago19 views

CVE-2026-12183

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability CWE-287 in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 administrator in response to any HTTP POST request that supplie...

9.8CVSS0.00548EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 6 days ago5 views

CVE-2026-12183

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability CWE-287 in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 administrator in response to any HTTP POST request that supplie...

9.8CVSS5.6AI score0.00548EPSS
Exploits0References4
GithubExploit
GithubExploitadded 6 days ago87 views

Exploit for Memory Allocation with Excessive Size Value in Apache Http_Server

CVE-2026-49975 HTTP/2 Bomb Complete Reproduction Guide Bas...

7.5CVSS5.5AI score0.01313EPSS
Exploits6
GithubExploit
GithubExploitadded 6 days ago104 views

Exploit for Authentication Bypass Using an Alternate Path or Channel in Gitlab

CVE-2025-4524...

9.8CVSS8.2AI score0.09094EPSS
Exploits5
GithubExploit
GithubExploitadded 6 days ago65 views

Exploit for Embedded Malicious Code in Tukaani Xz

XZ Backdoor Labs CVE-2024-3094 Safe, hands-on labs for...

10CVSS8.7AI score0.85974EPSS
Exploits39
SUSE CVE
SUSE CVEadded 6 days ago5 views

SUSE CVE-2026-45446

Issue summary: The implementations of AES-SIV RFC 5297 and AES-GCM-SIV RFC 8452 mishandle the authentication of AAD Additional Authenticated Data with an empty ciphertext allowing a forgery of such messages. Impact summary: An attacker can forge empty messages with arbitrary AAD to the victim's...

5.3CVSS5.7AI score0.0021EPSS
Exploits0References9
EUVD
EUVDadded 6 days ago6 views

EUVD-2026-36634

Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to execute arbitrary script on affected installations of Allegra. User interaction is required to exploit this vulnerability in that the target must visit a malicious pa...

4.6CVSS5.3AI score0.00225EPSS
Exploits0References3
NVD
NVDadded 6 days ago12 views

CVE-2026-11443

Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to execute arbitrary script on affected installations of Allegra. User interaction is required to exploit this vulnerability in that the target must visit a malicious pa...

4.6CVSS0.00225EPSS
Exploits0References2
NVD
NVDadded 6 days ago10 views

CVE-2026-11442

Allegra exportReport Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

6.5CVSS0.01254EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 6 days ago6 views

PT-2026-49099

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability CWE-287 in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 administrator in response to any HTTP POST request that supplie...

9.8CVSS5.6AI score0.00548EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 6 days ago8 views

PT-2026-49080

Name of the Vulnerable Software and Affected Versions Store Locator WordPress plugin versions prior to 1.6.9 Description Insufficient validation of a parameter used in a file path allows high-privileged users, such as administrators, to read arbitrary .php files from the server. This can lead to...

3.4CVSS5.5AI score0.00264EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 6 days ago10 views

PT-2026-49092

Glances 4.5.5 is release ! https://preview.redd.it/nr4odffe827h1.png?width=1909&format=png&auto=webp&s=5d337a845f700576ab19a9becce3e49de1cd1391 Quick test with uvx: uvx -U glances Bugs corrected: /api/4/containers stays 4-5s with 60 Docker containers 3559 Crash when using --sparkline 3547 VMs...

5.8AI score0.00044EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 6 days ago8 views

PT-2026-49095

Glances 4.5.5 is release ! https://preview.redd.it/nr4odffe827h1.png?width=1909&format=png&auto=webp&s=5d337a845f700576ab19a9becce3e49de1cd1391 Quick test with uvx: uvx -U glances Bugs corrected: /api/4/containers stays 4-5s with 60 Docker containers 3559 Crash when using --sparkline 3547 VMs...

5.8AI score0.00044EPSS
Exploits0References1
Mageia
Mageiaadded last week10 views

Updated memcached packages fix security vulnerabilities

CVE-2026-47784 In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass. CVE-2026-47783 In memcached before 1.6.42, username data for SASL password database authentication has a timing side...

8.1CVSS5.4AI score0.01143EPSS
Exploits0References2
OSV
OSVadded last week3 views

MGASA-2026-0203 Updated memcached packages fix security vulnerabilities

CVE-2026-47784 In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by saslserveruserdbcheckpass. CVE-2026-47783 In memcached before 1.6.42, username data for SASL password database authentication has a timing side...

8.1CVSS5.2AI score0.01143EPSS
Exploits0References3
Cvelist
Cvelistadded last week25 views

CVE-2026-11443 Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability

Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to execute arbitrary script on affected installations of Allegra. User interaction is required to exploit this vulnerability in that the target must visit a malicious pa...

4.6CVSS0.00225EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded last week4 views

CVE-2026-11443 Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability

Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to execute arbitrary script on affected installations of Allegra. User interaction is required to exploit this vulnerability in that the target must visit a malicious pa...

4.6CVSS5.7AI score0.00225EPSS
Exploits0References2
Rows per page
Query Builder