Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

ATTACKERKB
ATTACKERKBadded 3 days ago5 views

CVE-2026-35212

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Versions prior to 7.260227.0 are vulnerable to XSS in the rendering of email-message observable body data. The content of the body field isn't appropriately sanitized when being rendered. Does...

5.3CVSS5.8AI score0.00047EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/03/31 9:16 p.m.2 views

CVE-2026-34405

Nuxt OG Image generates OG Images with Vue templates in Nuxt. Prior to version 6.2.5, the image‑generation component by the URI: /og/d/ and, in older versions, /og-image/ contains a vulnerability that allows injection of arbitrary attributes into the HTML page body. This issue has been patched in...

6.1CVSS5.9AI score0.00038EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/03/31 12:0 a.m.3 views

PT-2026-29373

Name of the Vulnerable Software and Affected Versions cpp-httplib versions prior to 0.40.0 Description cpp-httplib is vulnerable to HTTP Request Smuggling. The server's static file handler serves GET responses without consuming the request body. On HTTP/1.1 keep-alive connections, the unread body...

7.4CVSS5.9AI score0.00066EPSS
Exploits2References14
Snyk
Snykadded 2026/03/16 3:30 p.m.1 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the Chatter Message Handler process. An attacker can inject and execute arbitrary scripts by manipulating the subject or body arguments. Details Cross-site scripting or XSS is a code vulnerability that occurs...

5.1CVSS5.7AI score0.00015EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-31340

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00834EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2022/03/29 12:0 a.m.263 views

CentOS 7 : httpd (RHSA-2022:1045)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:1045 advisory. - Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP...

9.8CVSS8.4AI score0.27458EPSS
Exploits0References2
Veracode
Veracodeadded 2019/04/25 6:54 a.m.9 views

Arbitrary File Read

koa-body is vulnerable to arbitrary file read. The vulnerability exists as it is possible to copy a file that exists outside of the web server's scope, into the /public directory which can be publicly read...

6.8AI score
Exploits0
Hacker One
Hacker Oneadded 2018/04/10 6:44 p.m.109 views

Open-Xchange: [XSS] select/onchange in TinyMCE via set body

Hi. TinyMCE allow insert . For set this content need special link: mailto:aaa?body=. Steps: 1. Go to compose mail 2. Insert URL: mailto:aaa?body=%3Cselect%20onchange%3D%22alertdocument.cookie%22%3E%3Coption%3E2%3C%2Foption%3E%3Coption%3E2%3C%2Foption%3E%3C%2Fselect%3E 3. Save Mail 4. Open this ma...

0.5AI score
Exploits0
Rows per page
Query Builder