Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1086 matches found

OSV
OSVadded 2 days ago3 views

USN-8429-1 fastnetmon vulnerabilities

It was discovered that FastNetMon incorrectly validated prefix lengths when decoding BGP NLRI data. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. CVE-2026-48686 It was...

9.8CVSS6.2AI score0.0141EPSS
Exploits2References6
OSV
OSVadded 2 days ago3 views

USN-8405-2 cups regression

USN-8405-1 fixed vulnerabilities in CUPS. The update introduced a regression that cause CUPS to crash when parsing certain large printer PPD files. This update fixes the problem. Original advisory details: Ariel Silver discovered that CUPS incorrectly handled username comparisons during...

6.3AI score
Exploits0References2
OSV
OSVadded 6 days ago4 views

RLSA-2026:24370 Important: frr10 security update

FRRouting is free software that manages TCP/IP based routing protocols. It takes a multi-server and multi-threaded approach to resolve the current complexity of the Internet. FRRouting supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. FRRouting is a fork of Quagga...

7.5CVSS5.3AI score0.00263EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 6 days ago8 views

CVE-2026-9019

The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'gridpropertiesborderColor' and 'gridimagesNattachmenturl' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.6AI score0.00201EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 6 days ago5 views

RockyLinux 9 : frr10 (RLSA-2026:24370)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:24370 advisory. frr: denial of service via crafted FlowSpec component CVE-2026-37457 frr: denial of service via crafted BGP UPDATE message CVE-2026-37459 Tenable has...

7.5CVSS5.5AI score0.00263EPSS
Exploits0References5
NVD
NVDadded 2026/06/10 8:16 a.m.10 views

CVE-2026-9019

The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'gridpropertiesborderColor' and 'gridimagesNattachmenturl' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00201EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/10 6:48 a.m.34 views

CVE-2026-9019 Easy Image Collage <= 1.13.6 - Authenticated (Author+) Stored Cross-Site Scripting via 'grid[properties][borderColor]' and 'grid[images][N][attachment_url]' Parameters

The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'gridpropertiesborderColor' and 'gridimagesNattachmenturl' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS0.00201EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/10 6:48 a.m.5 views

CVE-2026-9019 Easy Image Collage <= 1.13.6 - Authenticated (Author+) Stored Cross-Site Scripting via 'grid[properties][borderColor]' and 'grid[images][N][attachment_url]' Parameters

The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'gridpropertiesborderColor' and 'gridimagesNattachmenturl' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.6AI score0.00201EPSS
Exploits0References6
CVE
CVEadded 2026/06/10 6:48 a.m.15 views

CVE-2026-9019

CVE-2026-9019 affects the WordPress plugin Easy Image Collage (versions up to and including 1.13.6). The issue is a Stored Cross-Site Scripting (Stored XSS) vulnerability arising from insufficient input sanitization and output escaping in the parameters grid[properties][borderColor] and grid[imag...

6.4CVSS5.6AI score0.00201EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/06/10 12:0 a.m.9 views

PT-2026-48394

The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'gridpropertiesborderColor' and 'gridimagesNattachment url' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.6AI score0.00201EPSS
Exploits0References7
RedHat Linux
RedHat Linuxadded 2026/06/08 11:5 a.m.4 views

frr: denial of service via crafted BGP UPDATE message

A flaw was found in FRRouting FRR. An unauthenticated remote attacker can exploit an integer underflow vulnerability by supplying a specially crafted BGP Border Gateway Protocol UPDATE message. This issue can lead to a Denial of Service DoS...

7.5CVSS5.5AI score0.00263EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/06/08 3:17 a.m.11 views

Important: Red Hat Security Advisory: frr security update

An update for frr is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

7.5CVSS5.5AI score0.00263EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/06/08 3:17 a.m.18 views

frr: denial of service via crafted BGP UPDATE message

A flaw was found in FRRouting FRR. An unauthenticated remote attacker can exploit an integer underflow vulnerability by supplying a specially crafted BGP Border Gateway Protocol UPDATE message. This issue can lead to a Denial of Service DoS...

7.5CVSS5.5AI score0.00263EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/06/05 7:29 p.m.9 views

CVE-2026-20171

A vulnerability in the Border Gateway Protocol BGP enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to trigger BGP peer flaps, resulting in a denial of service DoS condition...

6.8CVSS5.5AI score0.00466EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/05 7:21 p.m.8 views

CVE-2026-41642

GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. In version 4.3.0, a remote Denial of Service DoS vulnerability exists in GoBGP due to a nil pointer dereference. When a malformed BGP UPDATE message contains an unrecognized Path Attribute marked as...

7.5CVSS5.4AI score0.00503EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/05 7:20 p.m.7 views

CVE-2026-41643

GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service DoS vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during th...

7.5CVSS7.1AI score0.00503EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2026/06/05 3:12 a.m.7 views

SUSE CVE-2026-37462

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References3
EUVD
EUVDadded 2026/06/05 12:31 a.m.9 views

EUVD-2026-34332

A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the function start6rdtunnel of the file /sbin/rc of the component Web UI. Such manipulation of the argument ipv66rdborderrelay leads to os command injection. It is possible to launch the attack remotely. The...

8.6CVSS6.7AI score0.02199EPSS
Exploits0References7
NVD
NVDadded 2026/06/04 10:16 p.m.8 views

CVE-2026-10871

A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the function start6rdtunnel of the file /sbin/rc of the component Web UI. Such manipulation of the argument ipv66rdborderrelay leads to os command injection. It is possible to launch the attack remotely. The...

8.6CVSS0.02199EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/04 10:0 p.m.30 views

CVE-2026-10871 Shibby Tomato Web UI rc start_6rd_tunnel os command injection

A vulnerability has been found in Shibby Tomato 1.28.0000. This vulnerability affects the function start6rdtunnel of the file /sbin/rc of the component Web UI. Such manipulation of the argument ipv66rdborderrelay leads to os command injection. It is possible to launch the attack remotely. The...

8.6CVSS0.02199EPSS
Exploits0References6
Rows per page
Query Builder