CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-22154

Malicious code in bioql PyPI...

7.6CVSS6.3AI score0.00235EPSS

Exploits0References5

RedhatCVE•added 2025/07/23 9:32 p.m.•3 views

CVE-2025-53528

Cadwyn creates production-ready community-driven modern Stripe-like API versioning in FastAPI. In versions before 5.4.3, the version parameter of the "/docs" endpoint is vulnerable to a Reflected XSS Cross-Site Scripting attack. This XSS would notably allow an attacker to execute JavaScript code ...

7.6CVSS5.8AI score0.00235EPSS

Exploits0References1

PyPA•added 2025/07/21 9:15 p.m.•8 views

PYSEC-2025-71

7.6CVSS6.8AI score0.00235EPSS

Exploits0References2Affected Software1

OSV•added 2025/07/21 9:15 p.m.•5 views

PYSEC-2025-71

7.6CVSS5.7AI score0.00235EPSS

Exploits0References2

NVD•added 2025/07/21 9:15 p.m.•4 views

CVE-2025-53528

7.6CVSS0.00235EPSS

Exploits0References2

Snyk•added 2025/07/21 8:45 p.m.•4 views

Cross-site Scripting (XSS)

Overview cadwyn is a Production-ready community-driven modern Stripe-like API versioning in FastAPI Affected versions of this package are vulnerable to Cross-site Scripting XSS via the version parameter of the /docs endpoint. An attacker can execute arbitrary JavaScript code in a user's browser b...

7.6CVSS5.4AI score0.00235EPSS

Exploits0References3

OSV•added 2025/07/21 8:15 p.m.•4 views

CVE-2025-53528 Cadwyn is vulnerable to an XSS attack through its docs page

7.6CVSS6.5AI score0.00235EPSS

Exploits0References4

Cvelist•added 2025/07/21 8:15 p.m.•9 views

CVE-2025-53528 Cadwyn is vulnerable to an XSS attack through its docs page

7.6CVSS0.00235EPSS

Exploits0References2

CVE•added 2025/07/21 8:15 p.m.•22 views

CVE-2025-53528

Cadwyn (FastAPI-based API versioning tool) is affected by CVE-2025-53528 due to a Reflected XSS vulnerability in the version parameter of the /docs endpoint. The issue allows an attacker to execute JavaScript in a user’s session via a crafted link. The vulnerability is fixed in version 5.4.3; rem...

7.6CVSS5.8AI score0.00235EPSS

Exploits0References2

Vulnrichment•added 2025/07/21 8:15 p.m.•2 views

CVE-2025-53528 Cadwyn is vulnerable to an XSS attack through its docs page

7.6CVSS5.8AI score0.00235EPSS

Exploits0References2

OSV•added 2025/07/21 2:8 p.m.•3 views

GHSA-2GXP-6R36-M97R Cadwyn vulnerable to XSS on the docs page

Summary The version parameter of the /docs endpoint is vulnerable to a Reflected XSS Cross-Site Scripting attack. PoC 1. Setup a minimal app following the quickstart guide: https://docs.cadwyn.dev/quickstart/setup/ 2. Click on the following PoC link:...

7.6CVSS6.2AI score0.00235EPSS

Exploits0References6

Github Security Blog•added 2025/07/21 2:8 p.m.•6 views

Cadwyn vulnerable to XSS on the docs page

7.6CVSS6.3AI score0.00235EPSS

Exploits0References6Affected Software1

Positive Technologies•added 2025/07/21 12:0 a.m.•2 views

PT-2025-30307 · Fastapi +1 · Fastapi +1

Name of the Vulnerable Software and Affected Versions: Cadwyn versions 5.4.3 and below Description: Cadwyn is a production-ready, community-driven, modern Stripe-like API versioning tool in FastAPI. The version parameter of the /docs endpoint is susceptible to a Reflected Cross-Site Scripting XSS...

7.6CVSS5.9AI score0.00235EPSS

Exploits0References13

CNNVD•added 2025/07/21 12:0 a.m.•2 views

Cadwyn 跨站脚本漏洞

Cadwyn is an API version control application by the individual developer Stanislav Zmiev. A cross-site scripting vulnerability exists in Cadwyn 5.4.3 and earlier versions, which stems from insufficient validation of the /docs endpoint version parameter input and could lead to a reflective...

7.6CVSS5.8AI score0.00235EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by