Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9653 matches found

ATTACKERKB
ATTACKERKBadded 2026/05/15 12:58 p.m.8 views

CVE-2026-46333

In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an...

7.1CVSS5.8AI score0.01527EPSS
Exploits5References9Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/15 12:58 p.m.11 views

CVE-2026-46333 ptrace: slightly saner 'get_dumpable()' logic

In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an...

7.1CVSS5.8AI score0.01527EPSS
Exploits5References8
Cvelist
Cvelistadded 2026/05/15 12:58 p.m.44 views

CVE-2026-46333 ptrace: slightly saner 'get_dumpable()' logic

In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'getdumpable' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an...

7.1CVSS0.01527EPSS
Exploits5References8
CVE
CVEadded 2026/05/15 12:58 p.m.170 views

CVE-2026-46333

CVE-2026-46333 concerns a logic bug in the Linux kernel’s ptrace access check (__ptrace_may_access). When a thread lacks an MM pointer, ptrace_may_access uses a cached “last dumpable” flag, which can be bypassed by CAP_SYS_PTRACE to override. This can enable local privilege escalation or informat...

7.1CVSS5.8AI score0.01527EPSS
Exploits5References14
NVD
NVDadded 2026/05/15 9:16 a.m.25 views

CVE-2026-4683

The Smartcat Translator for WPML plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'routeData' REST endpoint in all versions up to, and including, 3.1.77. This makes it possible for unauthenticated attackers to overwrite the plugin's...

6.5CVSS0.00262EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/15 7:46 a.m.16 views

EUVD-2026-30515

The Smartcat Translator for WPML plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'routeData' REST endpoint in all versions up to, and including, 3.1.77. This makes it possible for unauthenticated attackers to overwrite the plugin's...

6.5CVSS5.8AI score0.00262EPSS
Exploits0References4
NVD
NVDadded 2026/05/15 7:16 a.m.18 views

CVE-2026-4094

The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'adminhead' function in all versions up to, and including, 1.4.5. This makes it possible for authenticated attackers, with Contributor-lev...

8.1CVSS0.00273EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/15 6:45 a.m.47 views

CVE-2026-4094 FOX – Currency Switcher Professional for WooCommerce <= 1.4.5 - Missing Authorization to Authenticated (Contributor+) Configuration Deletion

The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'adminhead' function in all versions up to, and including, 1.4.5. This makes it possible for authenticated attackers, with Contributor-lev...

8.1CVSS0.00273EPSS
Exploits0References4
CVE
CVEadded 2026/05/15 6:45 a.m.11 views

CVE-2026-4094

The FOX – Currency Switcher Professional for WooCommerce WordPress plugin (versions up to and including 1.4.5) is affected by an unauthorized data-loss vulnerability due to a missing capability check on the admin_head function, enabling authenticated attackers with Contributor-level access (and s...

8.1CVSS5.7AI score0.00273EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/15 12:0 a.m.9 views

PT-2026-41298

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.8 Linux kernel versions prior to 6.18.31 Linux kernel versions prior to 6.12.89 Linux kernel versions prior to 6.6.139 Linux kernel versions prior to 6.1.173 Linux kernel versions prior to 5.15.207 Linux kern...

7.1CVSS6.4AI score0.01527EPSS
Exploits5
Positive Technologies
Positive Technologiesadded 2026/05/15 12:0 a.m.10 views

PT-2026-41268

The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'admin head' function in all versions up to, and including, 1.4.5. This makes it possible for authenticated attackers, with...

8.1CVSS5.7AI score0.00273EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/14 6:44 a.m.3 views

CVE-2026-6510

The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation via missing authorization in all versions up to, and including, 5.1.2. This is due to missing nonce verification and capability checks in the iwarsaverecipe AJAX handler. This makes it possible for unauthenticated...

9.8CVSS5.8AI score0.00439EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/05/14 6:44 a.m.8 views

CVE-2026-6510 InfusedWoo Pro <= 5.1.2 - Unauthenticated Missing Authorization to Privilege Escalation via 'iwar_save_recipe'

The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation via missing authorization in all versions up to, and including, 5.1.2. This is due to missing nonce verification and capability checks in the iwarsaverecipe AJAX handler. This makes it possible for unauthenticated...

9.8CVSS5.8AI score0.00439EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/14 6:44 a.m.7 views

EUVD-2026-30255

The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation via missing authorization in all versions up to, and including, 5.1.2. This is due to missing nonce verification and capability checks in the iwarsaverecipe AJAX handler. This makes it possible for unauthenticated...

9.8CVSS5.8AI score0.00439EPSS
Exploits0References2
NVD
NVDadded 2026/05/14 6:16 a.m.7 views

CVE-2026-3829

The WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'wplebasicgetrequests' function in all versions up to, and including, 7.8.5.10. This makes...

5.4CVSS0.00143EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/05/14 5:30 a.m.6 views

CVE-2026-3829

The WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'wplebasicgetrequests' function in all versions up to, and including, 7.8.5.10. This makes...

5.4CVSS5.8AI score0.00143EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/14 5:30 a.m.6 views

EUVD-2026-30228

The WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'wplebasicgetrequests' function in all versions up to, and including, 7.8.5.10. This makes...

5.4CVSS5.8AI score0.00143EPSS
Exploits0References3
CVE
CVEadded 2026/05/14 5:30 a.m.9 views

CVE-2026-3829

The WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan plugin for WordPress is affected by CVE-2026-3829 due to missing capability checks in wple_basic_get_requests across all versions up to 7.8.5.10. This allows authenticated users with subscriber-level ac...

5.4CVSS5.8AI score0.00143EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/05/14 12:0 a.m.8 views

PT-2026-40865

The WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'wple basic get requests' function in all versions up to, and including, 7.8.5.10. This...

5.4CVSS5.8AI score0.00143EPSS
Exploits0References4
NVD
NVDadded 2026/05/13 2:17 p.m.4 views

CVE-2026-4609

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the pminviteuser function in all versions up to, and including, 5.9.8.4. This makes it possible for authenticated attackers, with Subscriber-level...

7.1CVSS0.00219EPSS
Exploits0References4
Rows per page
Query Builder