CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/27 6:31 p.m.•34 views

CVE-2026-47161 RELATE Vulnerable to Remote Code Execution (RCE) via Insecure Celery Pickle Deserialization

8.7CVSS0.00607EPSS

Vulnrichment•added 2026/05/27 6:31 p.m.•6 views

CVE-2026-47161 RELATE Vulnerable to Remote Code Execution (RCE) via Insecure Celery Pickle Deserialization

ATTACKERKB•added 2026/05/27 6:31 p.m.•4 views

CVE-2026-47161

CVE•added 2026/05/27 6:31 p.m.•6 views

Exploits0References3

CVE-2026-47161

RELATE is affected by CVE-2026-47161 due to Celery workers configured to deserialize untrusted pickle data prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb. An attacker who can reach the message broker can execute arbitrary commands on the host, and due to insufficient network isolation i...

EUVD•added 2026/05/27 6:31 p.m.•6 views

EUVD-2026-32628

CNNVD•added 2026/05/27 12:0 a.m.•3 views

RELATE 代码问题漏洞

RELATE is a web-based course package developed by Andreas Klöckner as an individual project. RELATE has code vulnerabilities; these vulnerabilities stem from Celery workers accepting and deserializing untrusted pickle data, which may lead to remote code execution...

8.7CVSS6.2AI score0.00607EPSS

Positive Technologies•added 2026/05/27 12:0 a.m.•6 views

PT-2026-44080

Name of the Vulnerable Software and Affected Versions RELATE versions prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb Description RELATE LMS configures its Celery workers to accept and deserialize untrusted pickle data. Pickle is a Python module used for serializing and deserializing...

vulnersOsv•added 2026/03/31 11:48 p.m.•5 views

Exploits0References4

airduct (>=0.1.13 <=0.1.22), aprsd (>=1.6.0 <=3.4.4) +42 more potentially affected by CVE-2026-34531 via flask-httpauth (>=2.5.0 <=4.8.0)

flask-httpauth PYPI version =2.5.0, =0.1.13, =1.6.0, =1.0.5, =0.0.5, =0.5.0, =4.2.6, =1.0.0, =0.0.28, =0.0.0rc24, =1.0.2, =0.2.2, =3.2.0.0, =2.0.0, =0.1.8.1, =2.2.1 and more Source cves: CVE-2026-34531 Source advisory: OSV:GHSA-P44Q-VQPR-4XMG...

8.2CVSS6AI score0.00024EPSS

OSV•added 2026/02/19 3:30 p.m.•3 views

CVE-2026-25738 Indico has Server-Side Request Forgery (SSRF) in multiple places

Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. Versions prior to 3.3.10 are vulnerable to server-side request forgery. Indico makes outgoing requests to user-provides URLs in various places. This is mostly intentional and part of...

6.9CVSS5.7AI score0.00065EPSS

Exploits0References5

GithubExploit•added 2026/02/04 6:16 p.m.•123 views

Exploit for OS Command Injection in Apache Airflow

Example Build demo stand bash docker-compose up -d...

9.8CVSS8.3AI score0.91588EPSS

Exploits1

RedhatCVE•added 2026/01/09 9:48 a.m.•3 views

CVE-2020-17495

django-celery-results through 1.2.1 stores task results in the database. Among the data it stores are the variables passed into the tasks. The variables may contain sensitive cleartext information that does not belong unencrypted in the database...

7.5CVSS6.4AI score0.00148EPSS

Exploits0References1

Gitee•added 2025/12/08 11:51 p.m.•129 views

漏洞扫描系统

This is a Python web application built using the Flask framework, designed to scan Windows systems for vulnerabilities. The application has several features, including user authentication, task management, and vulnerability scanning. Here is a summary of the key points: User Authentication The...

6.8AI score

vulnersOsv•added 2025/11/26 9:31 p.m.•1 views

tutor-android (>=17.0.0 <=19.0.0), tutor-cairn (>=17.0.0 <=19.0.4) +39 more potentially affected by CVE-2025-65681 via tutor (>=12.2.0 <=19.0.5)

tutor PYPI version =12.2.0, =17.0.0, =17.0.0, =14.0.0, =18.3.0, =18.0.0, =14.0.0rc3, =18.2.8, =14.0.0, =19.0.0, =15.0.0, =18.0.0, =0.1.0, =19.0.0, =19.0.1 and more Source cves: CVE-2025-65681 Source advisory: OSV:GHSA-GQ25-78JF-V78C...

3.3CVSS5.8AI score0.00005EPSS

vulnersOsv•added 2025/11/26 7:41 p.m.•4 views

tutor-android (>=17.0.0 <=21.0.0), tutor-cairn (>=17.0.0 <=21.0.0) +48 more potentially affected by CVE-2025-65681 via tutor (>=12.2.0 <=21.0.6)

tutor PYPI version =12.2.0, =17.0.0, =17.0.0, =0.1.1, =0.2.0, =14.0.0, =18.3.0, =18.0.0, =14.0.0rc3, =18.2.8, =14.0.0, =19.0.0, =14.0.0, =18.0.3 and more Source cves: CVE-2025-65681 Source advisory: SNYK:PYTHON-TUTOR-14135978...

3.3CVSS5.8AI score0.00005EPSS

EUVD•added 2025/11/11 7:44 a.m.•1 views

EUVD-2025-77368

Malicious code in celery-notthedevs npm...

6.6AI score