CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36380 matches found

ATTACKERKB•added 2026/02/27 8:54 a.m.•4 views

CVE-2026-21657

Improper Control of Generation of Code 'Code Injection' vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication...

9.8CVSS6AI score0.00138EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/02/27 8:54 a.m.•2 views

CVE-2026-21657 Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution

8.8CVSS5.8AI score0.00138EPSS

Exploits0References2

Cvelist•added 2026/02/27 8:54 a.m.•16 views

CVE-2026-21657 Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution

8.8CVSS0.00138EPSS

Exploits0References2

ATTACKERKB•added 2026/02/27 8:47 a.m.•3 views

CVE-2026-21656

9.8CVSS6AI score0.00138EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/02/27 8:47 a.m.•16 views

CVE-2026-21656 Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution

8.8CVSS0.00138EPSS

Exploits0References2

Vulnrichment•added 2026/02/27 8:47 a.m.•1 views

CVE-2026-21656 Johnson Controls -Frick Quantum HD- Unauthenticated Remote Code Execution

8.8CVSS5.8AI score0.00138EPSS

Exploits0References2

Positive Technologies•added 2026/02/27 12:0 a.m.•1 views

PT-2026-24944

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.2.19-2 Description A flaw exists in the applySkillConfigenvOverrides function within the Skill Env Handler component. This issue allows for code injection when a manipulation is executed remotely. The issue arises becaus...

8.8CVSS6.6AI score0.00117EPSS

Exploits0References16

CNNVD•added 2026/02/27 12:0 a.m.•6 views

Statamic 代码注入漏洞

Statamic is a powerful flat-file CMS built using Laravel by Statamic Inc. It allows all content, templates, assets, and settings to be stored in files rather than in a database. Versions of Statamic 5.73.11 and earlier, as well as 6.4.0 and earlier, had a code injection vulnerability. This...

8CVSS6AI score0.00188EPSS

Exploits0References4

Positive Technologies•added 2026/02/27 12:0 a.m.•5 views

PT-2026-22323

Name of the Vulnerable Software and Affected Versions Johnson Controls Frick Controls Quantum HD versions 10.22 and prior Description A flaw exists in Johnson Controls Frick Controls Quantum HD that allows code injection. Insufficient input validation in certain parameters may permit unexpected...

9.8CVSS6AI score0.00138EPSS

Exploits0References7

CNNVD•added 2026/02/27 12:0 a.m.•4 views

HTTP::Session2 安全漏洞

HTTP::Session2 is a Perl package developed by Tokuhiro Matsuno. Versions of HTTP::Session2 prior to 1.09 contained security vulnerabilities. These vulnerabilities stemmed from the lack of verification of the session ID format provided by users, which could lead to code injection or other issues...

6.5CVSS5.9AI score0.00019EPSS

Exploits0References5

CNNVD•added 2026/02/27 12:0 a.m.•3 views

Johnson Controls Frick Controls Quantum HD 安全漏洞

Johnson Controls Frick Controls Quantum HD is a high-end microprocessor control panel designed specifically for industrial refrigeration systems by Johnson Controls. The version 10.22 and earlier of Johnson Controls Frick Controls Quantum HD contained security vulnerabilities, which were caused b...

9.8CVSS5.9AI score0.00138EPSS

Exploits0References2

CNNVD•added 2026/02/27 12:0 a.m.•3 views

Johnson Controls Frick Controls Quantum HD 安全漏洞

9.8CVSS5.9AI score0.00138EPSS

Exploits0References2

Positive Technologies•added 2026/02/27 12:0 a.m.•4 views

PT-2026-22322

Name of the Vulnerable Software and Affected Versions Johnson Controls Frick Controls Quantum HD versions 10.22 and prior Description A flaw exists in Johnson Controls Frick Controls Quantum HD that allows for code injection. Insufficient input validation in certain parameters may allow for...

9.8CVSS6AI score0.00138EPSS

Exploits0References7

CNNVD•added 2026/02/27 12:0 a.m.•4 views

SourceCodester Doctor Appointment System 代码注入漏洞

SourceCodester Doctor Appointment System is an open-source application developed by SourceCodester. It provides a scheduling feature. Version 1.0 of the SourceCodester Doctor Appointment System has a code injection vulnerability. This vulnerability stems from incorrect handling of the parameter...

6.1CVSS5.7AI score0.00015EPSS

Exploits1References6

EUVD•added 2026/02/26 9:31 p.m.•6 views

EUVD-2026-8873

Improper Neutralization of Special Elements Used in a Template Engine CWE-1336 exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery SSRF via Code Injection CAPEC-242. This requires an...

8.6CVSS5.7AI score0.00074EPSS

Exploits0References2

NVD•added 2026/02/26 8:31 p.m.•3 views

CVE-2026-27510

Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application com.unitree.doggo2, are vulnerable to remote code execution due to missing integrity protection and validation of user-created programmes. The Android application stores programs in a local SQLi...

9.6CVSS0.00136EPSS

Exploits1References3

NVD•added 2026/02/26 7:32 p.m.•3 views

CVE-2026-26938

8.6CVSS0.00074EPSS

Exploits0References1

OSV•added 2026/02/26 7:32 p.m.•1 views

CVE-2026-26938

7.7CVSS5.9AI score

Exploits0References1

Vulnrichment•added 2026/02/26 6:56 p.m.•7 views

CVE-2026-27510 Unitree Go2 Mobile Program Tampering Enables Root RCE

9.6CVSS6.7AI score0.00136EPSS

Exploits1References3

Cvelist•added 2026/02/26 5:56 p.m.•19 views

CVE-2026-26938 Improper Neutralization of Special Elements Used in a Template Engine in Kibana Workflows Leading to Server-Side Request Forgery (SSRF)

8.6CVSS0.00074EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by