Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1085480 matches found

OSV
OSVadded 2026/06/17 9:37 p.m.4 views

MINI-RWCQ-MC3V-FGGQ

Bulletin has no description...

9.1CVSS5AI score0.00466EPSS
Exploits0
OSV
OSVadded 2026/06/17 9:36 p.m.2 views

MINI-8G98-38HV-QC8C

Bulletin has no description...

9.1CVSS4.8AI score0.00392EPSS
Exploits0
Cvelist
Cvelistadded 2026/06/17 9:32 p.m.17 views

CVE-2026-48991 XianYuLauncher: Legacy Microsoft account OAuth sign-in flow lacks PKCE and state validation

XianYuLauncher is a Minecraft Java Edition launcher. In versions prior to 1.5.5, sensitive authentication artifacts could be exposed during a user-initiated login under certain local attack conditions. Affected versions relied on a fixed localhost redirect URI without PKCE or state validation...

5.5CVSS0.00127EPSS
Exploits0References2
OSV
OSVadded 2026/06/17 9:12 p.m.3 views

MINI-2PP5-9P7W-JW9Q

Bulletin has no description...

9.1CVSS4.9AI score0.00397EPSS
Exploits0
OSV
OSVadded 2026/06/17 9:11 p.m.4 views

MINI-J548-8JWF-465H

Bulletin has no description...

7.5CVSS4.9AI score0.00385EPSS
Exploits0
Cvelist
Cvelistadded 2026/06/17 9:5 p.m.16 views

CVE-2026-12530 Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK install_packages()

Improper neutralization of argument delimiters in the installpackages method in AWS Bedrock AgentCore Python SDK versions = 1.1.3 and 1.6.1 might allow a remote authenticated user to execute arbitrary commands within the Code Interpreter sandbox via crafted package name arguments. To mitigate thi...

8.4CVSS0.00302EPSS
Exploits0References2
CVE
CVEadded 2026/06/17 9:5 p.m.50 views

CVE-2026-12530

The issue CVE-2026-12530 affects the AWS Bedrock AgentCore Python SDK install_packages() in versions >= 1.1.3 and

8.4CVSS6AI score0.00302EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/06/17 8:23 p.m.7 views

CVE-2026-12327

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume...

8.1CVSS5.7AI score0.00407EPSS
Exploits0References5
OSV
OSVadded 2026/06/17 8:17 p.m.5 views

DEBIAN-CVE-2026-55200

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

9.8CVSS6AI score0.00922EPSS
Exploits3References1
OSV
OSVadded 2026/06/17 8:17 p.m.3 views

ALPINE-CVE-2026-55200

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

9.8CVSS6.2AI score0.00922EPSS
Exploits3References1
NVD
NVDadded 2026/06/17 8:17 p.m.7 views

CVE-2026-55200

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

9.8CVSS0.00922EPSS
Exploits3References4
NVD
NVDadded 2026/06/17 8:16 p.m.6 views

CVE-2026-11407

Pimcore CMS/DXP version 12.3.8 contains a sandbox bypass vulnerability that allows authenticated administrative attackers to execute arbitrary methods on PHP objects by exploiting empty checkMethodAllowed and checkPropertyAllowed implementations in the custom Twig SecurityPolicy. Attackers can...

8.6CVSS0.00623EPSS
Exploits0References3
CVE
CVEadded 2026/06/17 8:7 p.m.17 views

CVE-2026-11407

PIMCORE CMS/DXP 12.3.8 contains a sandbox bypass in the Twig SecurityPolicy (checkMethodAllowed and checkPropertyAllowed). Authenticated administrative attackers can craft malicious Twig templates via DataObject ClassDefinition Layout\Text to execute arbitrary PHP object methods, perform file rea...

8.6CVSS6.8AI score0.00623EPSS
Exploits0References3
EUVD
EUVDadded 2026/06/17 8:7 p.m.9 views

EUVD-2026-37795

Pimcore CMS/DXP version 12.3.8 contains a sandbox bypass vulnerability that allows authenticated administrative attackers to execute arbitrary methods on PHP objects by exploiting empty checkMethodAllowed and checkPropertyAllowed implementations in the custom Twig SecurityPolicy. Attackers can...

8.6CVSS6.7AI score0.00623EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/06/17 8:7 p.m.18 views

CVE-2026-11407 Pimcore CMS 12.3.8 Twig Sandbox Bypass via SecurityPolicy checkMethodAllowed

Pimcore CMS/DXP version 12.3.8 contains a sandbox bypass vulnerability that allows authenticated administrative attackers to execute arbitrary methods on PHP objects by exploiting empty checkMethodAllowed and checkPropertyAllowed implementations in the custom Twig SecurityPolicy. Attackers can...

8.6CVSS0.00623EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/06/17 8:3 p.m.6 views

CVE-2026-12328

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory...

8.1CVSS5.7AI score0.0045EPSS
Exploits0References5
EUVD
EUVDadded 2026/06/17 7:3 p.m.8 views

EUVD-2026-37784

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

9.2CVSS5.8AI score0.00922EPSS
Exploits3References3
AlpineLinux
AlpineLinuxadded 2026/06/17 7:3 p.m.5 views

CVE-2026-55200

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

9.8CVSS6.2AI score0.00922EPSS
Exploits3References4
Debian CVE
Debian CVEadded 2026/06/17 7:3 p.m.40 views

CVE-2026-55200

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

9.8CVSS5.9AI score0.00922EPSS
Exploits3
Cvelist
Cvelistadded 2026/06/17 7:3 p.m.21 views

CVE-2026-55200 libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

9.2CVSS0.00922EPSS
Exploits3References3
Rows per page
Query Builder