CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.1CVSS5.3AI score0.00747EPSS

PT-2026-50553

e107 is a content management system CMS. Versions 2.3.5 and earlier contain a command injection vulnerability in the ImageMagick resize destination path. In resize image, the source path is escaped with escapeshellarg, but the destination path is inserted inside raw double quotes in the convert...

Exploits0References2

9.3CVSS5.5AI score0.00241EPSS

PT-2026-50417

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VillaTheme GIFT4U allows Blind SQL Injection. This issue affects GIFT4U: from n/a through 1.0.10...

8.5CVSS5.5AI score0.00211EPSS

PT-2026-50423

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in VeronaLabs Slimstat Analytics allows Blind SQL Injection. This issue affects Slimstat Analytics: from n/a through 5.4.11...

9.3CVSS5.5AI score0.00236EPSS

PT-2026-50420

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Cargo RD Cargo Shipping Location for WooCommerce allows Blind SQL Injection. This issue affects Cargo Shipping Location for WooCommerce: from n/a through 5.6...

9.3CVSS5.5AI score0.00236EPSS

PT-2026-50424

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Webilia Inc. Listdom allows Blind SQL Injection. This issue affects Listdom: from n/a through 5.4.0...

Positive Technologies•added 3 days ago•5 views

PT-2026-50416

Name of the Vulnerable Software and Affected Versions WP Travel Gutenberg Blocks versions prior to 3.9.4 Description Improper Neutralization of Special Elements used in an SQL Command allows Blind SQL Injection. Blind SQL Injection is a type of attack where the application does not return data...

9.3CVSS5.7AI score0.00317EPSS

Tenable Nessus•added 3 days ago•3 views

RockyLinux 8 : hplip (RLSA-2026:26335)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26335 advisory. HPLIP: HPLIP: Privilege escalation and arbitrary code execution via operating system command injection CVE-2026-8632 HPLIP: HPLIP: Arbitrary code...

9.8CVSS6.4AI score0.00719EPSS

Exploits0References5

Tenable Nessus•added 3 days ago•2 views

RHEL 8 : 389-ds:1.4 (RHSA-2026:26463)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26463 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server a...

Tenable Nessus•added 3 days ago•6 views

RHEL 9 : 389-ds-base (RHSA-2026:26455)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26455 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server a...

Tenable Nessus•added 3 days ago•3 views

RHEL 10 : 389-ds-base (RHSA-2026:26457)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26457 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server...

Tenable Nessus•added 3 days ago•2 views

Bosch Security Systems IP Cameras Improper Input Validation (CVE-2023-39509)

A command injection vulnerability exists in Bosch IP cameras that allows an authenticated user with administrative rights to run arbitrary commands on the OS of the camera. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

7.2CVSS7.1AI score0.01421EPSS

Exploits0References2

Tenable Nessus•added 3 days ago•6 views

RHEL 8 : redhat-ds:11 (RHSA-2026:26458)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26458 advisory. Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol LDAP...

7.5CVSS5.4AI score0.00815EPSS

Exploits0References5

Tenable Nessus•added 3 days ago•3 views

RHEL 10 : valkey (RHSA-2026:26540)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:26540 advisory. Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists,...

8.8CVSS6.8AI score0.0095EPSS

Exploits4References8

Tenable Nessus•added 3 days ago•4 views

RHEL 8 : 389-ds:1.4 (RHSA-2026:26454)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26454 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server a...

Tenable Nessus•added 3 days ago•7 views

RHEL 8 : 389-ds:1.4 (RHSA-2026:26460)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:26460 advisory. 389 Directory Server is an LDAP version 3 LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server a...