CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2 days ago•8 views

PT-2026-45260

An improper Input Validation vulnerability in OTRS or OTRS Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue only affects the system if the MySQL/MariaDB server is configured with the NO BACKSLASH ESCAPES SQL mod...

9.1CVSS5.9AI score0.00074EPSS

Packet Storm News•added 3 days ago•2 views

ClawHub Security Signals: When VirusTotal, Static Analysis, and SkillSpector Disagree

Agent skills extend AI agents with reusable instructions, tools, scripts, references, and workflows, establishing a security boundary distinct from both model safety and traditional package-malware detection. ClawHub Security Signals is a sanitized dataset of 67,453 latest public OpenClaw skill...

5.8AI score

Exploits0

Snyk•added 5 days ago•7 views

Malicious Package

Overview @rsi-community/hub-schema is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score

RedhatCVE•added 5 days ago•5 views

CVE-2026-33590

Insecure default settings of Portainer CE grant regular non-admin users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent access on the...

9.4CVSS5.9AI score0.0005EPSS

Exploits0References1

Tenable Nessus•added 5 days ago•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-9807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain...

4.3CVSS5.8AI score0.00012EPSS

Redos•added 5 days ago•5 views

ROS-20260529-73-0012

The vulnerability of HashiCorp’s Vault Community Edition and Vault Enterprise, platforms for archiving corporate information, lies in the ability to bypass authentication by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to cause service interruptions...

8.1CVSS5.8AI score0.0002EPSS

Exploits0

NVD•added 6 days ago•4 views

CVE-2026-44850

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer offers an environment-level Disable bind mounts for...

8.5CVSS0.00028EPSS

NVD•added 6 days ago•3 views

CVE-2026-44882

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33., Portainer proxies requests to Kubernetes clusters through a middleware layer...

8.1CVSS0.00046EPSS

ATTACKERKB•added 6 days ago•6 views

CVE-2026-44881

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer supports deploying stacks from Git repositories. When a...

5.9AI score0.00059EPSS

ATTACKERKB•added 6 days ago•4 views

CVE-2026-44848

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, The Docker plugin management endpoints /plugins/ were not registered...

5.7AI score0.00039EPSS

EUVD•added 6 days ago•4 views

EUVD-2026-33064

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, The Docker plugin management endpoints /plugins/ were not registered...

9.4CVSS5.7AI score0.00039EPSS

ATTACKERKB•added 6 days ago•5 views

CVE-2026-44849

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8, 2.39.2, and 2.41.0, Portainer enforces seven EndpointSecuritySettings restrictions that...

5.8AI score0.00039EPSS

EUVD•added 6 days ago•5 views

EUVD-2026-33062

8.5CVSS5.8AI score0.00028EPSS

ATTACKERKB•added 6 days ago•7 views

CVE-2026-44882

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33., Portainer proxies requests to Kubernetes clusters through a middleware layer...

6AI score0.00046EPSS

EUVD•added 6 days ago•4 views

EUVD-2026-33058

Portainer Community Edition is a lightweight service delivery platform for containerized applications that can be used to manage Docker, Swarm, Kubernetes and ACI environments. From 2.33.0 to before 2.33.8 and 2.39.1, a missing authorization vulnerability in the Custom Template file endpoint GET...

6CVSS5.8AI score0.00028EPSS