Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3642 matches found

RedhatCVE
RedhatCVEadded 2026/02/23 1:20 a.m.24 views

CVE-2026-2895

A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by this issue is the function repass of the file app/frontend/controller/Member.php. Performing a manipulation of the argument forgetcode/vercode results in weak password recovery. Remote exploitation of the attack is...

8.1CVSS4.3AI score0.00392EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2026/02/23 12:0 a.m.6 views

PT-2026-21494

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/net builtin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiat...

6.3CVSS4.8AI score0.00491EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2026/02/23 12:0 a.m.8 views

PT-2026-21490

A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mg sendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipulation of the argument random can lead to insufficiently random values. The attack can be launched...

6.3CVSS4.7AI score0.0038EPSS
Exploits1References6
NVD
NVDadded 2026/02/21 11:15 p.m.8 views

CVE-2026-2895

A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by this issue is the function repass of the file app/frontend/controller/Member.php. Performing a manipulation of the argument forgetcode/vercode results in weak password recovery. Remote exploitation of the attack is...

8.1CVSS0.00392EPSS
Exploits1References5
CVE
CVEadded 2026/02/21 11:2 p.m.22 views

CVE-2026-2895

CVE-2026-2895 affects funadmin up to 7.1.0-rc4. The vulnerability is in the function repass of the file app/frontend/controller/Member.php . Manipulating the arguments forget_code/vercode enables weak password recovery and allows remote exploitation . Reported exploitation is possible; the attack...

8.1CVSS4.7AI score0.00392EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2026/02/21 11:2 p.m.29 views

CVE-2026-2895 funadmin Member.php repass password recovery

A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by this issue is the function repass of the file app/frontend/controller/Member.php. Performing a manipulation of the argument forgetcode/vercode results in weak password recovery. Remote exploitation of the attack is...

6.3CVSS0.00392EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/02/21 11:2 p.m.4 views

CVE-2026-2895

A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by this issue is the function repass of the file app/frontend/controller/Member.php. Performing a manipulation of the argument forgetcode/vercode results in weak password recovery. Remote exploitation of the attack is...

6.3CVSS4.7AI score0.00392EPSS
Exploits1References5
RedhatCVE
RedhatCVEadded 2026/02/19 7:21 p.m.6 views

CVE-2026-2655

A vulnerability was detected in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::strless::operator of the file include/chaiscript/chaiscriptdefines.hpp. The manipulation results in use after free. The attack requires a local approach. The attack requires a high level of...

2.5CVSS5AI score0.00191EPSS
Exploits1References1
OSV
OSVadded 2026/02/19 8:16 a.m.1 views

CVE-2026-2711

A vulnerability has been found in zhutoutoutousan worldquant-miner up to 1.0.9. The impacted element is an unknown function of the file worldquant-miner-master/agent-dify-api/core/helper/ssrfproxy.py of the component URL Handler. The manipulation of the argument makerequest leads to server-side...

5.6CVSS5.2AI score0.00354EPSS
Exploits0References6
NVD
NVDadded 2026/02/19 7:17 a.m.8 views

CVE-2026-2702

A security flaw has been discovered in Beetel 777VR1 up to 01.00.09. This issue affects some unknown processing of the component WPA2 PSK. Performing a manipulation results in hard-coded credentials. The attacker must have access to the local network to execute the attack. The complexity of an...

3.1CVSS0.00259EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/02/19 7:2 a.m.33 views

CVE-2026-2711 zhutoutoutousan worldquant-miner URL ssrf_proxy.py server-side request forgery

A vulnerability has been found in zhutoutoutousan worldquant-miner up to 1.0.9. The impacted element is an unknown function of the file worldquant-miner-master/agent-dify-api/core/helper/ssrfproxy.py of the component URL Handler. The manipulation of the argument makerequest leads to server-side...

6.3CVSS0.00354EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/02/19 7:2 a.m.4 views

CVE-2026-2711 zhutoutoutousan worldquant-miner URL ssrf_proxy.py server-side request forgery

A vulnerability has been found in zhutoutoutousan worldquant-miner up to 1.0.9. The impacted element is an unknown function of the file worldquant-miner-master/agent-dify-api/core/helper/ssrfproxy.py of the component URL Handler. The manipulation of the argument makerequest leads to server-side...

6.3CVSS4.8AI score0.00354EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/02/19 12:0 a.m.5 views

PT-2026-20650

Name of the Vulnerable Software and Affected Versions zhutoutoutousan worldquant-miner versions through 1.0.9 Description A server-side request forgery issue exists in zhutoutoutousan worldquant-miner. The issue is related to the manipulation of the make request argument within an unknown functio...

6.3CVSS5.9AI score0.00354EPSS
Exploits0References12
Positive Technologies
Positive Technologiesadded 2026/02/19 12:0 a.m.8 views

PT-2026-20594

Name of the Vulnerable Software and Affected Versions Beetel 777VR1 versions up to 01.00.09 Description A security flaw exists in Beetel 777VR1 affecting the WPA2 PSK component. A manipulation of this component can lead to the disclosure of hard-coded credentials. An attacker requires access to t...

3.1CVSS4.2AI score0.00259EPSS
Exploits0References8
RedhatCVE
RedhatCVEadded 2026/02/18 7:30 p.m.6 views

CVE-2026-2618

A vulnerability was determined in Beetel 777VR1 up to 01.00.09. This impacts an unknown function of the component SSH Service. This manipulation causes risky cryptographic algorithm. The attack is possible to be carried out remotely. The attack is considered to have high complexity. The...

7.4CVSS4.9AI score0.0034EPSS
Exploits1References1
NVD
NVDadded 2026/02/18 3:18 p.m.4 views

CVE-2026-2656

A flaw has been found in ChaiScript up to 6.1.0. This affects the function chaiscript::TypeInfo::bareequal of the file include/chaiscript/dispatchkit/typeinfo.hpp. This manipulation causes use after free. The attack requires local access. The attack's complexity is rated as high. The exploitabili...

2.5CVSS0.00191EPSS
Exploits1References6
Cvelist
Cvelistadded 2026/02/18 2:32 p.m.25 views

CVE-2026-2656 ChaiScript type_info.hpp bare_equal use after free

A flaw has been found in ChaiScript up to 6.1.0. This affects the function chaiscript::TypeInfo::bareequal of the file include/chaiscript/dispatchkit/typeinfo.hpp. This manipulation causes use after free. The attack requires local access. The attack's complexity is rated as high. The exploitabili...

2.5CVSS0.00191EPSS
Exploits1References6
CVE
CVEadded 2026/02/18 2:32 p.m.15 views

CVE-2026-2656

CVE-2026-2656 affects ChaiScript up to 6.1.0, specifically the function chaiscript::Type_Info::bare_equal in include/chaiscript/dispatchkit/type_info.hpp. A manipulation causes a use-after-free, with local access required. The vulnerability has a high attack complexity, and exploitation has been ...

2.5CVSS4.8AI score0.00191EPSS
Exploits1References6Affected Software1
OSV
OSVadded 2026/02/18 2:16 p.m.4 views

CVE-2026-2655

A vulnerability was detected in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::strless::operator of the file include/chaiscript/chaiscriptdefines.hpp. The manipulation results in use after free. The attack requires a local approach. The attack requires a high level of...

2CVSS5AI score
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/02/18 12:0 a.m.7 views

PT-2026-20416

A vulnerability was detected in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::str less::operator of the file include/chaiscript/chaiscript defines.hpp. The manipulation results in use after free. The attack requires a local approach. The attack requires a high level of...

2.5CVSS5AI score0.00191EPSS
Exploits1References7
Rows per page
Query Builder