Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

15437 matches found

RedhatCVE
RedhatCVEadded 2026/01/23 9:18 a.m.9 views

CVE-2025-4763

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows Reflected XSS.This issue affects Hotel Guest Hotspot: through 22012026. NOTE: The vendor was contacted early about this...

6.1CVSS5.4AI score0.00015EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/01/23 6:32 a.m.5 views

Malicious code in ntwsc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 101f5ffdce019ee61ce0775bc9de5dba96de50e5e03e8fd70ac1b30b28cf13e0 The package ntwsc was found to contain malicious code. Source: ghsa-malware ef0dd5d822ddc7c0a00339f31b43d1a99cf79532857cdd157bf1eeb4b2a31ea2 Any...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/01/23 6:32 a.m.3 views

Malicious code in a4wu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65f0ae226eb7aef794335d5c42f8f82348461976fcd5188fdb74129e54e36f5a The package a4wu was found to contain malicious code. Source: ghsa-malware dbda459fa895bbd7a94bd12494e3092b3964f21d8a480826313bdb3f7302904b Any...

5.5AI score
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/22 11:45 a.m.1 views

CVE-2025-10024

Authorization Bypass Through User-Controlled Key vulnerability in EXERT Computer Technologies Software Ltd. Co. Education Management System allows Parameter Injection. This issue affects Education Management System: through 23.09.2025...

7.5CVSS5.4AI score0.00025EPSS
Exploits0References3
CVE
CVEadded 2026/01/22 11:45 a.m.9 views

CVE-2025-10024

Technical details about CVE-2025-10024 are not publicly provided in the supplied documents; no affected versions, root cause, or remediation are stated. Monitor for updates from vendors and security advisories.

7.5CVSS5.4AI score0.00025EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/01/22 11:45 a.m.23 views

CVE-2025-10024 IDOR in EXERT Computer Technologies' Education Management System

Authorization Bypass Through User-Controlled Key vulnerability in EXERT Computer Technologies Software Ltd. Co. Education Management System allows Parameter Injection. This issue affects Education Management System: through 23.09.2025...

7.5CVSS0.00025EPSS
Exploits0References2
NVD
NVDadded 2026/01/22 10:16 a.m.2 views

CVE-2025-4764

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows SQL Injection. This issue affects Hotel Guest Hotspot: through 22012026. NOTE: The vendor was contacted early about this...

8.8CVSS0.00024EPSS
Exploits0References2
OSV
OSVadded 2026/01/22 10:16 a.m.4 views

CVE-2025-4764

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows SQL Injection.This issue affects Hotel Guest Hotspot: through 22012026. NOTE: The vendor was contacted early about this...

8.8CVSS5.8AI score0.00024EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/22 9:13 a.m.23 views

CVE-2025-4764 SQLi in Aida Computer's Hotspot

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows SQL Injection. This issue affects Hotel Guest Hotspot: through 22012026. NOTE: The vendor was contacted early about this...

8CVSS0.00024EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/01/22 9:13 a.m.3 views

CVE-2025-4764 SQLi in Aida Computer's Hotspot

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows SQL Injection.This issue affects Hotel Guest Hotspot: through 22012026. NOTE: The vendor was contacted early about this...

8CVSS5.6AI score0.00024EPSS
Exploits0References1
CVE
CVEadded 2026/01/22 9:13 a.m.9 views

CVE-2025-4764

The CVE-2025-4764 issue is a SQL Injection vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot, due to improper neutralization of special elements in SQL commands. Affected product/version: Hotel Guest Hotspot up to and including 22012026. Impact is rated high (CVSS 3.1...

8.8CVSS5.5AI score0.00024EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/22 9:10 a.m.1 views

CVE-2025-4763 XSS in Aida Computer's Hotspot

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows Reflected XSS.This issue affects Hotel Guest Hotspot: through 22012026. NOTE: The vendor was contacted early about this...

5.5CVSS5.4AI score0.00015EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/01/22 9:10 a.m.25 views

CVE-2025-4763 XSS in Aida Computer's Hotspot

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows Reflected XSS. This issue affects Hotel Guest Hotspot: through 22012026. NOTE: The vendor was contacted early about this...

5.5CVSS0.00015EPSS
Exploits0References2
OSV
OSVadded 2026/01/22 9:7 a.m.4 views

MAL-2026-454 Malicious code in @mailpoet/component (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d48b40574c65ef747944583fa5a49ac40b673d6932a02247c2cdbd5331a79179 The package @mailpoet/component was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
OSV
OSVadded 2026/01/22 9:7 a.m.3 views

MAL-2026-451 Malicious code in @alluxio/common-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f082b7a72d74e881f10d6e0f01c1aef7a0a07b0f446d5a9d31a4763ffed2ed8 The package @alluxio/common-ui was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
OSV
OSVadded 2026/01/22 9:2 a.m.3 views

MAL-2026-457 Malicious code in csv-parsing-xx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfe9a306ce309515a134b6348aff27991f8725d7925ee31b1c51281c9d4a5bc8 The package csv-parsing-xx was found to contain malicious code. Source: ghsa-malware 3e16868b929858d45e76857e9157eae0e3631ca0e2e5988e69c6f537d0ad1a04...

5.5AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/01/22 12:0 a.m.3 views

PT-2026-3926

Authorization Bypass Through User-Controlled Key vulnerability in EXERT Computer Technologies Software Ltd. Co. Education Management System allows Parameter Injection.This issue affects Education Management System: through 23.09.2025...

7.5CVSS5.4AI score0.00025EPSS
Exploits0References2
OSV
OSVadded 2026/01/21 4:51 a.m.3 views

MAL-2026-409 Malicious code in chai-async-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d513c8edc24de9b9993282b15030364ac655c161954965840f5a8d630470cef1 The package chai-async-test was found to contain malicious code. Source: ghsa-malware 44653d8509702f49ad07480d256afe34186fa1f3920fca7b95d57ef1f7ed855...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/01/21 4:51 a.m.6 views

Malicious code in dotenv-expanded (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9e36cd005779e12b645b7ec5f6e65df1edae7c6d86736507cd1feacec1ef7cf The package dotenv-expanded was found to contain malicious code. Source: ghsa-malware 8c545865cdbec4a05b0f51103dd3560d60c3f43b818465e4a935a47bf84078d...

5.5AI score
Exploits0References1
OSV
OSVadded 2026/01/21 4:48 a.m.5 views

MAL-2026-424 Malicious code in plugin-react-swc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 197cedd065670a6a39b4401d52b2a636d5ff18f26c378b571770286a807ec467 The package plugin-react-swc was found to contain malicious code. Source: ghsa-malware cba9afea98505469e9b9f36095ab566e5cd857b54255290d9defa67c40c62a...

5.5AI score
Exploits0References2
Rows per page
Query Builder