6329 matches found
EUVD-2026-41492
The MotoPress Appointment Booking plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 2.4.4. This is due to the POST /motopress/appointment/v1/bookings REST endpoint being registered with 'permissioncallback' = 'returntrue',...
CVE-2026-9180
MotoPress Appointment Booking for WordPress (versions up to 2.4.4) is vulnerable to an Authorization Bypass via a user-controlled booking_id. The REST endpoint POST /motopress/appointment/v1/bookings is registered with a permissive permission_callback (return_true ), and createBooking() loads the...
CVE-2026-10823
creationtimestamp| type| source ---|---|--- 2026-06-29 12:00:04+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-10823.yaml 2026-06-30 00:00:03+00:00| confirmed|...
CVE-2026-55592
creationtimestamp| type| source ---|---|--- 2026-06-22 02:53:55+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-55592.yaml 2026-06-24 15:00:04+00:00| confirmed|...
CVE-2026-54066
creationtimestamp| type| source ---|---|--- 2026-06-19 07:23:13+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-54066.yaml...
CVE-2026-54069
creationtimestamp| type| source ---|---|--- 2026-06-17 04:18:47+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-54069.yaml...
CVE-2025-61224
creationtimestamp| type| source ---|---|--- 2026-06-16 04:05:56+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-61224.yaml...
CVE-2026-50230
creationtimestamp| type| source ---|---|--- 2026-06-12 02:49:16+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-50230.yaml...
CVE-2026-2652
creationtimestamp| type| source ---|---|--- 2026-06-04 09:46:33+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-2652.yaml...
EUVD-2026-34094
ProjectsAndPrograms school-management-system uses predictable credentials by generating student's and teacher's passwords solely from the user’s date of birth e.g., 12072000 for 12 July 2000. The application does not require or prompt users to change the password upon first login. This behavior...
CVE-2026-39352
creationtimestamp| type| source ---|---|--- 2026-05-25 09:50:58+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-39352.yaml...
CVE-2024-9362
creationtimestamp| type| source ---|---|--- 2026-05-23 14:18:54+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-9362.yaml...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: nfsd: The issue was addressed in nfsd4setclientidconfirm. Lei Lu recently reported that nfsd4setclientidconfirm did not check the return value from getclientlocked. A SETCLIENTIDCONFIRM operation might expire while the confirmed...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netfilter: It is now possible for allow exp to not be removed during the nfctfindexpectation operation. Currently, when the nfconntrackin function calls nfctfindexpectation, the exp is removed from the hash table. However, in som...
CVE-2026-43913
A flaw was found in Vaultwarden, a Bitwarden-compatible server. An authenticated user, who has been invited as an organization owner and accepted the invitation but has not yet been confirmed by an existing owner, can exploit this vulnerability. By calling a specific API endpoint, this user can...
CVE-2024-4322
creationtimestamp| type| source ---|---|--- 2026-05-10 12:00:46+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-4322.yaml...
CVE-2026-40878
creationtimestamp| type| source ---|---|--- 2026-05-07 09:12:24+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-40878.yaml...
CVE-2024-32825
creationtimestamp| type| source ---|---|--- 2026-04-23 06:53:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-32825.yaml 2026-04-23 21:03:12+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mk6vwtumpd2m...
CVE-2025-62039
creationtimestamp| type| source ---|---|--- 2026-04-22 16:54:21+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-62039.yaml 2026-04-23 21:03:14+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mk6vwu4jqz2i...
CVE-2021-26947
creationtimestamp| type| source ---|---|--- 2026-04-20 05:29:04+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-26947.yaml...