CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

53 matches found

Qualys Blog•added 2026/05/05 3:0 p.m.•5 views

Qualys TotalAI Achieves FedRAMP Moderate (FedRAMP Certified Class C) Authorization

Key Takeaways Federal AI adoption is accelerating faster than governance and approved security tooling. Risk now spans models, infrastructure, and the software supply chain. AI threats often mimic normal usage, which makes it difficult to detect with static methods. Meeting mandated federal...

5.9AI score

Exploits0

Packet Storm News•added 2026/04/23 12:0 a.m.•3 views

Transient Turn Injection: Exposing Stateless Multi-Turn Vulnerabilities in Large Language Models

Large language models LLMs are increasingly integrated into sensitive workflows, raising the stakes for adversarial robustness and safety. This paper introduces Transient Turn InjectionTTI, a new multi-turn attack technique that systematically exploits stateless moderation by distributing...

5.2AI score

Exploits0

Hive Pro Threat Advisories•added 2026/03/03 6:15 p.m.•1 views

How HiveForce Labs Finds Threats Before They Hit

There’s often a huge gap between knowing about a threat and knowing if you’re protected from it. A threat feed might tell you about a new attack campaign, but that information lives in a report. It doesn't tell you what would happen if that same attack hit your network. This is the difference...

6AI score

Exploits0

Hive Pro Threat Advisories•added 2026/01/06 5:6 p.m.•4 views

What Is Security Controls Validation? An Essential Guide

You wouldn’t wait for a real fire to find out if your smoke detectors work or if your team knows the evacuation route. You run fire drills. So why would you wait for a real cyberattack to test your security defenses? This is the simple, powerful idea behind security controls validation. It’s the...

6.7AI score

Exploits0

Hive Pro Threat Advisories•added 2025/12/16 10:58 p.m.•2 views

How to Modernize Your Vulnerability Management Program A Helpful Resource Guide For CISOS and Vuln teams

Running a vulnerability scan can feel like opening Pandora's box. You’re suddenly faced with a report listing thousands of potential weaknesses, and the pressure to "fix everything" is immense. But this approach is a recipe for burnout, leaving your team chasing low-impact issues while a real...

6.5AI score

Exploits0

Hive Pro Threat Advisories•added 2025/12/12 8:38 p.m.•2 views

What Is Security Control Validation? A Practical Guide

A fully-stocked security arsenal can create a dangerous false sense of security. You might have the best technology on the market, but misconfigurations, policy gaps, or a lack of integration can leave you just as exposed as having no tools at all. Relying on a defense that only looks good on pap...

6.8AI score

Exploits0

Hive Pro Threat Advisories•added 2025/11/26 2:13 p.m.•2 views

How BAS Helps Threat Exposure Management: A Complete Guide

Your vulnerability scanner just produced a report with hundreds of "critical" CVEs. Now what? For most security teams, this is where the guessing game begins. You know you can't fix everything at once, so you're forced to make tough calls based on CVSS scores and gut feelings, all while hoping yo...

6.7AI score

Exploits0

Hive Pro Threat Advisories•added 2025/11/15 10:11 p.m.•7 views

7 Steps for Securing Generative AI in Enterprises

Think of your AI strategy like building a skyscraper. You wouldn't construct twenty floors and then try to figure out where the foundation should go. Security must be part of the blueprint from the very beginning. Bolting on security measures after an AI model is already in use is a recipe for...

6.5CVSS7.5AI score0.91891EPSS

Exploits2

EUVD•added 2025/10/22 3:3 p.m.•1 views

EUVD-2025-35590

MeterSphere is an open source continuous testing platform. Prior to version 2.10.25-lts, a logic flaw allows retrieval of arbitrary user information. This allows an unauthenticated attacker to log in to the system as any user. This issue has been patched in version 2.10.25-lts...

5.3CVSS6.5AI score0.00062EPSS

Exploits1References3

CNNVD•added 2025/10/22 12:0 a.m.•2 views

MeterSphere 信息泄露漏洞

MeterSphere is MeterSphere's open source one-stop open source continuous testing platform. An information disclosure vulnerability exists in versions prior to MeterSphere 2.10.25-lts that stems from a logic flaw that could lead to the disclosure of arbitrary user information and an unauthenticate...

7.5CVSS6.2AI score0.00062EPSS

Exploits1References4

The Hacker News•added 2025/10/08 8:57 a.m.•11 views

No Time to Waste: Embedding AI to Cut Noise and Reduce Risk

Artificial intelligence is reshaping cybersecurity on both sides of the battlefield. Cybercriminals are using AI-powered tools to accelerate and automate attacks at a scale defenders have never faced before. Security teams are overwhelmed by an explosion of vulnerability data, tool outputs, and...

6.8AI score

Exploits0

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-34932

Malicious code in bioql PyPI...

6.8CVSS5AI score0.00225EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-21386

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00317EPSS

Exploits0References1