CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18351 matches found

CVE•added 2026/04/30 9:15 p.m.•4 views

CVE-2026-7502

CVE-2026-7502 affects LinkStackOrg LinkStack up to version 4.8.6. The vulnerability is in the saveLink function of app/Http/Controllers/UserController.php (Management Endpoint), enabling an authorization bypass. The issue is exploitable remotely and has publicly disclosed exploit information. A f...

5.5CVSS5.5AI score0.00055EPSS

Exploits0References7

Vulnrichment•added 2026/04/30 9:15 p.m.•1 views

CVE-2026-7502 LinkStackOrg LinkStack Management Endpoint UserController.php saveLink authorization

A security vulnerability has been detected in LinkStackOrg LinkStack up to 4.8.6. The affected element is the function saveLink of the file app/Http/Controllers/UserController.php of the component Management Endpoint. The manipulation leads to authorization bypass. The attack can be initiated...

5.5CVSS5.6AI score0.00055EPSS

Exploits0References7

EUVD•added 2026/04/30 8:45 p.m.•3 views

EUVD-2026-26438

A weakness has been identified in LinkStackOrg LinkStack up to 4.8.6. Impacted is the function editPage of the file app/Http/Controllers/UserController.php. Executing a manipulation of the argument pageDescription can lead to cross site scripting. It is possible to launch the attack remotely. The...

5.1CVSS3.5AI score0.00013EPSS

Exploits0References6

ATTACKERKB•added 2026/04/30 8:45 p.m.•2 views

CVE-2026-7501

5.1CVSS3.6AI score0.00013EPSS

Exploits0References6Affected Software1

Vulnrichment•added 2026/04/30 8:45 p.m.•4 views

CVE-2026-7501 LinkStackOrg LinkStack UserController.php editPage cross site scripting

5.1CVSS4.2AI score0.00013EPSS

Exploits0References6

Cvelist•added 2026/04/30 8:45 p.m.•24 views

CVE-2026-7501 LinkStackOrg LinkStack UserController.php editPage cross site scripting

5.1CVSS0.00013EPSS

Exploits0References6

CVE•added 2026/04/30 8:45 p.m.•4 views

CVE-2026-7501

The CVE pertains to LinkStackOrg LinkStack (up to version 4.8.6). The vulnerability affects the editPage function in app/Http/Controllers/UserController.php, caused by manipulation of the pageDescription argument which enables cross-site scripting. Exploitation is possible remotely and public exp...

5.1CVSS3.5AI score0.00013EPSS

Exploits0References6

RedhatCVE•added 2026/04/30 2:47 p.m.•4 views

CVE-2026-7306

A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/OpenApiController.java of the component OpenAPI Endpoint. Such manipulation of the argument defaulttok...

6.3CVSS5.1AI score0.0002EPSS

Exploits0References1

Positive Technologies•added 2026/04/30 12:0 a.m.•3 views

PT-2026-36191

Name of the Vulnerable Software and Affected Versions LinkStackOrg LinkStack versions prior to 4.8.7 Description A weakness in the editPage function within the app/Http/Controllers/UserController.php file allows for remote cross-site scripting XSS, which occurs when a user-supplied value is...

5.1CVSS5.7AI score0.00013EPSS

Exploits0References10

CNNVD•added 2026/04/30 12:0 a.m.•6 views

LinkStack 授权问题漏洞

LinkStack is a unique platform developed by LinkStack OpenSource, offering efficient solutions for managing and sharing links online. Version 4.8.6 and earlier of LinkStack contained an authorization vulnerability. This vulnerability originated from the saveLink function in the Management Endpoin...

5.5CVSS6.1AI score0.00055EPSS

Exploits0References1

RedHat Linux•added 2026/04/29 12:45 p.m.•4 views

ovn: OVN: Information disclosure via crafted DHCPv6 packets

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

8.6CVSS5.3AI score0.00022EPSS

Exploits0References4

RedHat Linux•added 2026/04/29 12:45 p.m.•4 views

ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue

When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...

6.5CVSS5.5AI score0.0004EPSS

Exploits0References4

RedHat Linux•added 2026/04/29 12:44 p.m.•2 views

ovn: OVN: Information disclosure via crafted DHCPv6 packets

8.6CVSS5.3AI score0.00022EPSS

Exploits0References4

RedHat Linux•added 2026/04/29 12:42 p.m.•4 views

ovn: OVN: Information disclosure via crafted DHCPv6 packets

8.6CVSS5.3AI score0.00022EPSS

Exploits0References4

Github Security Blog•added 2026/04/29 12:33 p.m.•4 views

Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources.

Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources. More precisely, an application can be vulnerable when all the following are true: the application is using Spring MVC or Spring WebFlux the application is configuring the resource chain support...

3.1CVSS5.8AI score0.00083EPSS

Exploits0References4Affected Software2

OSV•added 2026/04/29 12:16 p.m.•1 views

UBUNTU-CVE-2026-22741

3.1CVSS5.8AI score0.00083EPSS

Exploits0References3

EUVD•added 2026/04/29 11:35 a.m.•0 views

EUVD-2026-26207

Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: the application is using Spring MVC or Spring WebFlux the application is serving static resources from...

5.3CVSS5.4AI score0.00067EPSS

Exploits0References2