CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3 matches found

ATTACKERKB•added 2026/02/12 10:55 p.m.•3 views

CVE-2026-26188

Solspace Freeform plugin for Craft CMS 5.x is a super flexible form-building tool. An authenticated, low-privilege user able to create/edit forms can inject arbitrary HTML/JS into the Craft Control Panel CP builder and integrations views. User-controlled form labels and integration metadata are...

5.1CVSS5.7AI score0.0004EPSS

Exploits1References4Affected Software1

Positive Technologies•added 2026/01/05 12:0 a.m.•3 views

PT-2026-1343

Name of the Vulnerable Software and Affected Versions Craft versions 5.0.0-RC1 through 5.8.20 Craft versions 4.0.0-RC1 through 4.16.16 Description Craft is a platform for creating digital experiences. Authenticated users on a Craft installation could potentially expose sensitive assets via their...

7.1CVSS6.5AI score0.00039EPSS

Exploits0References6

Positive Technologies•added 2026/01/05 12:0 a.m.•3 views

PT-2026-1344

Name of the Vulnerable Software and Affected Versions Craft versions 5.0.0-RC1 through 5.8.20 Craft versions 4.0.0-RC1 through 4.16.16 Description Craft is a platform for creating digital experiences. The GraphQL save Asset mutation is susceptible to Server-Side Request Forgery SSRF. The issue...

6.8CVSS6.9AI score0.00017EPSS

Exploits1References14

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by