Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Tenable Nessus
Tenable Nessusadded 2026/06/03 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-44574

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect...

8.1CVSS5.8AI score0.00011EPSS
Exploits2References2
NVD
NVDadded 2026/05/13 5:16 p.m.13 views

CVE-2026-44574

Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect dynamic routes can be vulnerable to authorization bypass. In affected deployments, specially crafted query parameters can alter the...

8.1CVSS0.00011EPSS
Exploits2References1
Cvelist
Cvelistadded 2026/05/13 4:56 p.m.26 views

CVE-2026-44574 Next.js: Middleware / Proxy bypass through dynamic route parameter injection

Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect dynamic routes can be vulnerable to authorization bypass. In affected deployments, specially crafted query parameters can alter the...

8.1CVSS0.00011EPSS
Exploits2References1
ATTACKERKB
ATTACKERKBadded 2026/05/13 4:56 p.m.7 views

CVE-2026-44574

Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect dynamic routes can be vulnerable to authorization bypass. In affected deployments, specially crafted query parameters can alter the...

8.1CVSS5.8AI score0.00011EPSS
Exploits2References2Affected Software1
CNNVD
CNNVDadded 2026/05/13 12:0 a.m.5 views

Next.js 安全漏洞

Next.js is a React framework open source by Vercel. Versions of Next.js from 15.4.0 to 15.5.16, as well as versions before 16.2.5, have security vulnerabilities. These vulnerabilities arise from the use of middleware that protects dynamic routes. In this scenario, specially crafted query paramete...

8.1CVSS5.8AI score0.00011EPSS
Exploits2References1
Snyk
Snykadded 2025/09/22 9:10 p.m.2 views

Unsafe Dependency Resolution

Overview Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the Skin feature. An attacker can cause unauthorized theme loading and potentially execute arbitrary code by supplying crafted query parameters to load unused or outdated themes. Remediation Upgrade...

7.3CVSS7.6AI score0.00126EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/01/30 12:0 a.m.1 views

Zyxel NAS326 Operating System Command Injection Vulnerability

Zyxel NAS326 is a cloud storage NAS from China Hopkins Zyxel. An operating system command injection vulnerability exists in Zyxel NAS326 firmware version V5.21AAZF.15C0 and earlier versions, and NAS542 firmware version V5.21ABAG.12C0 and earlier versions. An attacker could exploit this...

7.2CVSS7.8AI score0.10118EPSS
Exploits0References2
CNNVD
CNNVDadded 2022/10/25 12:0 a.m.0 views

Esri ArcGIS Server 输入验证错误漏洞

Esri ArcGIS Server is a web-oriented, enterprise-class software platform for delivering geolocation services from Environmental Systems Research Institute Esri. An input validation error vulnerability exists in Esri ArcGIS Server version 10.9.1 and earlier, which stems from an unauthenticated...

6.1CVSS6.2AI score0.00626EPSS
Exploits0References3
Rows per page
Query Builder