CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 4 days ago•38 views

CVE-2026-46480 Flowise: Evaluator create+update mass-assignment allows cross-workspace evaluator takeover

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, evaluator create and update mass-assignment allows cross-workspace evaluator takeover. This issue has been patched in version 3.1.2...

7.7CVSS0.00128EPSS

Vulnrichment•added 4 days ago•3 views

CVE-2026-46477 Flowise: Dataset create+update mass-assignment allows cross-workspace dataset takeover

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, dataset create and update mass-assignment allows cross-workspace dataset takeover. This issue has been patched in version 3.1.2...

7.7CVSS5.3AI score0.00053EPSS

Cvelist•added 4 days ago•36 views

CVE-2026-46476 Flowise: CustomTemplate create+update mass-assignment allows cross-workspace template takeover

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, CustomTemplate create and update mass-assignment allows cross-workspace template takeover. This issue has been patched in version 3.1.2...

7.7CVSS0.00053EPSS

EUVD•added 4 days ago•4 views

EUVD-2026-35102

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, all CRUD endpoints for OpenAI Assistants Vector Store have no authentication middleware and the route path /api/v1/openai-assistants-vector-store is not in WHITELISTURLS. However, it i...

8.7CVSS5.5AI score0.00088EPSS

OSV•added 4 days ago•4 views

JLSEC-2026-600

Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use searchpath to find user-defined types, including extension-defined types. That is to say, the victim will execute arbitrary SQL functions of the attacker's choice. Versions before PostgreSQL...

5.4CVSS6AI score0.0003EPSS

NVD•added 4 days ago•7 views

CVE-2026-41723

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS0.00076EPSS

RedhatCVE•added 5 days ago•9 views

CVE-2026-6239

A stack‑based buffer overflow vulnerability exists in Tapo C520WS v2 in the ONVIF CreateUsers service, where the device fails to properly validate the number of XML user nodes during request processing. An authenticated attacker can send a specially crafted ONVIF request containing an excessive...

6.8CVSS5.8AI score0.00022EPSS

NVD•added 6 days ago•8 views

CVE-2026-6239

6.8CVSS0.00022EPSS

Exploits0References3

ATTACKERKB•added last week•7 views

CVE-2026-6239

6.8CVSS5.5AI score0.00022EPSS

Exploits0References4

Cvelist•added last week•37 views

CVE-2026-6239 Authenticated Stack-based Buffer Overflow in ONVIF CreateUsers Service in TP-Link Tao C520WS

6.8CVSS0.00022EPSS

Exploits0References3

NVD•added last week•6 views

CVE-2026-46357

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, the HAX CMS NodeJS application crashes when an authenticated attacker sends a specially crafted site creation request to the createSite endpoint. A single request is sufficient to take the entire...

6.5CVSS0.00066EPSS

6.1CVSS5.5AI score0.00039EPSS

CVE-2026-36226

Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...

Exploits1References1

RedhatCVE•added last week•6 views

CVE-2026-40914

A vulnerability exists in Apache Artemis whereby an application using the STOMP protocol with security credentials that grant either the consume or send permission on an address can augment the routing-type supported by that address even if said user doesn't have the createAddress permission for...

4.3CVSS5.5AI score0.00138EPSS

6.5CVSS5AI score0.00045EPSS

CVE-2026-8268

A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPIlistcreate of the component SMF. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The project was informed ...

Exploits1References1

RedhatCVE•added last week•7 views

CVE-2025-9988

The Broadstreet plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the createadvertiser AJAX action in all versions up to, and including, 1.53.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create...

4.3CVSS5.5AI score0.00035EPSS

6.5CVSS5.6AI score0.00044EPSS

CVE-2026-43889

Outline is a service that allows for collaborative documentation. Prior to 1.7.0, the shares.create API accepts both collectionId and documentId simultaneously and, when published=false, only verifies read access for each—skipping the "share" permission check. A subsequent shares.update authorize...

RedhatCVE•added last week•7 views

CVE-2026-34600

Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.5.2 and prior contain a logic error in the delta API that allows share recipients to download notes that are no longer shared with them, related to but not fully fixed by the prior...

5.7CVSS5.4AI score0.00027EPSS

4.3CVSS5.4AI score0.00031EPSS

CVE-2026-3637

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 fail to check the createpost channel permission during post edit operations which allows an authenticated attacker with revoked posting privileges to modify their existing posts via direct API requests to the post update and...