Lucene search
K

56747 matches found

Circl
Circl
added yesterday5 views

CVE-2026-57728

creationtimestamp| type| source ---|---|--- 2026-07-13 11:19:14+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjl3decem2e...

7.1CVSS6.1AI score0.00251EPSS
Exploits0References1
Circl
Circl
added yesterday4 views

CVE-2026-57710

creationtimestamp| type| source ---|---|--- 2026-07-13 11:18:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqjkzd2pp525...

9.9CVSS6.1AI score0.00479EPSS
Exploits0References1
Circl
Circl
added yesterday3 views

CVE-2026-22096

creationtimestamp| type| source ---|---|--- 2026-07-13 11:10:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqjkkyqbj62r 2026-07-13 18:49:50+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkeb3m33j2e...

9.3CVSS6.1AI score0.00422EPSS
Exploits0References2
Circl
Circl
added yesterday3 views

CVE-2026-22093

creationtimestamp| type| source ---|---|--- 2026-07-13 11:08:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqjkhgrukm2t 2026-07-13 17:49:37+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkavfwvjs2y...

9.5CVSS6.1AI score0.00203EPSS
Exploits0References2
Circl
Circl
added yesterday4 views

CVE-2026-59518

creationtimestamp| type| source ---|---|--- 2026-07-13 11:05:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjkc6f45w2l 2026-07-13 11:30:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqjlorfkkl2w 2026-07-13 11:55:15+00:00| seen|...

9.8CVSS6.1AI score0.00564EPSS
Exploits0References4
Circl
Circl
added yesterday4 views

CVE-2026-57381

creationtimestamp| type| source ---|---|--- 2026-07-13 10:59:21+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjjxs6j7527 2026-07-13 18:57:03+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkenyr3e52f...

7.1CVSS6.1AI score0.00251EPSS
Exploits0References2
Circl
Circl
added yesterday3 views

CVE-2026-57772

creationtimestamp| type| source ---|---|--- 2026-07-13 10:51:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjjjbh4rv25 2026-07-13 22:07:00+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkpbmzimm27...

8.5CVSS6.1AI score0.00357EPSS
Exploits0References2
Circl
Circl
added yesterday4 views

CVE-2026-15546

creationtimestamp| type| source ---|---|--- 2026-07-13 09:45:55+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjfuhyoop2s 2026-07-13 10:17:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjhn4vufb26...

6.5CVSS6.6AI score0.0105EPSS
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-43315

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4 fail to verify whether a guest account is deactivated before creating a session in the magic-link token login path, which allows a deactivated guest user to obtain a fully functional session via a magic-link token issued prior to deactivation...

5.4CVSS6.1AI score0.00138EPSS
Exploits0References2
EUVD
EUVD
added yesterday6 views

EUVD-2026-43288

The Tutor LMS WordPress plugin before 3.9.13 does not perform any authorization or post-target validation before creating a comment in one of its handlers, and stores the comment pre-approved, allowing authenticated users with subscriber-level access and above to post auto-approved comments...

4.3CVSS6.2AI score0.0014EPSS
Exploits0References2
NVD
NVD
added yesterday5 views

CVE-2026-9597

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4 fail to verify whether a guest account is deactivated before creating a session in the magic-link token login path, which allows a deactivated guest user to obtain a fully functional session via a magic-link token issued prior to deactivation...

5.4CVSS0.00138EPSS
Exploits0References1
Circl
Circl
added yesterday5 views

CVE-2026-57829

creationtimestamp| type| source ---|---|--- 2026-07-13 08:27:08+00:00| seen| https://bsky.app/profile/suriq.io/post/3mqjbhlhal325 2026-07-13 08:30:51+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjboanlg72i 2026-07-13 09:55:28+00:00| seen|...

8.7CVSS6.1AI score0.00258EPSS
Exploits1References4
Cvelist
Cvelist
added yesterday12 views

CVE-2026-9597 Deactivated guest accounts can authenticate via magic-link token in Mattermost REST API login endpoint

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4 fail to verify whether a guest account is deactivated before creating a session in the magic-link token login path, which allows a deactivated guest user to obtain a fully functional session via a magic-link token issued prior to deactivation...

5.4CVSS0.00138EPSS
Exploits0References1
CVE
CVE
added yesterday13 views

CVE-2026-9597

Mattermost advisory MMSA-2026-00681 documents a vulnerability in Mattermost where versions 11.7.x <= 11.7.2 and 11.6.x

5.4CVSS6.1AI score0.00138EPSS
Exploits0References1Affected Software1
Circl
Circl
added yesterday6 views

CVE-2026-4769

creationtimestamp| type| source ---|---|--- 2026-07-13 07:21:18+00:00| seen| https://infosec.exchange/users/certvde/statuses/116911458109125585 2026-07-13 07:54:49+00:00| seen| https://bsky.app/profile/securityonline.bsky.social/post/3mqj7nsuneh2l 2026-07-13 08:30:05+00:00| seen|...

9.8CVSS6.1AI score0.00447EPSS
Exploits0References5
CVE
CVE
added yesterday8 views

CVE-2026-12273

The Tutor LMS WordPress plugin before 3.9.13 does not perform any authorization or post-target validation before creating a comment in one of its handlers, and stores the comment pre-approved, allowing authenticated users with subscriber-level access and above to post auto-approved comments...

4.3CVSS6.2AI score0.0014EPSS
Exploits0References1
Nuclei
Nuclei
added yesterday181 views

ManageEngine OpManager - Directory Traversal

A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability. id: CVE-2023-47211 info: name: ManageEngine...

9.1CVSS7.1AI score0.47024EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday75 views

XWiki < 14.10.14 - Cross-Site Scripting

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When document names are validated according to a name strategy disabled by default, XWiki starting in version 12.0-rc-1 and prior to versions 12.10.12 and 15.5-rc-1 is vulnerable to a reflecte...

9.6CVSS7.2AI score0.05124EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday46 views

rConfig 3.9 - Authentication Bypass(Admin Login)

lib/crud/userprocess.php in rConfig 3.9.x before 3.9.7 has an authentication bypass, leading to administrator account creation. This issue has been fixed in 3.9.7. id: CVE-2020-13638 info: name: rConfig 3.9 - Authentication BypassAdmin Login author: theamanrawat severity: critical description: |...

9.8CVSS7AI score0.76758EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday35 views

Blinko <= 1.8.3 - User Information Leak

Blinko = 1.8.4 contains an information disclosure caused by a publicly accessible endpoint exposing user information including usernames, roles, and account creation dates, letting remote attackers access sensitive user data, exploit requires no special privileges. id: CVE-2026-23486 info: name:...

6.9CVSS6.1AI score0.00711EPSS
Exploits0References3
Rows per page
Query Builder