Lucene search
K

56742 matches found

Circl
Circl
added 12 hours ago5 views

CVE-2026-57728

creationtimestamp| type| source ---|---|--- 2026-07-13 11:19:14+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjl3decem2e...

7.1CVSS6.1AI score
Exploits0References1
Circl
Circl
added 12 hours ago3 views

CVE-2026-57710

creationtimestamp| type| source ---|---|--- 2026-07-13 11:18:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqjkzd2pp525...

9.9CVSS6.1AI score
Exploits0References1
Circl
Circl
added 12 hours ago3 views

CVE-2026-22096

creationtimestamp| type| source ---|---|--- 2026-07-13 11:10:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqjkkyqbj62r 2026-07-13 18:49:50+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkeb3m33j2e...

9.3CVSS6.1AI score
Exploits0References2
Circl
Circl
added 12 hours ago3 views

CVE-2026-22093

creationtimestamp| type| source ---|---|--- 2026-07-13 11:08:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqjkhgrukm2t 2026-07-13 17:49:37+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkavfwvjs2y...

9.5CVSS6.1AI score
Exploits0References2
Circl
Circl
added 12 hours ago4 views

CVE-2026-59518

creationtimestamp| type| source ---|---|--- 2026-07-13 11:05:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjkc6f45w2l 2026-07-13 11:30:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqjlorfkkl2w 2026-07-13 11:55:15+00:00| seen|...

9.8CVSS6.1AI score
Exploits0References4
Circl
Circl
added 12 hours ago4 views

CVE-2026-57381

creationtimestamp| type| source ---|---|--- 2026-07-13 10:59:21+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjjxs6j7527 2026-07-13 18:57:03+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkenyr3e52f...

7.1CVSS6.1AI score
Exploits0References2
Circl
Circl
added 12 hours ago3 views

CVE-2026-57772

creationtimestamp| type| source ---|---|--- 2026-07-13 10:51:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjjjbh4rv25...

8.5CVSS6.1AI score
Exploits0References1
Circl
Circl
added 13 hours ago3 views

CVE-2026-15546

creationtimestamp| type| source ---|---|--- 2026-07-13 09:45:55+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjfuhyoop2s 2026-07-13 10:17:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjhn4vufb26...

6.5CVSS6.6AI score
Exploits0References2
EUVD
EUVD
added 13 hours ago5 views

EUVD-2026-43315

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4 fail to verify whether a guest account is deactivated before creating a session in the magic-link token login path, which allows a deactivated guest user to obtain a fully functional session via a magic-link token issued prior to deactivation...

5.4CVSS6.1AI score
Exploits0References2
EUVD
EUVD
added 13 hours ago5 views

EUVD-2026-43288

The Tutor LMS WordPress plugin before 3.9.13 does not perform any authorization or post-target validation before creating a comment in one of its handlers, and stores the comment pre-approved, allowing authenticated users with subscriber-level access and above to post auto-approved comments...

4.3CVSS6.2AI score
Exploits0References2
NVD
NVD
added 14 hours ago5 views

CVE-2026-9597

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4 fail to verify whether a guest account is deactivated before creating a session in the magic-link token login path, which allows a deactivated guest user to obtain a fully functional session via a magic-link token issued prior to deactivation...

5.4CVSS
Exploits0References1
CVE
CVE
added 15 hours ago13 views

CVE-2026-9597

Mattermost advisory MMSA-2026-00681 documents a vulnerability in Mattermost where versions 11.7.x <= 11.7.2 and 11.6.x

5.4CVSS6.1AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 15 hours ago12 views

CVE-2026-9597 Deactivated guest accounts can authenticate via magic-link token in Mattermost REST API login endpoint

Mattermost versions 11.7.x = 11.7.2, 11.6.x = 11.6.4 fail to verify whether a guest account is deactivated before creating a session in the magic-link token login path, which allows a deactivated guest user to obtain a fully functional session via a magic-link token issued prior to deactivation...

5.4CVSS
Exploits0References1
Circl
Circl
added 16 hours ago5 views

CVE-2026-4769

creationtimestamp| type| source ---|---|--- 2026-07-13 07:21:18+00:00| seen| https://infosec.exchange/users/certvde/statuses/116911458109125585 2026-07-13 07:54:49+00:00| seen| https://bsky.app/profile/securityonline.bsky.social/post/3mqj7nsuneh2l 2026-07-13 08:30:05+00:00| seen|...

9.8CVSS6.1AI score
Exploits0References5
CVE
CVE
added 17 hours ago8 views

CVE-2026-12273

The Tutor LMS WordPress plugin before 3.9.13 does not perform any authorization or post-target validation before creating a comment in one of its handlers, and stores the comment pre-approved, allowing authenticated users with subscriber-level access and above to post auto-approved comments...

4.3CVSS6.2AI score
Exploits0References1
Nuclei
Nuclei
added 18 hours ago75 views

XWiki < 14.10.14 - Cross-Site Scripting

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. When document names are validated according to a name strategy disabled by default, XWiki starting in version 12.0-rc-1 and prior to versions 12.10.12 and 15.5-rc-1 is vulnerable to a reflecte...

9.6CVSS7.2AI score0.05124EPSS
Exploits1References2
Nuclei
Nuclei
added 18 hours ago52 views

Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation

Dynamicweb contains a vulnerability which allows an unauthenticated attacker to create a new administrative user. id: CVE-2022-25369 info: name: Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation author: pdteam severity: critical description: Dynamicweb contains a vulnerability which...

9.8CVSS6.1AI score0.40739EPSS
Exploits0References2
Nuclei
Nuclei
added 18 hours ago474 views

Moodle - Cross-Site Scripting/Remote Code Execution

The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system. Moodle versions 4.1.x before 4.1.3 and 4.2.x before...

6.5CVSS6.8AI score0.06583EPSS
Exploits3References5
Nuclei
Nuclei
added 18 hours ago92 views

Telesquare TLR-2855KS6 - Arbitrary File Creation

An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow creation of CGI scripts. id: CVE-2021-46418 info: name: Telesquare TLR-2855KS6 - Arbitrary File Creation author: DhiyaneshDK severity: high description: | An unauthorized file creation vulnerability in...

7.5CVSS7AI score0.23945EPSS
Exploits4References3
Nuclei
Nuclei
added 18 hours ago90 views

Grafana Unauthenticated Snapshot Creation

Grafana 6.7.3 through 7.4.1 snapshot functionality can allow an unauthenticated remote attacker to trigger a Denial of Service via a remote API call if a commonly used configuration is set. id: CVE-2021-27358 info: name: Grafana Unauthenticated Snapshot Creation author: pdteam,bing0o severity: hi...

7.5CVSS7AI score0.83042EPSS
Exploits0References5
Rows per page
Query Builder