Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

CVE
CVEadded 2026/05/01 12:0 a.m.7 views

CVE-2026-43001

CVE-2026-43001 affects OpenStack Keystone (versions 13–29) where POST /v3/credentials does not validate that the caller-supplied project_id for an EC2-type credential matches the authenticating application credential’s project. An attacker with an unrestricted app_cred for project A can create an...

8CVSS5.8AI score0.00018EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVEadded 2026/04/13 7:37 p.m.3 views

CVE-2026-33551

A flaw was found in OpenStack Keystone. An authenticated user with a reader role can exploit a vulnerability in the EC2 credential creation endpoint. By using a restricted application credential to call the EC2 credential creation API, the user may obtain EC2/S3 credentials that carry the full se...

3.5CVSS5.8AI score0.00033EPSS
Exploits1References6
RedhatCVE
RedhatCVEadded 2025/10/31 10:7 p.m.1 views

CVE-2024-13994

Nagios XI versions prior to 2024R1.1.2 contain a missing authorization control when the 'Allow Insecure Logins' option is enabled. Under this configuration, any user can create valid login credentials for other users without proper authorization. This can lead to unauthorized account creation,...

9.8CVSS6.8AI score0.00087EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-6917

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00141EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/09/26 12:0 a.m.3 views

PT-2025-39666

Name of the Vulnerable Software and Affected Versions Rancher Manager versions prior to 2.9.12 Rancher Manager versions prior to 2.10.10 Rancher Manager versions prior to 2.11.6 Rancher Manager versions prior to 2.12.2 Description A flaw exists in Rancher Manager that allows sensitive information...

9.9CVSS6.5AI score0.06448EPSS
Exploits11References46
GithubExploit
GithubExploitadded 2025/09/05 10:34 a.m.262 views

Exploit for CVE-2025-49388

CVE-2025-49388 WordPress Miraculous Core Plugin Plugin OPTI...

9.8CVSS7AI score0.00184EPSS
Exploits1
RedhatCVE
RedhatCVEadded 2025/05/23 8:1 a.m.6 views

CVE-2024-29941

Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT encryption...

8CVSS7.2AI score0.00064EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 4:36 p.m.4 views

CVE-2020-28872

An authorization bypass vulnerability in Monitorr v1.7.6m in Monitorr/assets/config/installation/register.php allows an unauthorized person to create valid credentials...

9.8CVSS6.7AI score0.00553EPSS
Exploits3
OSV
OSVadded 2024/09/20 7:7 p.m.3 views

CVE-2024-45793 Cross-site Scripting from in Confidant API call

Confidant is a open source secret management service that provides user-friendly storage and access to secrets. The following endpoints are subject to a cross site scripting vulnerability: GET /v1/credentials, GET /v1/credentials/, GET /v1/archive/credentials/, GET /v1/archive/credentials, POST...

4.8CVSS5.8AI score0.00108EPSS
Exploits0References6
Rows per page
Query Builder