CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/06/09 12:0 a.m.•8 views

PT-2026-48283

Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions [email protected] and earlier CAI Content Credentials versions c2pa-v0.80.1 and earlier Description Improper Input Validation allows an attacker to crash the application, resulting in a denial-of-service condition...

7.5CVSS5.2AI score0.00407EPSS

Exploits0References3

CNNVD•added 2026/06/09 12:0 a.m.•9 views

Skilja Vinna Process Monitor 跨站脚本漏洞

Skilja Vinna Process Monitor is a business process monitoring platform developed by Skilja Corporation. The Skilja Vinna Process Monitor 4.0 Service Pack 1 version contains a cross-site scripting vulnerability. This vulnerability stems from a storage-based cross-site scripting flaw, which could...

9.3CVSS5.1AI score0.00242EPSS

CNNVD•added 2026/06/09 12:0 a.m.•7 views

Adobe CAI Content Credentials 输入验证错误漏洞

Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc., which offers capabilities for authenticating digital content sources and tracking its editing history. The Adobe CAI Content Credentials version [email protected] and versions prior to c2pa-v0.80.1 contain a...

7.5CVSS5.4AI score0.0043EPSS

CNNVD•added 2026/06/09 12:0 a.m.•7 views

Kangda Xin DR300 安全漏洞

Kangda Xin DR300 is a wireless router produced by Kangda Xin Corporation. The Kangda Xin DR300 version 2.1.2.121 has a security vulnerability. This vulnerability stems from the inclusion of hardcoded login credentials, with telnet being enabled by default. It may allow attackers to read memory,...

9.8CVSS5.3AI score0.00209EPSS

Positive Technologies•added 2026/06/09 12:0 a.m.•13 views

PT-2026-47647

In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects. Affected versions: Reactor Netty 1.0.0 through 1.0.51;...

6.1CVSS5.5AI score0.00172EPSS

Positive Technologies•added 2026/06/09 12:0 a.m.•7 views

PT-2026-47772

Apptha Slider Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the albid parameter. Attackers can send GET requests with crafted SQL payloads in the albid parameter to extract sensitive...

8.8CVSS6.1AI score0.00295EPSS

Exploits0References4

Positive Technologies•added 2026/06/09 12:0 a.m.•10 views

PT-2026-48163

Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash...

5.5AI score0.00209EPSS

Positive Technologies•added 2026/06/09 12:0 a.m.•9 views

PT-2026-48287

Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions [email protected] and earlier CAI Content Credentials versions c2pa-v0.80.1 and earlier Description An uncontrolled resource consumption issue allows an attacker to exhaust system resources, leading to an...

6.2CVSS5.2AI score0.00153EPSS

Exploits0References3

Positive Technologies•added 2026/06/09 12:0 a.m.•9 views

PT-2026-48307

An attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository saml2 asserting party metadata may be able to store malicious serialized payloads in the columns containing the collection of verification or encryption credentials verification credentials an...

7.3CVSS5.5AI score0.00198EPSS

Positive Technologies•added 2026/06/09 12:0 a.m.•15 views

PT-2026-48284

Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions [email protected] and earlier CAI Content Credentials versions c2pa-v0.80.1 and earlier Description An uncontrolled resource consumption issue allows an attacker to exhaust system resources, leading to an...

7.5CVSS5.2AI score0.00407EPSS

Exploits0References3

CNNVD•added 2026/06/09 12:0 a.m.•5 views

Adobe CAI Content Credentials 输入验证错误漏洞

7.5CVSS5.3AI score0.00407EPSS

CNNVD•added 2026/06/09 12:0 a.m.•9 views

Adobe CAI Content Credentials 资源管理错误漏洞

Positive Technologies•added 2026/06/09 12:0 a.m.•9 views

PT-2026-48282

Name of the Vulnerable Software and Affected Versions CAI Content Credentials versions [email protected] and earlier CAI Content Credentials version c2pa-v0.80.1 Description An integer overflow or wraparound occurs, which can be exploited by an attacker to crash the application. This leads to a...

7.5CVSS5.5AI score0.0043EPSS

Exploits0References4

CNNVD•added 2026/06/09 12:0 a.m.•13 views

Adobe CAI Content Credentials 资源管理错误漏洞

CNNVD•added 2026/06/09 12:0 a.m.•14 views

Adobe CAI Content Credentials 资源管理错误漏洞

CNNVD•added 2026/06/09 12:0 a.m.•12 views

Adobe CAI Content Credentials 输入验证错误漏洞

CNNVD•added 2026/06/09 12:0 a.m.•8 views

Adobe CAI Content Credentials 路径遍历漏洞

Adobe CAI Content Credentials is a content trust marking system provided by Adobe Inc. in the United States. It offers capabilities for authenticating digital content sources and tracking editing history. The Adobe CAI Content Credentials version [email protected] and versions prior to c2pa-v0.80.1...

5.5CVSS5.6AI score0.0017EPSS

Positive Technologies•added 2026/06/09 12:0 a.m.•12 views

PT-2026-47731

A Stored Cross-Site Scripting vulnerability in Vinna Process Monitor Version 4.0 Service Pack 1 Build 63255 allows an authenticated remote attacker with low privileges to inject malicious JavaScript code into the application. This enables attackers to steal administrative access tokens and sessio...

9.3CVSS5.6AI score0.00242EPSS