CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

GithubExploit•added 2026/04/24 10:4 a.m.•81 views

ai-security-poc

AI Security POC A fully containerised proof-of-concept for te...

5.5AI score

CNNVD•added 2026/04/21 12:0 a.m.•3 views

CrowdStrike LogScale 安全漏洞

CrowdStrike LogScale is a high-performance log management and analysis platform developed by the CrowdStrike company in the United States. There is a security vulnerability in CrowdStrike LogScale, which stems from an unvalidated path traversal issue in certain cluster API endpoints. This...

9.8CVSS6AI score0.00567EPSS

The Hacker News•added 2026/04/08 9:16 a.m.•9 views

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Artificial Intelligence AI company Anthropic announced a new cybersecurity initiative called Project Glasswing that will use a preview version of its new frontier model, Claude Mythos , to find and address security vulnerabilities. The model will be used by a small set of organizations, including...

6AI score

HackRead•added 2026/03/26 5:15 p.m.•5 views

Best AI Security Solutions for Enterprises in 2026

Enterprise AI security solutions in 2026, compare Check Point, Palo Alto, CrowdStrike, Fortinet, and Zscaler across cloud, endpoint, and network...

5.8AI score

The Hacker News•added 2026/02/10 2:36 p.m.•10 views

Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools

Cybersecurity researchers have disclosed details of an emergent ransomware family dubbed Reynolds that comes embedded with a built-in bring your own vulnerable driver BYOVD component for defense evasion purposes within the ransomware payload itself. BYOVD refers to an adversarial technique that...

5.7CVSS6.5AI score0.0002EPSS

Exploits1

The Hacker News•added 2025/12/19 3:34 p.m.•5 views

Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

Cybersecurity researchers have disclosed details of a new campaign that has used cracked software distribution sites as a distribution vector for a new version of a modular and stealthy loader known as CountLoader. The campaign "uses CountLoader as the initial tool in a multistage attack for...

7AI score

HackRead•added 2025/11/22 4:13 p.m.•6 views

CrowdStrike Fires Worker Over Insider Leak to Scattered Lapsus Hunters

CrowdStrike fired an insider for selling internal screenshots to Scattered Lapsus$ Hunters for $25,000. Read how the security team detected the activity and protected customers...

7AI score

EUVD•added 2025/10/29 10:49 p.m.•0 views

EUVD-2025-36811

Malicious code in crowdstrike npm...

6.6AI score

OSSF Malicious Packages•added 2025/10/29 10:49 p.m.•2 views

Malicious code in crowdstrike (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 11cd49b95ecfbbbeedc96c140184f8543c29b3a6b60688c32bb40459bd164a76 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score

OSV•added 2025/10/29 10:49 p.m.•1 views

MAL-2025-48991 Malicious code in crowdstrike (npm)

6.8AI score

Snyk•added 2025/10/29 10:49 p.m.•3 views

Malicious Package

Overview crowdstrike is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS6.8AI score

OSV•added 2025/10/09 8:43 a.m.•4 views

BIT-KIBANA-2025-37728 Kibana Insufficiently Protected Credentials in the CrowdStrike Connector

Insufficiently Protected Credentials in the Crowdstrike connector can lead to Crowdstrike credentials being leaked. A malicious user can access cached credentials from a Crowdstrike connector in another space by creating and running a Crowdstrike connector in a space to which they have access...

5.4CVSS6.9AI score0.00026EPSS

OSV•added 2025/10/09 8:40 a.m.•3 views

BIT-ELK-2025-37728 Kibana Insufficiently Protected Credentials in the CrowdStrike Connector

5.4CVSS6.9AI score0.00026EPSS

RedhatCVE•added 2025/10/08 8:19 p.m.•1 views

CVE-2025-37728

5.4CVSS6.8AI score0.00026EPSS

Vulnrichment•added 2025/10/08 5:18 p.m.•2 views

CVE-2025-42701 CrowdStrike Falcon Sensor for Windows Race Condition

A race condition exists in the Falcon sensor for Windows that could allow an attacker, with the prior ability to execute code on a host, to delete arbitrary files. CrowdStrike released a security fix for this issue in Falcon sensor for Windows versions 7.24 and above and all Long Term Visibility...

5.6CVSS7.2AI score0.00011EPSS

Cvelist•added 2025/10/08 5:18 p.m.•9 views

CVE-2025-42706 CrowdStrike Falcon Sensor for Windows Logic Error

A logic error exists in the Falcon sensor for Windows that could allow an attacker, with the prior ability to execute code on a host, to delete arbitrary files. CrowdStrike released a security fix for this issue in Falcon sensor for Windows versions 7.24 and above and all Long Term Visibility LTV...

6.5CVSS0.00011EPSS

Vulnrichment•added 2025/10/08 5:18 p.m.•2 views

CVE-2025-42706 CrowdStrike Falcon Sensor for Windows Logic Error

6.5CVSS7.3AI score0.00011EPSS

CVE•added 2025/10/08 5:18 p.m.•13 views

CVE-2025-42706

CVE-2025-42706 describes a logic error in the Windows CrowdStrike Falcon Sensor that could allow an attacker with prior code execution on a host to delete arbitrary files. Affected software: Falcon Sensor for Windows (pre-7.24) and all Long Term Visibility sensors; fixes released for Windows 7.24...

6.5CVSS7.3AI score0.00011EPSS