Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

26228 matches found

Circl
Circladded 2026/02/24 1:31 a.m.4 views

CVE-2026-3049

creationtimestamp| type| source ---|---|--- 2026-02-24 01:31:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfkzh3vibn2n...

6.1CVSS4.6AI score0.00059EPSS
Exploits1References1
CNNVD
CNNVDadded 2026/02/24 12:0 a.m.4 views

exiftool 操作系统命令注入漏洞

Exiftool is an open-source application developed by ExifTool. It makes metadata more accessible. Versions of Exiftool 13.49 and earlier had a vulnerability related to operating system command injection. This vulnerability stemmed from the SetMacOSTags function in the PNG file parser component,...

8.8CVSS6.8AI score0.00073EPSS
Exploits2References7
Positive Technologies
Positive Technologiesadded 2026/02/24 12:0 a.m.8 views

PT-2026-21764

Name of the Vulnerable Software and Affected Versions exiftool versions prior to 13.50 Description An OS command injection issue exists in the PNG File Parser component of exiftool on macOS. The flaw is located in the SetMacOSTags function within the lib/Image/ExifTool/MacOS.pm file. A remote...

8.8CVSS7.4AI score0.00073EPSS
Exploits2References39
Circl
Circladded 2026/02/23 10:1 p.m.2 views

CVE-2026-26725

creationtimestamp| type| source ---|---|--- 2026-02-23 22:01:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfkno32s4c2c...

9.8CVSS4.7AI score0.00234EPSS
Exploits1References1
NVD
NVDadded 2026/02/23 9:19 p.m.4 views

CVE-2025-70328

TOTOLINK X6000R v9.4.0cu.1498B20250826 contains an OS command injection vulnerability in the NTPSyncWithHost handler of the /usr/sbin/shttpd executable. The hosttime parameter is retrieved via sub40C404 and passed to a date -s shell command through CsteSystem. While the first two tokens of the...

8.8CVSS0.03148EPSS
Exploits1References2
Circl
Circladded 2026/02/23 9:17 p.m.4 views

CVE-2026-23693

creationtimestamp| type| source ---|---|--- 2026-02-23 21:17:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfkl7v7obq2u 2026-02-23 21:21:41+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfklhoebqw2d 2026-02-23 21:22:10+00:00| seen|...

10CVSS4.7AI score0.00198EPSS
Exploits0References4
Circl
Circladded 2026/02/23 9:2 p.m.2 views

CVE-2026-27194

creationtimestamp| type| source ---|---|--- 2026-02-23 21:02:17+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfkkez2f4f2f...

9.8CVSS4.7AI score0.00148EPSS
Exploits0References1
Circl
Circladded 2026/02/23 8:40 p.m.3 views

CVE-2026-27645

creationtimestamp| type| source ---|---|--- 2026-02-23 20:40:13+00:00| published-proof-of-concept| https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-mw8m-398g-h89w 2026-02-25 05:52:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfnyhqe6aq2u...

6.1CVSS5.7AI score0.00715EPSS
Exploits1References2
Circl
Circladded 2026/02/23 8:30 p.m.2 views

CVE-2026-21863

creationtimestamp| type| source ---|---|--- 2026-02-23 20:30:54+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfkimv644b26 2026-02-23 20:32:53+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfkiqgpgpw2s 2026-02-23 21:12:18+00:00| seen|...

7.5CVSS5.3AI score0.0002EPSS
Exploits0References9
Circl
Circladded 2026/02/23 4:48 p.m.3 views

CVE-2025-27555

creationtimestamp| type| source ---|---|--- 2026-02-23 16:48:37+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mfk47clem722 2026-02-24 13:18:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfmavwexlu2v...

6.5CVSS4.9AI score0.00029EPSS
Exploits0References2
Patchstack
Patchstackadded 2026/02/23 10:22 a.m.7 views

WordPress Sweet Date theme < 4.0.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Sweet Date versions 4.0.1...

9.8CVSS5.5AI score0.00061EPSS
Exploits0Affected Software1
Circl
Circladded 2026/02/23 4:22 a.m.2 views

CVE-2026-27590

creationtimestamp| type| source ---|---|--- 2026-02-23 04:22:08+00:00| published-proof-of-concept| https://github.com/caddyserver/caddy/security/advisories/GHSA-5r3v-vc8m-m96g 2026-02-24 18:06:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfmqzqwm4y2x 2026-02-25 01:08:02+00:00|...

9.8CVSS7.3AI score0.00245EPSS
Exploits1References4
NVD
NVDadded 2026/02/23 1:16 a.m.4 views

CVE-2026-2962

A vulnerability was found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub460F30 of the file /boafrm/formDateReboot of the component Scheduled Reboot Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may b...

9CVSS0.00046EPSS
Exploits1References5
CVE
CVEadded 2026/02/23 12:32 a.m.10 views

CVE-2026-2962

CVE-2026-2962 affects D-Link DWR-M960 (firmware 1.01.07). The flaw resides in the function sub_460F30 of the file /boafrm/formDateReboot within the Scheduled Reboot Configuration Endpoint. Manipulating the submit-url argument triggers a stack-based buffer overflow, allowing a remote attacker to p...

9CVSS8.4AI score0.00046EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/23 12:32 a.m.5 views

CVE-2026-2962 D-Link DWR-M960 Scheduled Reboot Configuration Endpoint formDateReboot sub_460F30 stack-based overflow

A vulnerability was found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub460F30 of the file /boafrm/formDateReboot of the component Scheduled Reboot Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may b...

9CVSS8.6AI score0.00046EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/02/23 12:0 a.m.5 views

PT-2026-21552

Name of the Vulnerable Software and Affected Versions TOTOLINK X6000R version 9.4.0cu.1498 B20250826 Description The software contains an OS command injection issue in the NTPSyncWithHost handler of the /usr/sbin/shttpd executable. The host time parameter is processed by the sub 40C404 function a...

8.8CVSS5.7AI score0.03148EPSS
Exploits1References6
Circl
Circladded 2026/02/22 4:22 p.m.5 views

CVE-2019-25433

creationtimestamp| type| source ---|---|--- 2026-02-22 16:22:57+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mfhkcmkgvv2h...

8.8CVSS5.1AI score0.00129EPSS
Exploits0References1
Circl
Circladded 2026/02/22 12:21 p.m.3 views

CVE-2026-27161

creationtimestamp| type| source ---|---|--- 2026-02-22 12:21:14+00:00| seen| https://bsky.app/profile/securitycipher.bsky.social/post/3mfh4sfhdin2d 2026-02-24 06:48:10+00:00| seen| https://t.me/poxek/5938...

8.7CVSS4.8AI score0.0004EPSS
Exploits1References2
Circl
Circladded 2026/02/21 8:24 p.m.3 views

CVE-2026-2883

creationtimestamp| type| source ---|---|--- 2026-02-21 20:24:33+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mffhdp5bq52v 2026-03-07 12:40:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mghtw6k7yg2i...

9CVSS7.3AI score0.00018EPSS
Exploits1References2
Circl
Circladded 2026/02/21 10:40 a.m.4 views

CVE-2026-27492

creationtimestamp| type| source ---|---|--- 2026-02-21 10:40:39+00:00| seen| https://gist.github.com/alon710/3b1f29c1f136603b6c00eebdb5313d9b...

4.7CVSS5.1AI score0.00006EPSS
Exploits0References1
Rows per page
Query Builder