CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/16 12:38 p.m.•2 views

SUSE-SU-2026:21794-1 Security update for agama

This update for agama fixes the following issue - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257930. Changes for agama: - Update "time" crate to version 0.3.47...

6.8CVSS5.8AI score0.00016EPSS

Circl•added 2026/05/16 10:32 a.m.•7 views

CVE-2026-5693

creationtimestamp| type| source ---|---|--- 2026-05-16 10:32:05+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlxnfnaua72c...

5.3CVSS5.8AI score0.00035EPSS

Circl•added 2026/05/16 2:4 a.m.•4 views

GHSA-XGP8-3HG3-C2MH

creationtimestamp| type| source ---|---|--- 2026-05-16 02:04:03+00:00| seen| https://gist.github.com/AlgoDev-hash/09b8d3924b1510f4f9fb853b347af34a 2026-05-17 18:09:49+00:00| seen| https://gist.github.com/web3securityauditor/7d7d8acf63a2ec18ed25f500c878c123...

Circl•added 2026/05/16 12:0 a.m.•3 views

Exploits0References2

CVE-2026-46364

creationtimestamp| type| source ---|---|--- 2026-05-16 00:00:39+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mlwk4jqvtu23...

9.8CVSS5.8AI score0.00065EPSS

Circl•added 2026/05/15 6:40 p.m.•3 views

GHSA-MQ5J-PW29-JCV3

creationtimestamp| type| source ---|---|--- 2026-05-15 18:40:29+00:00| seen| https://gist.github.com/alon710/603dfdf0e01af88d7ae6413c9f3332fe...

CVE•added 2026/05/15 6:36 p.m.•8 views

CVE-2021-47967

CVE-2021-47967 affects PHP Timeclock 1.04 with multiple cross-site scripting (XSS) vulnerabilities that allow unauthenticated attackers to inject arbitrary JavaScript by manipulating URL paths and POST parameters. Attackers can target login.php, timeclock.php, audit.php, and timerpt.php endpoints...

6.1CVSS5.9AI score0.00095EPSS

Exploits0References4

Cvelist•added 2026/05/15 6:36 p.m.•27 views

CVE-2021-47967 PHP Timeclock 1.04 Multiple Cross-Site Scripting via Parameters

PHP Timeclock 1.04 contains multiple cross-site scripting vulnerabilities that allow unauthenticated attackers to inject arbitrary JavaScript by manipulating URL paths and POST parameters. Attackers can append malicious payloads to login.php, timeclock.php, audit.php, and timerpt.php endpoints, o...

6.1CVSS0.00095EPSS

Exploits0References4

Circl•added 2026/05/15 10:55 a.m.•4 views

CVE-2026-45062

creationtimestamp| type| source ---|---|--- 2026-05-15 10:55:59+00:00| published-proof-of-concept| https://github.com/php/frankenphp/security/advisories/GHSA-3g8v-8r37-cgjm 2026-05-16 09:50:05+00:00| seen| https://bsky.app/profile/dunglas.dev/post/3mlxl2h6gpc2k 2026-05-17 02:40:31+00:00| seen|...

Snyk•added 2026/05/15 10:43 a.m.•4 views

Malicious Package

Overview simple-date-diff-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

9.8CVSS5.8AI score

Exploits0References2

OSSF Malicious Packages•added 2026/05/15 10:43 a.m.•8 views

Malicious code in simple-date-diff-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fb5f213f91d456c5ac949bf0995ee5310b944a9bf102b429edec11a99cfb6bf The package simple-date-diff-utils was found to contain malicious code. Source: ghsa-malware...

Circl•added 2026/05/15 9:0 a.m.•4 views

CVE-2026-5229

creationtimestamp| type| source ---|---|--- 2026-05-15 09:00:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mluxsxr7ya2y 2026-05-15 10:00:26+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlv363rg662w 2026-05-15 11:31:06+00:00| seen|...

9.8CVSS5.7AI score0.0014EPSS

Exploits1References3

Circl•added 2026/05/15 8:40 a.m.•2 views

GHSA-F3CJ-J4F6-WQ85

creationtimestamp| type| source ---|---|--- 2026-05-15 08:40:29+00:00| seen| https://gist.github.com/alon710/aa885c0fd60e9933dfca974f0bf10618...

Circl•added 2026/05/15 7:33 a.m.•5 views

CVE-2026-4094

creationtimestamp| type| source ---|---|--- 2026-05-15 07:33:27+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlusxccsji2q...

8.1CVSS5.8AI score0.00042EPSS

Circl•added 2026/05/15 4:31 a.m.•5 views

CVE-2025-52540

creationtimestamp| type| source ---|---|--- 2026-05-15 04:31:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mluird35wg2r...

8.5CVSS5.8AI score0.00016EPSS

Circl•added 2026/05/15 2:5 a.m.•4 views

CVE-2026-8612

creationtimestamp| type| source ---|---|--- 2026-05-15 02:05:20+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mluam7kbww2b...

5.3CVSS5.7AI score0.00051EPSS

Circl•added 2026/05/15 12:0 a.m.•6 views

CVE-2026-44666

creationtimestamp| type| source ---|---|--- 2026-05-15 00:00:39+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mltznm4m4d2f 2026-05-15 00:00:58+00:00| seen| https://infosec.exchange/users/offseq/statuses/116575648891629346 2026-05-15 01:47:07+00:00| seen|...

9.3CVSS5.8AI score0.00062EPSS

Circl•added 2026/05/14 6:10 p.m.•2 views

GHSA-9M65-766C-R333

creationtimestamp| type| source ---|---|--- 2026-05-14 18:10:29+00:00| seen| https://gist.github.com/alon710/f37dde72118656f1c6b1cac083cc2cb1...

Circl•added 2026/05/14 6:0 p.m.•7 views

CVE-2026-8560

creationtimestamp| type| source ---|---|--- 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260515 2026-05-17 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260518...

4.3CVSS5.8AI score0.00027EPSS

Exploits0References2

Circl•added 2026/05/14 6:0 p.m.•6 views

CVE-2026-8581

creationtimestamp| type| source ---|---|--- 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260515 2026-05-14 21:43:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mltrzb4rhk2e 2026-05-17 18:00:00+00:00| seen|...

8.8CVSS5.8AI score0.00139EPSS