Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

72 matches found

RedhatCVE
RedhatCVEadded 2 days ago3 views

CVE-2026-10226

A flaw has been found in raisulislamg4 studentmanagementsystembyphp up to 310d950e09013d5133c6b9210aff9444382d16d1. Impacted is an unknown function of the file delete.php. Executing a manipulation of the argument userid/courseid/teacherid/studentid/applicationid can lead to sql injection. The...

7.5CVSS5.6AI score0.00033EPSS
Exploits0References1
NVD
NVDadded 5 days ago9 views

CVE-2026-10153

A flaw has been found in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is the function Search of the file org/springframework/cache/support/AbstractCacheManager.java. This manipulation of the argument s causes cross site scripting. Remote exploitation of the attack i...

5.3CVSS0.00033EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 5 days ago5 views

PT-2026-45138

A flaw has been found in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is the function Search of the file org/springframework/cache/support/AbstractCacheManager.java. This manipulation of the argument s causes cross site scripting. Remote exploitation of the attack i...

5.3CVSS4.4AI score0.00033EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2026/05/26 8:14 p.m.9 views

CVE-2026-9469

A weakness has been identified in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. The impacted element is an unknown function of the file /success.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. T...

7.5CVSS6.9AI score0.00039EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/05/18 1:58 p.m.6 views

CVE-2026-8755

A flaw has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The affected element is the function getallmodels of the file hiyoriUI.py of the component Model Handler. This manipulation causes path traversal. The attack can be initiated remotely. The exploit has be...

7.5CVSS6.7AI score0.00029EPSS
Exploits0References1
OSV
OSVadded 2026/05/15 1:47 p.m.0 views

ECHO-B2FA-B6CA-DB1A

Bulletin has no description...

3.1CVSS5.7AI score0.0004EPSS
Exploits0References1
NVD
NVDadded 2026/05/05 5:16 a.m.7 views

CVE-2026-7811

A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The affected element is the function issafepath of the file src/codemcp/server.py of the component MCP File Handler. Such manipulation leads to path traversal. It is possible to launch the attack...

7.5CVSS0.0006EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/05/01 12:0 a.m.1 views

PT-2026-36531

A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function get style guide/get best practices of the file server.py. The manipulation of the argument Language results in path traversal. It is possible to launch the attack remotely. The exploit has been made public a...

6.9CVSS5.5AI score0.00062EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/04/29 12:0 a.m.2 views

PT-2026-35972

A weakness has been identified in florensiawidjaja BioinfoMCP up to 7ada7918b9e515604d3c0ae264d3a9af10bf6e54. This vulnerability affects the function Upload of the file bioinfo mcp platform/app.py of the component Upload Endpoint. This manipulation of the argument Name causes path traversal. The...

7.5CVSS7.1AI score0.00089EPSS
Exploits0References6
NVD
NVDadded 2026/04/28 4:16 a.m.2 views

CVE-2026-7220

A vulnerability has been found in jackwrichards FastlyMCP up to 6f3d0b0e654fc51076badc7fa16c03c461f95620. This impacts an unknown function of the file fastly-mcp.mjs of the component fastlycli Tool. The manipulation of the argument command leads to os command injection. It is possible to initiate...

7.5CVSS0.0212EPSS
Exploits0References5
OSV
OSVadded 2026/04/28 3:19 a.m.2 views

MINI-M65F-M47J-W2WJ

Bulletin has no description...

6.5CVSS5AI score0.00041EPSS
Exploits0
Cvelist
Cvelistadded 2026/04/21 8:35 p.m.29 views

CVE-2026-34325

...

6.8CVSS0.00017EPSS
Exploits0References1
CVE
CVEadded 2026/04/21 8:35 p.m.3 views

CVE-2026-34298

CVE-2026-34298 affects Oracle Applications Framework within Oracle E-Business Suite, Personalization component. Affected: E-Business Suite versions 12.2.9–12.2.15. The vulnerability arises in the Personalization feature, enabling a high-privilege attacker with network access via HTTP to perform u...

4.7CVSS5.7AI score0.00042EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/04/17 12:45 p.m.0 views

CVE-2026-6488

A vulnerability was identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This vulnerability affects unknown code of the file admin/editcourse.php of the component GET Request Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be...

6.5CVSS5.6AI score0.00034EPSS
Exploits0References4
EUVD
EUVDadded 2026/04/06 12:32 p.m.1 views

EUVD-2026-19215

A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $SERVER'PHPSELF' leads to cross...

4.8CVSS4.3AI score0.00035EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/04/06 9:30 a.m.25 views

CVE-2026-5642 Cyber-III Student-Management-System HTTP POST Request update.php improper authorization

A vulnerability was determined in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown function of the file /viva/update.php of the component HTTP POST Request Handler. This manipulation of the argument Name causes improper authorization. It ...

7.5CVSS0.00058EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/02/22 12:0 a.m.3 views

PT-2026-21427

Name of the Vulnerable Software and Affected Versions Zaher1307 tiny web server versions prior to 8d77b1044a0ca3a5297d8726ac8aa2cf944d481b Description A flaw exists in the URL Handler component of Zaher1307 tiny web server. This issue allows for an out-of-bounds write, potentially enabling remote...

7.5CVSS7.1AI score0.0007EPSS
Exploits0References12
RedhatCVE
RedhatCVEadded 2026/02/18 8:41 p.m.2 views

CVE-2026-23229

A flaw was found in the Linux kernel's virtio-crypto driver. A local attacker, by running multiple OpenSSL processes with the afalg engine, could trigger a race condition due to missing spinlock protection in the virtcryptodonetask function. This could lead to a system hang, resulting in a Denial...

5.5CVSS5.3AI score0.0003EPSS
Exploits0References4
NVD
NVDadded 2026/02/16 12:16 p.m.5 views

CVE-2026-2553

A security flaw has been discovered in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. This affects an unknown part of the file /home.php of the component HTTP POST Request Handler. Performing a manipulation of the argument Name/Email results in sql injection...

6.5CVSS0.00042EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/01/20 9:56 p.m.13 views

CVE-2026-21979

...

4.2CVSS0.00021EPSS
Exploits0References1
Rows per page
Query Builder