CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/21 6:16 p.m.•6 views

CVE-2026-48246

Open ISES Tickets before 3.44.2 disables TLS certificate verification in ajax/reports.php by setting CURLOPTSSLVERIFYPEER to false and not setting CURLOPTSSLVERIFYHOST when issuing outbound HTTPS requests for Google Maps Directions API lookups during incident report generation. An attacker...

8.2CVSS0.00022EPSS

Cvelist•added 2026/05/21 5:11 p.m.•32 views

CVE-2026-48246 Open ISES Tickets < 3.44.2 Disabled TLS Certificate Verification in ajax/reports.php

8.2CVSS0.00022EPSS

ATTACKERKB•added 2026/05/21 5:11 p.m.•2 views

CVE-2026-48246

8.2CVSS5.9AI score0.00022EPSS

Exploits0References4

EUVD•added 2026/05/21 5:11 p.m.•6 views

EUVD-2026-31327

8.2CVSS5.9AI score0.00022EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: crypto: qat – fix DMA transfer direction When CONFIGDMAAPIDEBUG is enabled, during the execution of the crypto self-test for QAT crypto algorithms, the function adddmaentry reports a warning indicating that overlapping mapping...

6.1AI score0.00029EPSS

Packet Storm News•added 2026/05/13 12:0 a.m.•4 views

Backdoor Channels Hidden in Latent Space: Cryptographic Undetectability in Modern Neural Networks

Recent cryptographic results establish that neural networks can be backdoored such that no efficient algorithm can distinguish them from a clean model. These guarantees, however, have been confined to stylised architectures of limited practical relevance, leaving open whether comparable...

5.7AI score

RedhatCVE•added 2026/04/29 2:48 p.m.•3 views

CVE-2026-39674

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Manoj Kumar MK Google Directions google-distance-calculator allows DOM-Based XSS.This issue affects MK Google Directions: from n/a through = 3.1.1...

6.5CVSS5.2AI score0.00039EPSS

Packet Storm News•added 2026/04/15 12:0 a.m.•1 views

Challenges and Future Directions in Agentic Reverse Engineering Systems

Agentic systems built on large language models LLMs are increasingly being used for complex security tasks, including binary reverse engineering RE. Despite recent growth in popularity and capability, these systems continue to face limitations in realistic settings. Cutting-edge systems still fai...

5.8AI score

EUVD•added 2026/04/08 9:31 a.m.•2 views

EUVD-2026-20353

6.5CVSS5.9AI score0.00039EPSS

Exploits0References2

NVD•added 2026/04/08 9:16 a.m.•2 views

CVE-2026-39674

6.5CVSS0.00039EPSS

Cvelist•added 2026/04/08 8:30 a.m.•18 views

CVE-2026-39674 WordPress MK Google Directions plugin <= 3.1.1 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00039EPSS

CVE•added 2026/04/08 8:30 a.m.•5 views

CVE-2026-39674

CVE-2026-39674 affects the WordPress plugin “MK Google Directions” by Manoj Kumar MK, specifically the Google Distance Calculator present in versions up to and including 3.1.1. The issue is described as a DOM-based cross-site scripting (XSS) vulnerability arising from improper input neutralizatio...

6.5CVSS5.9AI score0.00039EPSS

Vulnrichment•added 2026/04/08 8:30 a.m.•2 views

CVE-2026-39674 WordPress MK Google Directions plugin <= 3.1.1 - Cross Site Scripting (XSS) vulnerability

6.5CVSS5.2AI score0.00039EPSS

ATTACKERKB•added 2026/04/08 8:30 a.m.•3 views

CVE-2026-39674

5.9AI score0.00039EPSS

Exploits0References2

CNNVD•added 2026/04/08 12:0 a.m.•4 views

WordPress plugin MK Google Directions 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.5CVSS5.7AI score0.00039EPSS

Positive Technologies•added 2026/04/08 12:0 a.m.•3 views

PT-2026-31236

6.5CVSS5.9AI score0.00039EPSS

Packet Storm News•added 2026/04/03 12:0 a.m.•0 views

Towards Secure Agent Skills: Architecture, Threat Taxonomy, and Security Analysis

Agent Skills is an emerging open standard that defines a modular, filesystem-based packaging format enabling LLM-based agents to acquire domain-specific expertise on demand. Despite rapid adoption across multiple agentic platforms and the emergence of large community marketplaces, the security...

5.8AI score

Packet Storm News•added 2026/02/18 12:0 a.m.•6 views

Discovering Universal Activation Directions for PII Leakage in Language Models

Modern language models exhibit rich internal structure, yet little is known about how privacy-sensitive behaviors, such as personally identifiable information PII leakage, are represented and modulated within their hidden states. We present UniLeak, a mechanistic-interpretability framework that...

5.6AI score

Packet Storm News•added 2026/02/11 12:0 a.m.•2 views

Kill It with FIRE: On Leveraging Latent Space Directions for Runtime Backdoor Mitigation in Deep Neural Networks

Machine learning models are increasingly present in our everyday lives; as a result, they become targets of adversarial attackers seeking to manipulate the systems we interact with. A well-known vulnerability is a backdoor introduced into a neural network by poisoned training data or a malicious...

5.5AI score