CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

330 matches found

NVD•added 2026/05/20 8:16 p.m.•4 views

CVE-2026-2812

ArcGIS Server contains an improper authentication vulnerability in an undocumented administrative endpoint. An unauthenticated attacker could exploit this issue by sending a crafted request to the endpoint. Successful exploitation may result in disruption of the web-based browsing interface. This...

5.3CVSS0.00097EPSS

Exploits0References1

RedhatCVE•added 2026/05/13 2:21 p.m.•3 views

CVE-2026-22924

A vulnerability has been identified in SIMATIC CN 4100 All versions V5.0. The affected application does not properly restrict unauthenticated connections and is susceptible to resource exhaustion conditions. This could allow an attacker to disrupt normal operations or perform unauthorized actions...

9.1CVSS5.7AI score0.00051EPSS

Exploits0References1

ATTACKERKB•added 2026/05/13 4:26 a.m.•1 views

CVE-2026-7051

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 8.9.0. This is due to a missing ownership verification in the B2SPostTools::deleteUserPublishPost and B2SPostTools::deleteUserSchedPost functions,...

5.4CVSS5.9AI score0.00056EPSS

Exploits0References15

Packet Storm News•added 2026/05/11 12:0 a.m.•4 views

Guaranteed Jailbreaking Defense Via Disrupt-And-Rectify Smoothing

This paper proposes a guaranteed defense method for large language models LLMs to safeguard against jailbreaking attacks. Drawing inspiration from the denoised-smoothing approach in the adversarial defense domain, we propose a novel smoothing-based defense method, termed Disrupt-and-Rectify...

5.8AI score

Exploits0

CNNVD•added 2026/04/28 12:0 a.m.•3 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.28 contained security vulnerabilities. These vulnerabilities stemmed from accepting unlimited concurrent unauthenticated WebSocket upgrades, which could allow unauthenticated...

8.7CVSS5.8AI score0.00102EPSS

Exploits0References1

ICS•added 2026/03/31 6:0 a.m.•2 views

Anritsu Remote Spectrum Monitor

RISK EVALUATION Successful exploitation of this vulnerability could allow attackers with network access to alter operational settings, obtain sensitive signal data, or disrupt device availability. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of...

9.3CVSS5.8AI score0.00076EPSS

Exploits0References11

Vulnrichment•added 2026/03/17 7:14 p.m.•1 views

CVE-2026-4064

Missing authorization checks on multiple gRPC service endpoints in PowerShell Universal before 2026.1.4 allows an authenticated user with any valid token to bypass role-based access controls and perform privileged operations — including reading sensitive data, creating or deleting resources, and...

5.8AI score0.00022EPSS

Exploits0References1

Vulnrichment•added 2026/02/26 6:29 p.m.•4 views

CVE-2026-22715 VMware Workstation/Fusion NAT vulnerability

VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. Resolution: To remediate CVE-2026-22715...

5.9CVSS5.9AI score0.00011EPSS

Exploits0References1

OSV•added 2026/02/18 9:16 p.m.•0 views

CVE-2026-1999

A Server-Side Request Forgery SSRF vulnerability was identified in GitHub Enterprise Server that allowed an authenticated user to access internal services bound to loopback or unspecified addresses, potentially disrupting background job processing, accessing administrative endpoints, metrics, and...

6.5CVSS5.8AI score

Exploits0References6

ATTACKERKB•added 2026/02/17 8:46 p.m.•3 views

CVE-2026-23596

A vulnerability in the management API of the affected product could allow an unauthenticated remote attacker to trigger service restarts. Successful exploitation could allow an attacker to disrupt services and negatively impact system availability...

6.5CVSS5.7AI score0.00093EPSS

Exploits0References2Affected Software1

CNNVD•added 2026/02/04 12:0 a.m.•3 views

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by Samsung Electronics in South Korea. This includes smartphones, tablets, etc. Devices prior to the SMR Feb-2026 Release 1 version have security vulnerabilities. These vulnerabilities stem from improper access control, which may allo...

6.9CVSS5.8AI score0.00008EPSS

Exploits0References2

Positive Technologies•added 2026/02/04 12:0 a.m.•4 views

PT-2026-6087

Name of the Vulnerable Software and Affected Versions Citrix Emergency Sharing versions prior to SMR Feb-2026 Release 1 Description An improper access control issue exists in Emergency Sharing. This allows local attackers to interrupt the functionality of the service. Recommendations Update to SM...

6.9CVSS5.4AI score0.00008EPSS

Exploits0References5

RedhatCVE•added 2026/02/03 3:18 p.m.•2 views

CVE-2022-50980

A unauthenticated adjacent attacker could potentially disrupt operations by switching between multiple configuration presets via CAN...

6.5CVSS5.3AI score0.00014EPSS

Exploits0References1

RedhatCVE•added 2026/02/03 3:18 p.m.•2 views

CVE-2022-50978

An unauthenticated remote attacker could potentially disrupt operations by switching between multiple configuration presets via Modbus TCP...

7.5CVSS5.5AI score0.00041EPSS

Exploits0References1