Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Github Security Blog
Github Security Blogadded 2026/03/27 5:43 p.m.14 views

Moby has AuthZ plugin bypass when provided oversized request bodies

Summary A security vulnerability has been detected that allows attackers to bypass authorization plugins AuthZ under specific circumstances. The base likelihood of this being exploited is low. This is an incomplete fix for CVE-2024-41110. Impact If you don't use AuthZ plugins, you are not affecte...

8.8CVSS6.8AI score0.00008EPSS
Exploits0References7Affected Software3
OSV
OSVadded 2026/03/10 6:28 p.m.2 views

GO-2026-4571 Beszel: Docker API has a Path Traversal Vulnerability via Unsanitized Container ID in github.com/henrygd/beszel

Beszel: Docker API has a Path Traversal Vulnerability via Unsanitized Container ID in github.com/henrygd/beszel...

6.5CVSS5.8AI score0.00019EPSS
Exploits1References4
NVD
NVDadded 2026/02/12 4:16 p.m.2 views

CVE-2026-26216

Crawl4AI versions prior to 0.8.0 contain a remote code execution vulnerability in the Docker API deployment. The /crawl endpoint accepts a hooks parameter containing Python code that is executed using exec. The import builtin was included in the allowed builtins, allowing unauthenticated remote...

10CVSS0.00126EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2026/01/16 8:58 p.m.11 views

Crawl4AI Has Local File Inclusion in Docker API via file:// URLs

A local file inclusion vulnerability exists in the Crawl4AI Docker API. The /executejs, /screenshot, /pdf, and /html endpoints accept file:// URLs, allowing attackers to read arbitrary files from the server filesystem. Attack Vector: json POST /executejs "url": "file:///etc/passwd", "scripts":...

9.2CVSS6.9AI score0.00022EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Databaseadded 2026/01/16 12:0 a.m.7 views

Crawl4AI is Vulnerable to Remote Code Execution in Docker API via Hooks Parameter

A critical remote code execution vulnerability exists in the Crawl4AI Docker API deployment. The /crawl endpoint accepts a hooks parameter containing Python code that is executed using exec. The import builtin was included in the allowed builtins, allowing attackers to import arbitrary modules an...

10CVSS6.7AI score0.00126EPSS
Exploits0References6Affected Software1
GithubExploit
GithubExploitadded 2025/12/07 11:49 a.m.142 views

Exploit for CVE-2025-9074

CVE-2025-9074 Exploit Tool A sophisticated exploitation frame...

9.3CVSS7.9AI score0.01192EPSS
Exploits15
RedHat Linux
RedHat Linuxadded 2020/11/10 1:54 p.m.0 views

podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API

An information disclosure flaw was found in containers/podman. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container leak into subsequent containers. This flaw allows an...

5.3CVSS7.1AI score0.00177EPSS
Exploits0References4
Gitee
Giteeadded 2020/09/06 5:18 p.m.2 views

vulhub

It is an offensive tool for Vulnerability Research and Exploitation. The repository contains pre-built vulnerable environments based on Docker-Compose, allowing users to easily set up and test vulnerable systems without requiring extensive knowledge of Docker. The tool is designed for vulnerabili...

7.9AI score
Exploits0
Rows per page
Query Builder