Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Cvelist
Cvelistadded 2026/05/18 12:0 a.m.32 views

CVE-2026-26462

Offline Hospital Management System 5.3.0 allows remote code execution due to an improper Electron renderer configuration. The application enables Node.js integration while disabling context isolation, allowing JavaScript executed in the renderer process to access Node.js APIs and execute arbitrar...

0.00328EPSS
Exploits0References2
CVE
CVEadded 2026/05/18 12:0 a.m.11 views

CVE-2026-26462

CVE-2026-26462 affects Offline Hospital Management System 5.3.0. The root cause is an improper Electron renderer configuration that enables Node.js integration while disabling context isolation, allowing JavaScript in the renderer to access Node.js APIs and execute arbitrary operating system comm...

7.3CVSS6.6AI score0.00328EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/14 6:23 p.m.6 views

EUVD-2026-30359

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, he tooltip mouseover handler in app/src/block/popover.ts reads aria-label via getAttribute and passes it through decodeURIComponent before assigning to messageElement.innerHTML in app/src/dialog/tooltip.ts:41. The...

9.4CVSS6.1AI score0.00033EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/13 8:14 p.m.38 views

CVE-2026-32626 AnythingLLM has a Streaming Phase XSS to RCE via LLM Response Injection

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, AnythingLLM Desktop contains a Streaming Phase XSS vulnerability in the chat rendering pipeline that escalates to Remote Code Execution on the host OS...

9.6CVSS0.00092EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/03/13 8:14 p.m.0 views

CVE-2026-32626 AnythingLLM has a Streaming Phase XSS to RCE via LLM Response Injection

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, AnythingLLM Desktop contains a Streaming Phase XSS vulnerability in the chat rendering pipeline that escalates to Remote Code Execution on the host OS...

9.6CVSS5.9AI score0.00092EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/12/23 12:0 a.m.3 views

TradingView Desktop 代码问题漏洞

TradingView Desktop is a financial charting platform desktop client from TradingView, Inc. TradingView Desktop suffers from a code issue vulnerability that stems from a misconfiguration of the Electron framework that could lead to local elevation of privilege...

7.8CVSS7.4AI score0.00013EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/08/04 12:0 a.m.3 views

GitKraken Desktop 安全漏洞

GitKraken Desktop is a cross-platform graphical Git client from GitKraken Inc. in the United States. A security vulnerability exists in GitKraken Desktop versions 10.8.0 and 11.1.0, which stems from a misconfiguration of Electron Fuses and could lead to code injection...

9.8CVSS6.8AI score0.00628EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/05/23 10:34 a.m.7 views

CVE-2024-45835

Mattermost Desktop App versions =5.8.0 fail to sufficiently configure Electron Fuses which allows an attacker to gather Chromium cookies or abuse other misconfigurations via remote/local access...

6.5CVSS6.8AI score0.00364EPSS
Exploits0
Rows per page
Query Builder