Lucene search
K

288328 matches found

GithubExploit
GithubExploit
added 31 minutes ago2 views

Exploit for Missing Authentication for Critical Function in Mcpjam Inspector

CVE-2026-23744-MCPJam-Exploit A proof-of-concept exploit for C...

9.8CVSS6.2AI score0.43671EPSS
Exploits35
NVD
NVD
added 33 minutes ago2 views

CVE-2026-56197

Improper neutralization of special elements used in a command 'command injection' in Windows Admin Center allows an authorized attacker to execute code over a network...

8.8CVSS
Exploits0References1
NVD
NVD
added 33 minutes ago2 views

CVE-2026-55145

Improper neutralization of special elements used in a command 'command injection' in Outlook Copilot allows an authorized attacker to perform tampering over a network...

6.3CVSS
Exploits0References1
NVD
NVD
added 34 minutes ago2 views

CVE-2026-50488

Improper neutralization of special elements used in a command 'command injection' in Windows Clipboard User Service allows an authorized attacker to elevate privileges locally...

7.8CVSS
Exploits0References1
NVD
NVD
added 34 minutes ago2 views

CVE-2026-45077

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the server:log listener Symfony\Bridge\Monolog\Command\ServerLogCommand binds to 0.0.0.0:9911 by default and processes each received frame with...

8.3CVSS0.01261EPSS
Exploits0References6
NVD
NVD
added 34 minutes ago2 views

CVE-2026-47295

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS
Exploits0References1
NVD
NVD
added 34 minutes ago2 views

CVE-2026-45067

Description Symfony\Component\Mime\Address is the value-object every Symfony Mailer address to/cc/bcc/from/reply-to flows through; its constructor is documented as validating the address and throwing on invalid input, so developers treat it as a security boundary. The constructor accepts email...

6.3CVSS0.00062EPSS
Exploits0References6
CVE
CVE
added 1 hour ago31 views

CVE-2026-45077

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the server:log listener Symfony\Bridge\Monolog\Command\ServerLogCommand binds to 0.0.0.0:9911 by default and processes each received frame with...

8.3CVSS6.1AI score0.01261EPSS
Exploits0References6
Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-45077 Symfony: Unauthenticated PHP Object Deserialization in MonologBridge server:log Listener

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Prior to 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the server:log listener Symfony\Bridge\Monolog\Command\ServerLogCommand binds to 0.0.0.0:9911 by default and processes each received frame with...

8.3CVSS0.01261EPSS
Exploits0References6
Cvelist
Cvelist
added 1 hour ago4 views

CVE-2026-62656 Post-authenticated command injection vulnerability found in certain NETGEAR RAX models

A security flaw was found in certain NETGEAR RAX models that could allow a logged-in user to send specially crafted requests to the router and run unauthorized commands. This could enable the user to make unauthorized changes to the router and affect its security and operation...

6.8CVSS
Exploits0References2
Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-62658 Post-authentication Command Injection Vulnerability in certain Nighthawk RAX series models

A security flaw was discovered in certain NETGEAR Nighthawk RAX series routers that could allow someone already logged in to the device to run unauthorized commands or code on the router...

5.7CVSS
Exploits0References4
CVE
CVE
added 1 hour ago86 views

CVE-2026-45067

Description Symfony\Component\Mime\Address is the value-object every Symfony Mailer address to/cc/bcc/from/reply-to flows through; its constructor is documented as validating the address and throwing on invalid input, so developers treat it as a security boundary. The constructor accepts email...

6.3CVSS6.1AI score0.00062EPSS
Exploits0References6
Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-45067 Symfony: Email Header / SMTP Command Injection via CRLF in Symfony\Component\Mime\Address

Description Symfony\Component\Mime\Address is the value-object every Symfony Mailer address to/cc/bcc/from/reply-to flows through; its constructor is documented as validating the address and throwing on invalid input, so developers treat it as a security boundary. The constructor accepts email...

6.3CVSS0.00062EPSS
Exploits0References6
GithubExploit
GithubExploit
added 1 hour ago9 views

metasploitable-vulnerability-mapping-with-nmap

Metasploitable Vulnerability Assessment Network Enumeration...

10CVSS6.7AI score0.9927EPSS
Exploits172
NVD
NVD
added 1 hour ago2 views

CVE-2026-58635

Improper neutralization of special elements used in a command 'command injection' in Windows Narrator Braille allows an authorized attacker to elevate privileges locally...

7.8CVSS
Exploits0References1
NVD
NVD
added 1 hour ago2 views

CVE-2026-50520

Improper neutralization of special elements used in a command 'command injection' in Visual Studio Code allows an unauthorized attacker to execute code locally...

8.4CVSS
Exploits0References1
NVD
NVD
added 1 hour ago2 views

CVE-2026-47296

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges locally...

7.8CVSS
Exploits0References1
NVD
NVD
added 1 hour ago2 views

CVE-2026-48561

Improper neutralization of special elements used in a command 'command injection' in Microsoft Copilot allows an unauthorized attacker to execute code over a network...

9.6CVSS
Exploits0References1
NVD
NVD
added 1 hour ago2 views

CVE-2026-15428

An OS command injection vulnerability exists in Archer VX800v v1 due to insufficient input sanitization of the domain name parameter. An adjacent attacker who can access the relevant HTTP interface can modify the parameter to inject shell metacharacters, resulting in arbitrary code execution with...

8.5CVSS
Exploits0References2
NVD
NVD
added 1 hour ago3 views

CVE-2026-15427

An OS command injection vulnerability exists in the TR-069 / CWMP management interface of Archer VX1800v v1 due to insufficient input validation and sanitization of parameters, allowing crafted input to be executed as system-level commands. Exploitation requires specific conditions such as TR-069...

8.6CVSS
Exploits0References2
Rows per page
Query Builder