CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

588852 matches found

GithubExploit•added last week•75 views

Exploit for OS Command Injection in Paessler Prtg_Network_Monitor

CVE-2018-9276 — PRTG Network Monitor ⚠️ Disclaimer: This...

9CVSS8AI score0.86943EPSS

Exploits12

GithubExploit•added last week•70 views

Exploit for CVE-2026-11417

CVE-2026-11417-AWS-CDK-RCE Techn...

7.3CVSS5.6AI score0.00657EPSS

Exploits1

The Hacker News•added last week•18 views

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Splunk has released security updates to address a critical security flaw in Splunk Enterprise that could be exploited to conduct unauthenticated file operations and even remote code execution. The vulnerability, tracked as CVE-2026-20253 , is rated 9.8 on the CVSS scoring system. "In Splunk...

9.8CVSS6.6AI score0.10035EPSS

Exploits2

Nuclei•added last week•6 views

Ivanti Sentry - OS Command Injection

An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution id: CVE-2026-10520 info: name: Ivanti Sentry - OS Command Injection author: DhiyaneshDk severity: critical...

10CVSS6.2AI score0.59524EPSS

Exploits4References2

GithubExploit•added last week•66 views

Exploit for CVE-2026-6279

Description This Python script is an exploit tool for CVE-2026-6...

9.8CVSS5.3AI score0.01462EPSS

Exploits4

GithubExploit•added last week•56 views

Exploit for Code Injection in Exiftool_Project Exiftool

CVE-2021-22204 - ExifTool Arbitrary Code Execution An upgrade...

7.8CVSS8.3AI score0.99981EPSS

Exploits39

GithubExploit•added last week•56 views

Exploit for Improper Access Control in Getgrav Grav-Plugin-Admin

CVE-2021-21425 - GravCMS Unauthenticated RCE Unauthenticated...

9.8CVSS5.8AI score0.80467EPSS

Exploits11

Microsoft CVE•added last week•13 views

Vim: Arbitrary Code Execution via Python Omni-Completion

...

7.8CVSS5.3AI score0.00204EPSS

Exploits0

Microsoft CVE•added last week•11 views

Vim: Arbitrary Code Execution via Python Omni-Completion

...

7.8CVSS5.3AI score0.00228EPSS

Exploits0

OSSF Malicious Packages•added 2026/06/13 7:17 a.m.•15 views

Malicious code in postcss-minify-selector-parser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 957f5cbb74f4dd4b4770e8c9cc1a8aac88a4450cb01dbc0fa5242c42e343f54c The package name impersonates the widely-used postcss-selector-parser library which it also declares as a dependency and re-exports verbatim from...

5.7AI score

Exploits0References9

OSV•added 2026/06/13 7:17 a.m.•5 views

MAL-2026-5737 Malicious code in postcss-minify-selector-parser (npm)

5.8AI score

Exploits0References9

GithubExploit•added 2026/06/13 7:10 a.m.•61 views

Exploit for CVE-2026-48017

CVE-2026-48017 — Remote Code Execution in DbGate via function...

6.6AI score0.00583EPSS

Exploits1

OSV•added 2026/06/13 7:7 a.m.•5 views

MAL-2026-5730 Malicious code in class-synth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1aa63407d7400b4819d0739dedad0a32d9ae29b18509693c2e8763cf30275271 class-synth is advertised as a small class/style/date utility library, but its main entry dist/index.js contains a hidden top-level async IIFE init...

5.4AI score

Exploits0References8

OSSF Malicious Packages•added 2026/06/13 7:0 a.m.•8 views

Malicious code in node-denv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b0701ad772209918c78eb4d038cce43946517f3558cbec1988c121c115a641d node-denv presents itself as a pino-compatible logging middleware index.js exports module.exports.pino = middleware and mimics pino's option shape...

6.3AI score

Exploits0References1

OSV•added 2026/06/13 7:0 a.m.•5 views

MAL-2026-5734 Malicious code in node-denv (npm)

6.4AI score

Exploits0References1

GithubExploit•added 2026/06/13 4:42 a.m.•56 views

Exploit for CVE-2026-22356

CVE-2026-22356 CVE-2026-22356: Jetpack CRM Path Traversal Vuln...

7.5CVSS5.3AI score0.00423EPSS

Exploits1

OSSF Malicious Packages•added 2026/06/13 3:4 a.m.•11 views

Malicious code in vite-config-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1f9ee389e1023034a78a4c268db5d48e016565f37b7fb6c514bf095b2dec552 On require/import of the package, the entrypoint chain src/index.js → core/createConfig.js → features/plugins.js side-effect-imports...

6.1AI score

Exploits0References2

OSV•added 2026/06/13 3:4 a.m.•9 views

MAL-2026-5728 Malicious code in vite-config-react (npm)

6.2AI score

Exploits0References2

OSV•added 2026/06/13 3:3 a.m.•8 views

MAL-2026-5727 Malicious code in vite-config-optimizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f824c077d7d2705d17dc29eba9a24ea8b51b93785bcf83fdfe639fc8f9bc581f package.json declares a postinstall hook node -e "require'./loader.js'" that auto-executes on every npm install. loader.js spawns a detached child No...

5.6AI score

Exploits0References1

RedhatCVE•added 2026/06/13 2:34 a.m.•10 views

CVE-2026-42851

A flaw was found in Kitty, a cross-platform GPU-based terminal. A local attacker, or a remote attacker who can control output displayed in the terminal, could exploit this vulnerability. By sending specially crafted input to the terminal, the attacker can cause Kitty to execute arbitrary Python...

7.8CVSS5.8AI score0.00132EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by