Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

588861 matches found

EUVD
EUVDadded 2026/06/09 8:38 p.m.8 views

EUVD-2026-35835

Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00271EPSS
Exploits0References1
CVE
CVEadded 2026/06/09 8:38 p.m.13 views

CVE-2026-48291

Affected software: Format Plugins, versions 1.1.2 and earlier. Root cause: Heap-based buffer overflow. Impact: Arbitrary code execution in the context of the current user. Exploit information: Requires user interaction; a victim must open a malicious file. Notes: Details are taken from the CVE en...

7.8CVSS6.2AI score0.00271EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2026/06/09 8:38 p.m.8 views

EUVD-2026-35834

Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00271EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/09 8:38 p.m.33 views

CVE-2026-48292 Format Plugins | Heap-based Buffer Overflow (CWE-122)

Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00271EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/06/09 8:38 p.m.5 views

CVE-2026-48292 Format Plugins | Heap-based Buffer Overflow (CWE-122)

Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.8AI score0.00271EPSS
Exploits0References1
CVE
CVEadded 2026/06/09 8:38 p.m.15 views

CVE-2026-48292

Format Plugins versions 1.1.2 and earlier are affected by a heap-based buffer overflow that could allow arbitrary code execution in the current user context. Exploitation requires user interaction (victim must open a malicious file). CVSSv3.1 base score 7.8 (HIGH); attack vector LOCAL, privileges...

7.8CVSS6.2AI score0.00271EPSS
Exploits0References1Affected Software1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/09 8:34 p.m.7 views

Malicious code in mcp-server-sequential-thinking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 211672c16839ae6cd4e9f10810163da536480f07938b2d51c50ecbbb9f5e90ed Unscoped package impersonating the official @modelcontextprotocol/server-sequential-thinking MCP server. package.json declares postinstall: 'node...

5.5AI score
Exploits0References2
OSV
OSVadded 2026/06/09 8:34 p.m.9 views

MAL-2026-5484 Malicious code in mcp-server-sequential-thinking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 211672c16839ae6cd4e9f10810163da536480f07938b2d51c50ecbbb9f5e90ed Unscoped package impersonating the official @modelcontextprotocol/server-sequential-thinking MCP server. package.json declares postinstall: 'node...

5.5AI score
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/09 8:33 p.m.4 views

CVE-2026-47929 ColdFusion | Incorrect Authorization (CWE-863)

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could exploit this vulnerability to gain elevated access or control over the victim...

8.4CVSS6.2AI score0.07535EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/09 8:33 p.m.31 views

CVE-2026-47929 ColdFusion | Incorrect Authorization (CWE-863)

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could exploit this vulnerability to gain elevated access or control over the victim...

8.4CVSS0.07535EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/09 8:33 p.m.7 views

EUVD-2026-35833

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could exploit this vulnerability to gain elevated access or control over the victim...

8.4CVSS6.2AI score0.07535EPSS
Exploits0References1
CVE
CVEadded 2026/06/09 8:33 p.m.16 views

CVE-2026-47929

CVE-2026-47929 affects Adobe ColdFusion versions 2023.19, 2025.8 and earlier. The issue is an incorrect authorization vulnerability that could enable arbitrary code execution in the context of the current user. Exploitation does not require user interaction, and the vulnerability could allow a hi...

9.1CVSS6.2AI score0.07535EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2026/06/09 8:33 p.m.22 views

CVE-2026-47928

CVE-2026-47928 affects ColdFusion versions 2023.19, 2025.8 and earlier. The issue is an Improper Input Validation vulnerability that could allow arbitrary code execution in the context of the current user . Exploitation is possible without user interaction, and the document set notes a scope chan...

10CVSS6.2AI score0.08871EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/09 8:33 p.m.5 views

CVE-2026-47928 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.6CVSS6.2AI score0.08871EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/09 8:33 p.m.32 views

CVE-2026-47928 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.6CVSS0.08871EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/09 8:33 p.m.6 views

EUVD-2026-35830

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.6CVSS6.2AI score0.08871EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/09 8:33 p.m.32 views

CVE-2026-47931 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

8.4CVSS0.00634EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/09 8:33 p.m.10 views

EUVD-2026-35829

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

8.4CVSS6.2AI score0.00634EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/06/09 8:33 p.m.6 views

CVE-2026-47931 ColdFusion | Improper Input Validation (CWE-20)

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

8.4CVSS6.2AI score0.00634EPSS
Exploits0References1
CVE
CVEadded 2026/06/09 8:33 p.m.12 views

CVE-2026-47931

This CVE affects Adobe ColdFusion versions 2023.19, 2025.8 and earlier. It is caused by improper input validation that could allow arbitrary code execution in the context of the current user, with exploitation not requiring user interaction. The connected advisories indicate updates have been rel...

9.9CVSS6.2AI score0.00634EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder