Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

588809 matches found

NVD
NVDadded 2026/06/05 2:16 p.m.7 views

CVE-2026-50231

Lyrion Music Server 9.2.0 contains an unauthenticated stored cross-site scripting vulnerability in the log viewer that allows attackers to inject malicious scripts by exploiting unescaped template variables. Attackers can inject XSS payloads through search, lines, and path query parameters or by...

7.2CVSS0.00183EPSS
Exploits2References2
EUVD
EUVDadded 2026/06/05 1:57 p.m.8 views

EUVD-2026-34838

7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer GetCuSize shift UB, potentially allowing attackers to cause arbitrary code execution or application...

8.8CVSS6.4AI score0.00697EPSS
Exploits1References2
CVE
CVEadded 2026/06/05 1:57 p.m.72 views

CVE-2026-48095

7-Zip (NTFS archive handler) in versions <= 26.00 has a heap buffer overflow in GetCuSize() due to under-allocation of the compressed-stream buffer when processing crafted NTFS images with large ClusterSizeLog and CompressionUnit. For BlockSizeLog + CompressionUnit, (UInt32)1 <

8.8CVSS6.4AI score0.00697EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/06/05 1:57 p.m.4 views

CVE-2026-48095

7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer GetCuSize shift UB, potentially allowing attackers to cause arbitrary code execution or application...

8.8CVSS6.4AI score0.00697EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2026/06/05 1:57 p.m.39 views

CVE-2026-48095 GHSL-2026-140_7-Zip: 7-Zip has a heap buffer overflow via NTFS compressed stream buffer under-allocation

7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer GetCuSize shift UB, potentially allowing attackers to cause arbitrary code execution or application...

8.8CVSS0.00697EPSS
Exploits1References2
Debian CVE
Debian CVEadded 2026/06/05 1:57 p.m.8 views

CVE-2026-48095

7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer GetCuSize shift UB, potentially allowing attackers to cause arbitrary code execution or application...

8.8CVSS6.4AI score0.00697EPSS
Exploits1
AlpineLinux
AlpineLinuxadded 2026/06/05 1:57 p.m.2 views

CVE-2026-48095

7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer GetCuSize shift UB, potentially allowing attackers to cause arbitrary code execution or application...

8.8CVSS6.4AI score0.00697EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/06/05 1:57 p.m.9 views

CVE-2026-48095 GHSL-2026-140_7-Zip: 7-Zip has a heap buffer overflow via NTFS compressed stream buffer under-allocation

7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer GetCuSize shift UB, potentially allowing attackers to cause arbitrary code execution or application...

8.8CVSS6.4AI score0.00697EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/06/05 1:24 p.m.4 views

CVE-2026-50232

Lyrion Music Server 9.2.0 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts through media file metadata tags like GENRE, ARTIST, and ALBUM. Attackers can craft files with XSS payloads in metadata tags that execute in the web interface when user...

7.2CVSS5.3AI score0.00186EPSS
Exploits2References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/06/05 1:24 p.m.5 views

CVE-2026-50230

Lyrion Music Server 9.2.0 contains an unauthenticated reflected cross-site scripting vulnerability in the server.log endpoint that allows attackers to inject arbitrary HTML and JavaScript code through the search parameter. Attackers can craft malicious URLs with JavaScript payloads in the search...

6.1CVSS5.6AI score0.00324EPSS
Exploits2References3Affected Software1
GithubExploit
GithubExploitadded 2026/06/05 12:51 p.m.65 views

Exploit for Improper Input Validation in Unrealircd

CVE-2010-2075 – UnrealIRCd Backdoor Remote Code Execution...

7.5CVSS6.1AI score0.83534EPSS
Exploits9
SUSE Linux
SUSE Linuxadded 2026/06/05 12:12 p.m.5 views

Security update for unbound

This update for unbound fixes the following issues CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. CVE-2026-40622: "Ghost domain name" variant bsc1265581. CVE-2026-41292: Parsing a long list of incoming...

8.6CVSS6.2AI score0.00888EPSS
Exploits0References44
OSV
OSVadded 2026/06/05 12:12 p.m.3 views

SUSE-SU-2026:2281-1 Security update for unbound

This update for unbound fixes the following issues - CVE-2026-32792: Packet of death with DNSCrypt bsc1265583. - CVE-2026-33278: Possible remote code execution during DNSSEC validation bsc1265587. - CVE-2026-40622: 'Ghost domain name' variant bsc1265581. - CVE-2026-41292: Parsing a long list of...

10CVSS6.2AI score0.00888EPSS
Exploits0References23
NVD
NVDadded 2026/06/05 11:16 a.m.11 views

CVE-2026-21032

Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...

7.1CVSS0.00093EPSS
Exploits0References1
NVD
NVDadded 2026/06/05 11:16 a.m.11 views

CVE-2026-21029

Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations...

7.8CVSS0.00093EPSS
Exploits0References1
NVD
NVDadded 2026/06/05 11:16 a.m.10 views

CVE-2026-21033

Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...

7.1CVSS0.00093EPSS
Exploits0References1
OSV
OSVadded 2026/06/05 11:16 a.m.4 views

UBUNTU-CVE-2026-50265

Rejected reason: This CVE ID was assigned as a duplicate of CVE-2026-50292...

7CVSS5.2AI score0.00019EPSS
Exploits0References6
GithubExploit
GithubExploitadded 2026/06/05 11:2 a.m.62 views

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

9.8CVSS6.4AI score0.43788EPSS
Exploits31
GithubExploit
GithubExploitadded 2026/06/05 10:53 a.m.54 views

Exploit for CVE-2025-49132

CVE-2025-49132 — Pterodactyl RCE Exploit tool for CVE-202...

10CVSS6.5AI score0.13105EPSS
Exploits28
GithubExploit
GithubExploitadded 2026/06/05 10:53 a.m.47 views

Exploit for CVE-2025-49132

CVE-2025-49132 — Pterodactyl RCE Exploit tool for CVE-202...

10CVSS6.5AI score0.13105EPSS
Exploits28
Rows per page
Query Builder