Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2026/03/19 8:16 p.m.3 views

CVE-2026-25928

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, the DICOM zip/export feature uses a user-supplied destination or path component when creating the zip file, without sanitizing path traversal sequences e.g. ../. An attacker...

6.5CVSS0.00034EPSS
Exploits1References2
UbuntuCve
UbuntuCveadded 2026/03/04 4:16 p.m.1 views

CVE-2025-12801

A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mount time. In particular, it allows the client to access any subdirectory or subtree of an exporte...

6.5CVSS5.8AI score0.00019EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/02/26 9:16 p.m.19 views

CVE-2026-27153 Discourse doesn't prevent moderators from exporting user Chat DMs

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, moderators could export user Chat DMs via the CSV export endpoint by exploiting an overly permissive allowlist in canexportentity?. The method allowed moderators to export any entity not explicit...

5.3CVSS0.00049EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/26 4:16 a.m.1 views

CVE-2026-25135

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0 have an information disclosure vulnerability that leaks the entire contact information for all users, organizations, and patients in the system to anyone who has the...

4.5CVSS5.3AI score0.00161EPSS
Exploits0References1
EUVD
EUVDadded 2026/02/25 1:50 a.m.2 views

EUVD-2026-8583

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the OpenEMR application is vulnerable to an access control flaw that allows low-privileged users, such as receptionists, to export the entire message list containing...

6.5CVSS5.5AI score0.00047EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2026/01/18 10:45 p.m.2 views

CVE-2026-23626 Kimai Vulnerable to Authenticated Server-Side Template Injection (SSTI)

Kimai is a web-based multi-user time-tracking application. Prior to version 2.46.0, Kimai's export functionality uses a Twig sandbox with an overly permissive security policy DefaultPolicy that allows arbitrary method calls on objects available in the template context. An authenticated user with...

6.8CVSS5.7AI score0.00074EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2012-1188

Malware in sbrugna...

7.5CVSS7.3AI score0.01269EPSS
Exploits0References10
OSV
OSVadded 2022/10/25 5:15 p.m.1 views

CVE-2022-3395

The WP All Export Pro WordPress plugin before 1.7.9 uses the contents of the ccsql POST parameter directly as a database query, allowing users which has been given permission to run exports to execute arbitrary SQL statements, leading to a SQL Injection vulnerability. By default only users with t...

8.8CVSS6.1AI score
Exploits0References1
OSV
OSVadded 2019/09/18 3:17 p.m.2 views

DRUPAL-CONTRIB-2019-067

This module allows you to attach tabular data to an entity. There is insufficient access checking for users with the ability to "Export Tablefield Data as CSV". They can export data from unpublished nodes or otherwise inaccessible entities. This vulnerability is mitigated by the fact that an...

6.7AI score
Exploits0References1
Rows per page
Query Builder