CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9244 matches found

NVD•added 2026/02/24 2:16 p.m.•5 views

CVE-2026-23980

Improper Neutralization of Special Elements used in a SQL Command 'SQL Injection' vulnerability in Apache Superset allows an authenticated user with read access to conduct error-based SQL injection via the sqlExpression or where parameters. This issue affects Apache Superset: before 6.0.0. Users...

6.5CVSS0.00041EPSS

Exploits2References2

Veracode•added 2026/02/24 1:20 p.m.•6 views

Regular Expression Denial Of Service (ReDoS)

PyMdown Extensions is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to inefficient regular expression processing in the pymdownx.blocks.caption extension, which allows an attacker to supply crafted input that triggers excessive processing time and causes the...

6.9CVSS5.5AI score0.00084EPSS

Exploits1References3Affected Software1

EUVD•added 2026/02/24 12:54 p.m.•5 views

EUVD-2026-8474

5.3CVSS5.6AI score0.00041EPSS

Exploits2References1

Cvelist•added 2026/02/24 12:54 p.m.•16 views

CVE-2026-23980 Apache Superset: Improper Neutralization of Special Elements used in a SQL Command

5.3CVSS0.00041EPSS

Exploits2References1

Vulnrichment•added 2026/02/24 12:54 p.m.•3 views

CVE-2026-23980 Apache Superset: Improper Neutralization of Special Elements used in a SQL Command

5.3CVSS5.6AI score0.00041EPSS

Exploits2References1

GithubExploit•added 2026/02/24 5:4 a.m.•428 views

Exploit for Improper Input Validation in N8N

CVE-2026-21858 + CVE-2025-68613 - n8n Full Chain Unauthenti...

10CVSS9.2AI score0.68312EPSS

Exploits38

SUSE CVE•added 2026/02/21 12:23 a.m.•1 views

SUSE CVE-2026-26996

minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Versions 10.2.0 and below are vulnerable to Regular Expression Denial of Service ReDoS when a glob pattern contains many consecutive wildcards followed by a literal character that doesn't appea...

7.5CVSS5.7AI score0.00026EPSS

Exploits1References34

Snyk•added 2026/02/20 6:23 p.m.•3 views

Incorrect Regular Expression

Overview org.webjars.npm:fast-xml-parser is a Validate XML, Parse XML, Build XML without C/C++ based libraries Affected versions of this package are vulnerable to Incorrect Regular Expression in the entity parsing RegEx in DOCTYPE declarations. An attacker can inject arbitrary values that overrid...

9.3CVSS5.7AI score0.0002EPSS

Exploits1References2

Snyk•added 2026/02/20 6:23 p.m.•2 views

Incorrect Regular Expression

Overview fast-xml-parser is a Validate XML, Parse XML, Build XML without C/C++ based libraries Affected versions of this package are vulnerable to Incorrect Regular Expression in the entity parsing RegEx in DOCTYPE declarations. An attacker can inject arbitrary values that override built-in XML...

9.3CVSS6AI score0.0002EPSS

Exploits1References2

RedhatCVE•added 2026/02/20 4:1 p.m.•5 views

CVE-2026-26996

A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service ReDoS vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking i...

8.7CVSS5.6AI score0.00026EPSS

Exploits1References5

UbuntuCve•added 2026/02/20 3:16 a.m.•6 views

CVE-2026-26996

8.7CVSS5.7AI score0.00026EPSS

Exploits1References3

OSV•added 2026/02/20 3:16 a.m.•3 views

UBUNTU-CVE-2026-26996

8.7CVSS5.7AI score0.00026EPSS

Exploits1References4

ATTACKERKB•added 2026/02/20 3:5 a.m.•4 views

CVE-2026-26996

8.7CVSS5.4AI score0.00026EPSS

Exploits1References3Affected Software1

OSV•added 2026/02/20 3:5 a.m.•5 views

CVE-2026-26996 minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern

8.7CVSS5.3AI score0.00026EPSS

Exploits1References4

CVE•added 2026/02/20 3:5 a.m.•111 views

CVE-2026-26996

CVE-2026-26996 affects minimatch, a glob-to-RegExp utility. Versions 10.2.0 and earlier are vulnerable to a Regular Expression Denial of Service (ReDoS) when a glob pattern contains many consecutive * wildcards followed by a literal not present in the test string. Each * creates a separate [^/]*?...

8.7CVSS5.4AI score0.00026EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2026/02/20 3:5 a.m.•1 views

CVE-2026-26996 minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern

8.7CVSS5.4AI score0.00026EPSS

Exploits1References2

Debian CVE•added 2026/02/20 3:5 a.m.•3 views

CVE-2026-26996

8.7CVSS7.3AI score0.00026EPSS

Exploits1

Tenable Nessus•added 2026/02/20 12:0 a.m.•5 views

Atlassian Confluence 9.0.0 < 9.2.14 / 9.2.15 / 9.3.1 < 10.2.3 / 10.2.6 (CONFSERVER-102186)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-102186 advisory. - Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of...

7.5CVSS6.9AI score0.01453EPSS

Exploits2References2

Positive Technologies•added 2026/02/19 12:0 a.m.•3 views

PT-2026-20870

Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath...

9.8CVSS5.8AI score0.15051EPSS

Exploits1References6

Snyk•added 2026/02/18 10:38 p.m.•7 views

Regular Expression Denial of Service (ReDoS)

Overview minimatch is a minimal matching utility. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in the AST class, caused by catastrophic backtracking when an input string contains many characters in a row, followed by an unmatched character. Detail...

8.7CVSS5.5AI score0.00026EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by