Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

EUVD
EUVDadded yesterday4 views

EUVD-2026-37773

Starlette is a lightweight ASGI framework/toolkit. In versions 1.0.1 and earlier, StaticFiles on Windows is vulnerable to SSRF. An UNC path such as \attacker.com\share can cause os.path.realpath to initiate an outbound SMB connection before the path is rejected, exposing the service account’s...

7.5CVSS5.2AI score0.00061EPSS
Exploits0References4
OSV
OSVadded 2026/03/16 3:17 p.m.4 views

GHSA-7432-952R-CW78 Authlib Vulnerable to JWE RSA1_5 Bleichenbacher Padding Oracle

Executive Summary A cryptographic padding oracle vulnerability was identified in the Authlib Python library concerning the implementation of the JSON Web Encryption JWE RSA15 key management algorithm. Authlib registers RSA15 in its default algorithm registry without requiring explicit opt-in,...

8.3CVSS6.4AI score0.00142EPSS
Exploits1References5
Snyk
Snykadded 2025/09/04 6:43 a.m.1 views

Cross-site Scripting (XSS)

Overview pywa is a 🚀 Build WhatsApp Bots in Python • Fast, Effortless, Powerful Affected versions of this package are vulnerable to Cross-site Scripting XSS via the webhook challenge and update handlers in the Flask and FastAPI webhook endpoints. An attacker can execute malicious scripts in...

4.7CVSS5.5AI score
Exploits0References3
Rows per page
Query Builder