Lucene search
+L

733 matches found

Circl
Circl
added 6 days ago6 views

CVE-2026-6541

creationtimestamp| type| source ---|---|--- 2026-07-13 13:19:19+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjrrssiwv27 2026-07-13 13:34:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjsnlua352g 2026-07-13 18:19:01+00:00| seen|...

4.3CVSS6.1AI score0.00152EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 6 days ago5 views

CVE-2026-40553

Buffer overflow vulnerability has been found in "extension/readdir.c" program file of gawk ftype routine. This issue could be used to crash the program and potentially to achieve code execution, although the latter has not been confirmed to be feasible. It affects gawk in versions 5.4.0 and below...

5.1CVSS6AI score0.00291EPSS
Exploits0References3
CVE
CVE
added 6 days ago12 views

CVE-2026-40469

In the provided documents, CVE-2026-40469 affects gawk, specifically 32-bit builds in versions 5.4.0 and earlier. The root cause is an integer overflow in the do_sub (subroutine) path within builtin.c, which could allow overwriting heap metadata and related objects, potentially causing the progra...

9.1CVSS6AI score0.00213EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 6 days ago42 views

CVE-2026-40469 Heap buffer overflow in gawk

Integer overflow vulnerability has been found in "builtin.c" program file of gawk dosub routine. This issue could be used to overwrite gawk heap metadata and objects causing the program to crash. It affects 32-bit builds of gawk in versions 5.4.0 and below...

5.1CVSS0.00213EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 6 days ago5 views

CVE-2026-40469

Integer overflow vulnerability has been found in "builtin.c" program file of gawk dosub routine. This issue could be used to overwrite gawk heap metadata and objects causing the program to crash. It affects 32-bit builds of gawk in versions 5.4.0 and below...

5.1CVSS6AI score0.00213EPSS
Exploits0References3
CVE
CVE
added 6 days ago19 views

CVE-2026-40468

The CVE-2026-40468 entry concerns gawk (versions 5.4.0 and earlier) with an integer overflow in the builtin.c file. The flaw can cause memory exhaustion and may enable overwriting heap metadata and objects with attacker-controlled bytes. This is described across multiple feeds (NVD/NIST entry and...

9.1CVSS6AI score0.00201EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 6 days ago6 views

CVE-2026-40467

Use After Free vulnerability has been found in "io.c" program file of gawk dogetlineredir routine. This issue may lead to a crash. It affects gawk in versions 5.4.0 and below...

7.5CVSS6AI score0.00213EPSS
Exploits0References2
CVE
CVE
added 6 days ago12 views

CVE-2026-57734

The CVE concerns WordPress tagDiv Composer (td-composer). Affected: tagDiv Composer

7.1CVSS6.1AI score0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/07/10 4:31 a.m.11 views

CVE-2026-15300

CVE-2026-15300 affects the GEO my WP WordPress plugin up to version 4.5.4. An SQL injection exists via the distance, lat, and lng parameters. Values are read from $_SERVER['QUERY_STRING'] with parse_str(), then passed through bare esc_sql() and interpolated into unquoted numeric positions in the ...

9.1CVSS6AI score0.00349EPSS
Exploits0References6
OSV
OSV
added 2026/07/09 6:34 p.m.4 views

CVE-2026-54002 Kirby: Cross-site scripting (XSS) from incomplete HTML/XML sanitization in `Dom::sanitize()`

Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, Kirby sites and plugins that use the writer or list fields or call Dom::sanitize, Sane::sanitize, Sane::Html::sanitize, Sane::Svg::sanitize, Sane::Xml::sanitize, Sane::sanitizeFile, or file sanitizeContents with untruste...

8.5CVSS5.8AI score0.00409EPSS
Exploits0References9
Circl
Circl
added 2026/07/02 6:19 p.m.13 views

CVE-2026-54402

creationtimestamp| type| source ---|---|--- 2026-07-02 18:19:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mponh36wia2z 2026-07-03 07:08:02+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mppyewqvlf2d 2026-07-03 21:36:06+00:00| seen|...

9.9CVSS6.2AI score0.00872EPSS
Exploits0References5
NVD
NVD
added 2026/07/02 12:17 p.m.5 views

CVE-2026-57355

Subscriber Broken Access Control in Classified Listing = 5.4.2 versions...

6.5CVSS0.00299EPSS
Exploits0References1
CVE
CVE
added 2026/07/02 11:15 a.m.14 views

CVE-2026-57344

Summary: Unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress Classified Listing plugin (versions <= 5.4.2). Affected product: WordPress Classified Listing plugin.Versions:

7.1CVSS5.8AI score0.00191EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/02 11:14 a.m.34 views

CVE-2025-69156 WordPress Kids Zone - Children WordPress Theme theme <= 5.4 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Kids Zone - Children WordPress Theme = 5.4 versions...

7.1CVSS0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/02 11:14 a.m.8 views

CVE-2025-69133

Subscriber Local File Inclusion in Tourmaster = 5.4.5 versions...

7.5CVSS5.8AI score0.004EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/02 12:0 a.m.14 views

PT-2026-54969

Unauthenticated Cross Site Scripting XSS in Kids Zone - Children WordPress Theme = 5.4 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/06/30 1:25 p.m.7 views

WordPress Kids Zone - Children WordPress Theme theme <= 6.9 - Cross Site Scripting (XSS) vulnerability

WordPress Kids Zone - Children WordPress Theme theme = 6.9 - Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Kids Zone - Children WordPress Theme versions = 6.9...

7.1CVSS6.1AI score0.0018EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/06/26 8:23 p.m.8 views

Security Bulletin: Multiple vulnerabilities in IBM Watsonx BI Assistant for CP4D

Summary Multiple vulnerabilities were addressed in IBM Watsonx BI Assistant for CP4D version 5.4.0 Vulnerability Details CVEID:CVE-2026-26996 DESCRIPTION: minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Versions 10.2.0 and below are vulnerab...

8.7CVSS7.3AI score0.00663EPSS
Exploits4Affected Software1
EUVD
EUVD
added 2026/06/26 1:27 a.m.13 views

EUVD-2026-39615

The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'after' parameter in all versions up to, and including, 4.5.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

6.5CVSS6AI score0.00281EPSS
Exploits0References8
NVD
NVD
added 2026/06/25 2:16 p.m.9 views

CVE-2026-42389

This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...

5.3CVSS0.00175EPSS
Exploits0References1
Rows per page
Query Builder