CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2 days ago•3 views

EUVD-2026-39724

Unauthenticated Cross Site Scripting XSS in WoodMart = 8.5.3 versions...

7.1CVSS5.8AI score0.0018EPSS

ATTACKERKB•added 6 days ago•6 views

CVE-2026-48510

MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, when MessagePack-CSharp decompresses Lz4Block or Lz4BlockArray payloads, it reads declared uncompressed lengths from the wire and allocates output buffers based on those lengths before validating that the compressed...

7.5CVSS5.9AI score0.00236EPSS

Exploits0References2Affected Software1

CVE•added 2026/06/16 7:27 p.m.•13 views

CVE-2026-35319

Technical details for CVE-2026-35319 are not provided in the supplied documents; no affected products, versions, or exploit information are disclosed here. Monitor for updates.

9.8CVSS5.2AI score0.00483EPSS

Exploits0References1Affected Software1

EUVD•added 2026/06/15 9:30 p.m.•8 views

EUVD-2026-36979

Unauthenticated Cross Site Scripting XSS in Coupon Affiliates = 7.5.3 versions...

NVD•added 2026/06/15 9:17 p.m.•6 views

CVE-2026-48883

Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce = 8.5.3 versions...

7.5CVSS0.00238EPSS

NVD•added 2026/06/15 9:17 p.m.•8 views

CVE-2026-45441

Unauthenticated Other Vulnerability Type in WpEvently = 5.3.3 versions...

7.5CVSS0.00259EPSS

NVD•added 2026/06/15 9:16 p.m.•7 views

CVE-2026-42658

Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...

7.1CVSS0.00175EPSS

NVD•added 2026/06/15 9:16 p.m.•6 views

CVE-2026-42651

Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...

6.3CVSS0.00242EPSS

NVD•added 2026/06/15 9:16 p.m.•7 views

CVE-2026-34898

Unauthenticated Broken Access Control in Event Tickets Manager for WooCommerce = 1.5.3 versions...

7.5CVSS0.00246EPSS

Vulnrichment•added 2026/06/15 8:18 p.m.•6 views

CVE-2026-42658 WordPress Classified Listing plugin <= 5.3.8 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...

EUVD•added 2026/06/15 8:18 p.m.•6 views

EUVD-2026-36823

Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...

EUVD•added 2026/06/15 8:18 p.m.•8 views

EUVD-2026-36819

Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...

6.3CVSS5.1AI score0.00242EPSS

Vulnrichment•added 2026/06/15 8:18 p.m.•7 views

CVE-2026-42651 WordPress Classified Listing plugin <= 5.3.9 - Broken Access Control vulnerability

Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...

6.3CVSS5.1AI score0.00242EPSS

EUVD•added 2026/06/15 8:18 p.m.•6 views

EUVD-2026-36816

Unauthenticated Broken Access Control in Classified Listing = 5.3.8 versions...

6.5CVSS5.1AI score0.00188EPSS

Positive Technologies•added 2026/06/15 12:0 a.m.•7 views

PT-2026-49449

Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...

Positive Technologies•added 2026/06/15 12:0 a.m.•14 views

PT-2026-49467

Unauthenticated Other Vulnerability Type in WpEvently = 5.3.3 versions...

7.5CVSS5.2AI score0.00259EPSS

Positive Technologies•added 2026/06/15 12:0 a.m.•11 views

PT-2026-49488

Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce = 8.5.3 versions...

7.5CVSS5.1AI score0.00238EPSS

Positive Technologies•added 2026/06/15 12:0 a.m.•10 views

PT-2026-49445

Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...

6.3CVSS5.1AI score0.00242EPSS

NVD•added 2026/06/11 11:16 p.m.•28 views

CVE-2026-45060

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 129, the actions/progressvideo.php endpoint is vulnerable to blind SQL injection. Any unauthenticated user can exploit the ids parameter to execute SQL queries and exfiltrate sensitive data. This issue has been patch...

9.8CVSS0.00364EPSS