Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2026/04/14 7:23 p.m.1 views

CVE-2026-35600

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, task titles are embedded directly into Markdown link syntax in overdue email notifications without escaping Markdown special characters. When rendered by goldmark and sanitized by bluemonday which allows and tags,...

5.4CVSS5.8AI score0.00195EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/06/28 12:0 a.m.3 views

PT-2025-27321

Name of the Vulnerable Software and Affected Versions: Apache Seata incubating versions 2.0.0 through 2.3.0 Description: The issue is related to the deserialization of untrusted data. It is recommended that users upgrade to a fixed version to resolve the issue. Recommendations: For Apache Seata...

9.8CVSS7.3AI score0.01683EPSS
Exploits0References17
SUSE CVE
SUSE CVEadded 2025/06/26 11:21 p.m.1 views

SUSE CVE-2025-52893

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. OpenBao before v2.3.0 may leak sensitive information in logs when processing malformed data. This is separate from the earlier HCSEC-2025-09 / CVE-2025-4166. Th...

4.5CVSS6.5AI score0.00275EPSS
Exploits0References3
Patchstack
Patchstackadded 2024/07/04 12:0 a.m.19 views

WordPress Ocean Extra Plugin <= 2.2.9 is vulnerable to Cross Site Scripting (XSS)

Software Ocean Extra Type Plugin Vulnerable versions = 2.2.9 Fixed in 2.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37489 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 89f5ea12cc74 Credits wcraft Required privilege Contributor...

6.5CVSS6.6AI score0.00296EPSS
Exploits0References2Affected Software1
Patchstack
Patchstackadded 2023/12/27 12:0 a.m.11 views

WordPress WooCommerce Warranty Requests Plugin <= 2.2.7 is vulnerable to Broken Access Control

Software WooCommerce Warranty Requests Type Plugin Vulnerable versions = 2.2.7 Fixed in 2.3.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-51495 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 718f302faa3f Credits Rafie Muhammad...

6.5CVSS6.6AI score0.00355EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2023/12/05 12:0 a.m.13 views

WordPress Tutor LMS Plugin <= 2.2.4 is vulnerable to Cross Site Scripting (XSS)

Software Tutor LMS Type Plugin Vulnerable versions = 2.2.4 Fixed in 2.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49829 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1f03fa341046 Credits emad Required privilege Administrator...

5.9CVSS6.5AI score0.00394EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder