CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35877 matches found

GithubExploit•added 2026/05/03 10:44 p.m.•55 views

pentest-automation-framework

pentest-automation-framework Built this to speed up structure...

5.8AI score

Exploits0

GithubExploit•added 2026/05/03 2:10 p.m.•61 views

EXPLOITATION-FRAMEWORK

No d...

5.8AI score

Exploits0

Packet Storm News•added 2026/05/03 12:0 a.m.•1 views

Observability for Post-Quantum TLS Readiness: A Multi-Surface Evidence Framework

Post-quantum migration in Transport Layer Security TLS requires evidence-aware measurements that distinguish session negotiation, endpoint capability, certificate-chain evidence, and the provenance of missing observations. This distinction is essential under TLS 1.3 encryption, resumption, mutual...

5.8AI score

Exploits0

GithubExploit•added 2026/05/02 9:53 p.m.•181 views

v3nomEyE

The All-in-One P1 Bug Bounty Reconnaissance & Exploitation...

5.9AI score

Exploits0

GithubExploit•added 2026/05/02 1:39 p.m.•68 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 Res...

7.8CVSS6AI score0.02194EPSS

Exploits226

RedhatCVE•added 2026/05/02 8:47 a.m.•2 views

CVE-2026-35243

Vulnerability in the Oracle Application Development Framework ADF product of Oracle Fusion Middleware component: ADF Faces. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where...

7.8CVSS5.8AI score0.00028EPSS

Exploits0References1

CNNVD•added 2026/05/02 12:0 a.m.•4 views

Yii2 MCP Server 命令注入漏洞

Yii2 MCP Server is a database and project management tool developed by Arthur Minasyan for the Yii2 framework. Version 1.0.2 of Yii2 MCP Server contains a command injection vulnerability. This vulnerability stems from improper handling of the yiicommandhelp/yiiexecutecommand function in the MCP...

6.5CVSS6.6AI score0.01521EPSS

Exploits0References2

NVD•added 2026/05/01 9:16 p.m.•1 views

CVE-2026-39805

Inconsistent Interpretation of HTTP Requests vulnerability in mtrudel bandit allows HTTP request smuggling via duplicate Content-Length headers. 'Elixir.Bandit.Headers':getcontentlength/1 in lib/bandit/headers.ex uses List.keyfind/3, which returns only the first matching header. When a request...

6.3CVSS0.00031EPSS

Exploits0References4

NVD•added 2026/05/01 9:16 p.m.•1 views

CVE-2026-42788

Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated memory exhaustion via oversized HTTP/2 frames. 'Elixir.Bandit.HTTP2.Frame':deserialize/2 in lib/bandit/http2/frame.ex checks the SETTINGSMAXFRAMESIZE limit only after pattern-matching...

6.9CVSS0.00031EPSS

Exploits0References4

ATTACKERKB•added 2026/05/01 8:34 p.m.•1 views

CVE-2026-39805

6.3CVSS5.8AI score0.00031EPSS

Exploits0References5

OSV•added 2026/05/01 8:34 p.m.•3 views

EEF-CVE-2026-42786 WebSocket fragmented message reassembly unbounded in bandit

Summary Allocation of Resources Without Limits or Throttling vulnerability in mtrudel bandit allows unauthenticated remote denial of service via memory exhaustion. The fragment reassembly path in 'Elixir.Bandit.WebSocket.Connection':handleframe/3 in lib/bandit/websocket/connection.ex appends ever...

8.7CVSS5.8AI score0.00081EPSS

Exploits0References4

GithubExploit•added 2026/05/01 8:12 p.m.•51 views

Xseta-WP-Exploit

Xseta-WP-Exploit Xseta - WordPr...

5.8AI score

Exploits0

OSV•added 2026/05/01 6:31 p.m.•1 views

GHSA-VF35-8M4J-GM8V MixPHP Framework has an SQL injection vulnerability

SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted on array to the joinOn function in BuildHelper.php...

6.5CVSS5.8AI score0.00045EPSS

Exploits0References4

OSV•added 2026/05/01 6:31 p.m.•2 views

GHSA-Q57J-RWWX-7RWP MixPHP Framework has an SQL injection vulnerability via crafted `data` array

SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted data array to the data function in BuildHelper.php...

6.5CVSS5.8AI score0.00045EPSS

Exploits0References4

Github Security Blog•added 2026/05/01 6:31 p.m.•6 views

MixPHP Framework has an SQL injection vulnerability

SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted on array to the joinOn function in BuildHelper.php...

6.5CVSS5.8AI score0.00045EPSS

Exploits0References5Affected Software1

Github Security Blog•added 2026/05/01 6:31 p.m.•6 views

MixPHP Framework has an SQL injection vulnerability via crafted `data` array

SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted data array to the data function in BuildHelper.php...

6.5CVSS5.8AI score0.00045EPSS

Exploits0References5Affected Software1

NVD•added 2026/05/01 5:16 p.m.•1 views

CVE-2026-37526

AGL app-framework-binder afb-daemon through v19.90.0 allows any local process to execute privileged supervision commands Exit, Do, Sclose, Config, Trace, Debug, Token, slist without authentication via the abstract Unix socket @urn:AGL:afs:supervision:socket. The onsupervisioncall function in...

7.8CVSS0.00024EPSS

Exploits0References2

NVD•added 2026/05/01 4:16 p.m.•2 views

CVE-2026-42475

SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted on array to the joinOn function in BuildHelper.php...

6.5CVSS0.00045EPSS

Exploits0References3

NVD•added 2026/05/01 4:16 p.m.•3 views

CVE-2026-42471

Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The sync-invoke client Connection.php:76 calls unserialize on data received from the server response, enabling client-side RCE if connecting to a malicious server...

8.1CVSS0.02308EPSS

Exploits2References3

NVD•added 2026/05/01 4:16 p.m.•0 views

CVE-2026-42474

SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted data array to the data function in BuildHelper.php...

6.5CVSS0.00045EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by