CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.3CVSS5.8AI score0.00012EPSS

PT-2026-46902

Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...

Exploits0References3

PT-2026-46959

A security vulnerability has been detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. The impacted element is an unknown function of the file dashboard page/forms/upload student data.php of the component Student Data...

6.5CVSS6.2AI score

Exploits0References7

Cvelist•added yesterday•27 views

PT-2026-47034

Name of the Vulnerable Software and Affected Versions AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL versions prior to 4.0.1 Description An untrusted search path issue exists in the GlobalDatabasePlugin. This allows a remote authenticated low-privilege actor to escalate privileges to thos...

8.6CVSS5.5AI score

Exploits0References5

CVE-2026-37737

sanic-cors version 2.2.0 and prior contains an improper regular expression in the trymatch function in saniccors/core.py that uses re.match without end-anchoring. This allows an attacker to bypass CORS origin allowlists by registering a domain that begins with a trusted origin string, to gain...

Positive Technologies•added yesterday•5 views

PT-2026-46912

Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8...

9.8CVSS5.5AI score0.0005EPSS

Exploits0References2

Positive Technologies•added yesterday•8 views

PT-2026-47062

🚨 Multiple Critical Vulnerabilities Disclosed in DbGate Several severe vulnerabilities in DbGate can allow attackers to achieve remote code execution: • CVE-2026-47668 - Unauthenticated RCE via JSON Script Runner dbgate-serve • CVE-2026-47669 - Zip Slip arbitrary file write leading to RCE •...

6AI score

Exploits1References1

CVE•added 2 days ago•12 views

PT-2026-46977

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage user. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely...

4.8CVSS3.6AI score

Exploits0References7

CVE-2026-10876

CVE-2026-10876 affects SourceCodester Ship Ferry Ticket Reservation System 1.0. The vulnerability is described as an improper authorization due to manipulation of an argument on an endpoint under /admin/, with the affected function being unknown. It allows remote exploitation and the exploit has ...

6.5CVSS6.3AI score0.00043EPSS

Exploits0References6

CVE•added 2 days ago•6 views

CVE-2026-10874

CVE-2026-10874 affects projectworlds Online Art Gallery Shop Project 1.0. The vulnerability resides in an unknown function within /admin/adminHome.php, where manipulating the parameter social_insta leads to a SQL injection. Exploitation may be remote and publicly available. CVSS metrics in the so...

6.5CVSS6.5AI score0.00028EPSS

Exploits0References5

NVD•added 2 days ago•5 views

CVE-2026-45287

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1 leaks one file descriptor on each successful ParseFile call. ParseFile opens the schema file and passes it to Parse without closing it...

2.1CVSS0.00013EPSS

Exploits0References3

Cvelist•added 2 days ago•30 views

CVE-2026-10813 LMCache KV Cache utils.py hex_hash_to_int16 weak hash

A flaw has been found in LMCache up to 0.4.6. This affects the function hexhashtoint16 of the file lmcache/integration/vllm/utils.py of the component KV Cache Handler. Executing a manipulation can lead to use of weak hash. The attack needs to be launched locally. The attack requires a high level ...

3.6CVSS0.00009EPSS

Exploits0References7

NVD•added 2 days ago•6 views

CVE-2026-10806

A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS0.00043EPSS

Exploits0References6

Cvelist•added 2 days ago•31 views

CVE-2019-25733 NetShareWatcher 1.5.8.0 SEH Buffer Overflow

NetShareWatcher 1.5.8.0 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input. Attackers can craft a payload with overwritten SEH and NSEH pointers through the Restrictions custom filter field to...

8.6CVSS0.00013EPSS

ATTACKERKB•added 2 days ago•3 views

CVE-2019-25733

Exploits0References4Affected Software1

EUVD•added 2 days ago•4 views

EUVD-2019-20169

CVE•added 2 days ago•7 views

CVE-2019-25733

NetShareWatcher 1.5.8.0 contains a structured exception handler (SEH) buffer overflow in which a malicious input in the Restrictions custom filter field can overwrite SEH/NSEH pointers and cause code execution when Find is invoked. This is a local vulnerability with high impact (CVSSv3.1/8.4, CVS...

Vulnrichment•added 2 days ago•5 views

CVE-2019-25733 NetShareWatcher 1.5.8.0 SEH Buffer Overflow