Lucene search
+L

86012 matches found

GithubExploit
GithubExploit
added 2 hours ago15 views

Exploit for Missing Release of Memory after Effective Lifetime in Linux Linux_Kernel

android-selinux-disabler Standalone extraction of the SELinux...

7.8CVSS7.1AI score0.00129EPSS
Exploits2
GithubExploit
GithubExploit
added 3 hours ago12 views

Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

log4shell-scanner A dependency-free, defensive scanner for...

10CVSS7.6AI score0.99999EPSS
Exploits359
GithubExploit
GithubExploit
added yesterday10 views

Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu\/Sl_Firmware

HIKRAVEN 🛡️ Advanced Hikvision Security Assessmen...

9.8CVSS9.1AI score0.99869EPSS
Exploits25
GithubExploit
GithubExploit
added yesterday11 views

Exploit for OS Command Injection in Zoneminder

CVE-2023-26039 Description ZoneMinder is a free, open sou...

8.8CVSS8.2AI score0.01246EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday8 views

Malicious code in trongridme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 04117292d543eae5a1d22c78d8a4507cc196c8770c9fb0a09ae2f9a10a8009d4 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

5.3AI score
Exploits0References2
OSV
OSV
added yesterday4 views

MAL-2026-10771 Malicious code in trongridme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e0388d3aee1f1a4d5c6a27ab1c30e0cb6c8b9679708bd8b1cf3f5c5e76624f77 Source: kam193 04117292d543eae5a1d22c78d8a4507cc196c8770c9fb0a09ae2f9a10a8009d4 Package appears to be designed for private key exfiltration, but no known...

5.3AI score
Exploits0References3
NVD
NVD
added yesterday7 views

CVE-2026-54242

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, the Glide image proxy's URL validation in src/Imaging/RemoteUrlValidator.php and src/Imaging/GuzzleAdapter.php could be bypassed using DNS rebinding. The remote hostname was validated as publicly...

4.9CVSS
Exploits0References5
NVD
NVD
added yesterday7 views

CVE-2026-54244

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.74.0 and 6.20.3, the Live Preview endpoint for existing entries and terms in src/Http/Controllers/CP/PreviewController.php only checked view authorization, but it accepts and renders caller-supplied field values. A...

3.5CVSS
Exploits0References5
NVD
NVD
added yesterday5 views

CVE-2026-54243

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula...

6.1CVSS
Exploits0References5
Cvelist
Cvelist
added yesterday11 views

CVE-2026-54243 Statamic: CSV formula injection in form submission exports

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula...

6.1CVSS
Exploits0References5
CVE
CVE
added yesterday24 views

CVE-2026-54243

CVE-2026-54243 affects Statamic CMS (Laravel/Git-powered). Prior to 5.73.24 and 6.20.1, form submission values exported to CSV via CsvExporter.php were not neutralized for spreadsheet formula characters. A value starting with =, +, -, or @ could be interpreted as a live formula when an editor ope...

6.1CVSS5.3AI score
Exploits0References5
EUVD
EUVD
added yesterday5 views

EUVD-2026-45321

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula...

6.1CVSS5.3AI score
Exploits0References5
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-54243

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, form submission values in src/Forms/Exporters/CsvExporter.php were not neutralized for spreadsheet formula characters when exported to CSV. A submission containing a value beginning with a formula...

6.1CVSS5.3AI score
Exploits0References6Affected Software1
CVE
CVE
added yesterday27 views

CVE-2026-54242

Statamic CMS contains a vulnerability in the Glide image proxy (DNS rebinding) that bypasses URL validation. In affected versions prior to 5.73.24 and 6.20.1, the RemoteUrlValidator and GuzzleAdapter could allow an attacker controlling a DNS hostname to rebind to an internal address after initial...

4.9CVSS5.4AI score
Exploits0References5
Cvelist
Cvelist
added yesterday10 views

CVE-2026-54242 Statamic: Server-Side Request Forgery via Glide (DNS rebinding)

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, the Glide image proxy's URL validation in src/Imaging/RemoteUrlValidator.php and src/Imaging/GuzzleAdapter.php could be bypassed using DNS rebinding. The remote hostname was validated as publicly...

4.9CVSS
Exploits0References5
EUVD
EUVD
added yesterday5 views

EUVD-2026-45320

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, the Glide image proxy's URL validation in src/Imaging/RemoteUrlValidator.php and src/Imaging/GuzzleAdapter.php could be bypassed using DNS rebinding. The remote hostname was validated as publicly...

4.9CVSS5.4AI score
Exploits0References5
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-54242

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.73.24 and 6.20.1, the Glide image proxy's URL validation in src/Imaging/RemoteUrlValidator.php and src/Imaging/GuzzleAdapter.php could be bypassed using DNS rebinding. The remote hostname was validated as publicly...

4.9CVSS5.4AI score
Exploits0References6Affected Software1
Cvelist
Cvelist
added yesterday10 views

CVE-2026-54244 Statamic: Incorrect authorization lets view-only users submit Live Preview content reserved for editors

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.74.0 and 6.20.3, the Live Preview endpoint for existing entries and terms in src/Http/Controllers/CP/PreviewController.php only checked view authorization, but it accepts and renders caller-supplied field values. A...

3.5CVSS
Exploits0References5
CVE
CVE
added yesterday19 views

CVE-2026-54244

Statamic CMS suffers an Incorrect Authorization issue in the Live Preview feature. Before versions 5.74.0 and 6.20.3, the Live Preview endpoint in src/Http/Controllers/CP/PreviewController.php only checked view permissions and could render caller-supplied field values. A Control Panel user with v...

3.5CVSS5.3AI score
Exploits0References5
EUVD
EUVD
added yesterday4 views

EUVD-2026-45319

Statamic is a Laravel and Git powered content management system CMS. Prior to 5.74.0 and 6.20.3, the Live Preview endpoint for existing entries and terms in src/Http/Controllers/CP/PreviewController.php only checked view authorization, but it accepts and renders caller-supplied field values. A...

3.5CVSS5.3AI score
Exploits0References5
Rows per page
Query Builder