CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/03/10 8:16 p.m.•6 views

CVE-2026-2266

7.4CVSS0.00176EPSS

Cvelist•added 2026/03/10 6:56 p.m.•28 views

CVE-2026-3582 Incorrect Authorization in GitHub Enterprise Server allows access to issue and commit search results without repo scope

5.3CVSS0.00248EPSS

Exploits0References4

CVE•added 2026/03/10 6:56 p.m.•8 views

CVE-2026-3582

CVE-2026-3582 affects GitHub Enterprise Server. An Incorrect Authorization vulnerability allowed an authenticated user with a classic PAT lacking the repo scope to retrieve issues and commits from private/internal repositories via the search REST API, provided the user already had access to the r...

5.3CVSS5.8AI score0.00248EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2026/03/10 6:55 p.m.•3 views

CVE-2026-2266 Improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed cross-site scripting via task list content and enabled arbitrary HTML injection

7.4CVSS5.9AI score0.00176EPSS

Cvelist•added 2026/03/10 6:55 p.m.•26 views

CVE-2026-2266 Improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed cross-site scripting via task list content and enabled arbitrary HTML injection

7.4CVSS0.00176EPSS

ATTACKERKB•added 2026/03/10 6:55 p.m.•4 views

CVE-2026-2266

7.4CVSS5.9AI score0.00176EPSS

Exploits0References3Affected Software1

CVE•added 2026/03/10 6:55 p.m.•7 views

CVE-2026-2266

CVE-2026-2266 : In GitHub Enterprise Server, there is a DOM-based cross-site scripting vulnerability caused by improper neutralization of input in the task list content rendering. Authenticated users can craft malicious task list items in issues or pull requests to inject user-supplied HTML and e...

7.4CVSS5.9AI score0.00176EPSS

Exploits0References2Affected Software1

EUVD•added 2026/03/10 6:31 p.m.•4 views

EUVD-2026-10745

An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an attacker with push access to a repository to achieve remote code execution on the instance. During a git push operation, user-supplied push option values were not properly...

8.7CVSS6.3AI score0.09884EPSS

Exploits5References7

EUVD•added 2026/03/10 6:31 p.m.•4 views

EUVD-2026-10744

8.7CVSS6.3AI score0.09884EPSS

Exploits5References7

EUVD•added 2026/03/10 6:31 p.m.•5 views

EUVD-2026-10743

An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed a user with read access to a repository and write access to a project to modify issue and pull request metadata through the project. When adding an item to a project that already existed, column value...

OSV•added 2026/03/10 6:19 p.m.•3 views

Exploits0References7

CVE-2026-3854

8.8CVSS6.4AI score0.09884EPSS

Exploits5References6

NVD•added 2026/03/10 6:19 p.m.•5 views

CVE-2026-3854

8.8CVSS0.09884EPSS

Exploits5References7

OSV•added 2026/03/10 6:19 p.m.•5 views

CVE-2026-3306

4.3CVSS5.7AI score0.00321EPSS

NVD•added 2026/03/10 6:19 p.m.•5 views

CVE-2026-3306

5.3CVSS0.00321EPSS

Vulnrichment•added 2026/03/10 5:46 p.m.•4 views

CVE-2026-3306 Improper authorization in GitHub Projects allows modification of issue and pull request metadata without repository write access

ATTACKERKB•added 2026/03/10 5:46 p.m.•2 views

CVE-2026-3306

Exploits0References7Affected Software1

Cvelist•added 2026/03/10 5:46 p.m.•28 views

CVE-2026-3306 Improper authorization in GitHub Projects allows modification of issue and pull request metadata without repository write access

5.3CVSS0.00321EPSS

CVE•added 2026/03/10 5:46 p.m.•11 views

CVE-2026-3306

CVE-2026-3306 describes an improper authorization in GitHub Enterprise Server where a user with read access to a repository and write access to a project could modify issue and pull request metadata via the project without repository write permissions being verified during column value updates. T...