CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1277 matches found

Circl•added 2026/04/03 5:26 p.m.•2 views

GHSA-GJW9-34GF-RP6M

creationtimestamp| type| source ---|---|--- 2026-04-03 17:26:40+00:00| published-proof-of-concept| Telegram/DJsg5Qi7j92DgCP14lqfeXU4IPClBfbIww0fpCMr4ueipk0...

4.8AI score

Exploits0

Circl•added 2026/04/03 5:26 p.m.•1 views

GHSA-RWW4-4W9C-7733

creationtimestamp| type| source ---|---|--- 2026-04-03 17:26:40+00:00| published-proof-of-concept| Telegram/DJsg5Qi7j92DgCP14lqfeXU4IPClBfbIww0fpCMr4ueipk0...

4.8AI score

Exploits0

Circl•added 2026/04/02 7:26 p.m.•1 views

GHSA-MV6H-V3JG-G539

creationtimestamp| type| source ---|---|--- 2026-04-02 19:26:58+00:00| published-proof-of-concept| Telegram/7DVhAvDfvaCSFfrp-315YEAfd2kaZp9OZJgmE0wwvo2i8o...

4.8AI score

Exploits0

Circl•added 2026/04/02 6:1 p.m.•1 views

CVE-2026-35452

creationtimestamp| type| source ---|---|--- 2026-04-02 18:01:54+00:00| published-proof-of-concept| https://github.com/WWBN/AVideo/security/advisories/GHSA-99j6-hj87-6fcf...

5.3CVSS5.8AI score0.0002EPSS

Exploits1References1

Circl•added 2026/04/02 5:52 p.m.•2 views

CVE-2026-35448

creationtimestamp| type| source ---|---|--- 2026-04-02 17:52:54+00:00| published-proof-of-concept| https://github.com/WWBN/AVideo/security/advisories/GHSA-3v7m-qg4x-58h9...

3.7CVSS5.8AI score0.00019EPSS

Exploits1References1

Snyk•added 2026/04/01 9:7 p.m.•3 views

Improper Authorization

Overview wwbn/avideo is an Audio and Video Platform or simply "A Video Platform". Affected versions of this package are vulnerable to Improper Authorization in the overrideStatus request parameter, which is processed by the setStatus function. An attacker can bypass administrative moderation and...

5.3CVSS5.8AI score0.0001EPSS

Exploits1References2

OSV•added 2026/04/01 8:47 p.m.•1 views

GHSA-QC22-XMQ4-QG46 c2cciutils affected by CVE-2022-40896

Pinned vulnerable version of Pygment CVE-2022-40896...

6.8CVSS5.8AI score

Exploits0References4

Circl•added 2026/04/01 6:48 p.m.•1 views

CVE-2026-35179

creationtimestamp| type| source ---|---|--- 2026-04-01 18:48:36+00:00| published-proof-of-concept| https://github.com/WWBN/AVideo/security/advisories/GHSA-x9w5-xccw-5h9w...

5.3CVSS5.8AI score0.00097EPSS

Exploits1References1

Snyk•added 2026/03/31 11:2 p.m.•3 views

Arbitrary Code Injection

Overview org.webjars.npm:lodash is a modern JavaScript utility library delivering modularity, performance, & extras. Affected versions of this package are vulnerable to Arbitrary Code Injection due the improper validation of options.imports key names in .template. An attacker can execute arbitrar...

9.8CVSS7.1AI score0.04314EPSS

Exploits2References2

Circl•added 2026/03/31 7:20 p.m.•2 views

GHSA-VR79-8M62-WH98

creationtimestamp| type| source ---|---|--- 2026-03-31 19:20:27+00:00| published-proof-of-concept| Telegram/pGlKXNBirRT0gxqFC1bVLs6pojbUfu72MTdyyvCxHD2SpM...

4.8AI score

Exploits0

Circl•added 2026/03/31 5:23 p.m.•1 views

CVE-2026-34729

creationtimestamp| type| source ---|---|--- 2026-03-31 17:23:49+00:00| published-proof-of-concept| https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-cv2g-8cj8-vgc7 2026-03-31 17:23:49+00:00| published-proof-of-concept|...

6.1CVSS5.8AI score0.00045EPSS

Exploits1References1

Circl•added 2026/03/31 5:23 p.m.•1 views

CVE-2026-34974

creationtimestamp| type| source ---|---|--- 2026-03-31 17:23:15+00:00| published-proof-of-concept| https://github.com/thorsten/phpMyFAQ/security/advisories/GHSA-5crx-pfhq-4hgg...

5.4CVSS5.8AI score0.00035EPSS

Exploits1References1

Wolfi•added 2026/03/31 7:48 a.m.•3 views

GHSA-37CH-88JC-XWX2 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines, sqlpad, json-server, kubeflow-centraldashboard, argo-workflows...

5.8AI score

Exploits0

Circl•added 2026/03/30 7:31 p.m.•2 views

CVE-2026-34715

creationtimestamp| type| source ---|---|--- 2026-03-30 19:31:23+00:00| published-proof-of-concept| https://github.com/vshakitskiy/ewe/security/advisories/GHSA-x2w3-23jr-hrpf 2026-03-30 19:31:23+00:00| published-proof-of-concept|...

5.3CVSS5.8AI score0.00018EPSS

Exploits1References1

Circl•added 2026/03/30 5:31 p.m.•1 views

CVE-2026-34523

creationtimestamp| type| source ---|---|--- 2026-03-30 17:31:58+00:00| published-proof-of-concept| https://github.com/SillyTavern/SillyTavern/security/advisories/GHSA-525j-2hrj-m8fp 2026-03-30 17:31:58+00:00| published-proof-of-concept|...

5.3CVSS5.8AI score0.00031EPSS

Exploits1References1

Snyk•added 2026/03/30 3:59 p.m.•2 views

Malicious Package

Overview eslint-validator is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score

Exploits0References2

Wolfi•added 2026/03/30 1:53 p.m.•4 views

GHSA-2J22-PR5W-6GQ8 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails...

5.8AI score

Exploits0

Snyk•added 2026/03/29 3:49 p.m.•1 views

Incorrect Authorization

Overview @openclaw/feishu is an OpenClaw Feishu/Lark channel plugin community maintained by @m1heng Affected versions of this package are vulnerable to Incorrect Authorization via the callback handling process. An attacker can gain unauthorized access to callback functionality by sending speciall...

6.9CVSS5.9AI score0.00098EPSS

Exploits0References3

Circl•added 2026/03/28 3:20 a.m.•4 views

CVE-2026-33029

creationtimestamp| type| source ---|---|--- 2026-03-28 03:20:34+00:00| published-proof-of-concept| https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-cp8r-8jvw-v3qg...

6.9CVSS5.8AI score0.00069EPSS

Exploits1References1

Circl•added 2026/03/27 9:23 p.m.•1 views

GHSA-RWCR-RPCC-3G9M

creationtimestamp| type| source ---|---|--- 2026-03-27 21:23:14+00:00| published-proof-of-concept| Telegram/B1-lnNSHplGL4tzlck3EB0WXwjfJllp4cXItiyc0oKB0vU...

4.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by