CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Circl•added 2026/05/06 7:40 a.m.•6 views

GHSA-FG3J-5W9G-HMG7

creationtimestamp| type| source ---|---|--- 2026-05-06 07:40:29+00:00| seen| https://gist.github.com/alon710/cdeb633d740e110eed8363124062a03a...

Circl•added 2026/05/06 7:13 a.m.•5 views

CVE-2026-44897

creationtimestamp| type| source ---|---|--- 2026-05-06 07:13:48+00:00| published-proof-of-concept| https://github.com/lepture/mistune/security/advisories/GHSA-v87v-83h2-53w7...

6.1CVSS5.8AI score0.00031EPSS

Circl•added 2026/05/06 7:9 a.m.•3 views

CVE-2026-44708

creationtimestamp| type| source ---|---|--- 2026-05-06 07:09:57+00:00| published-proof-of-concept| https://github.com/lepture/mistune/security/advisories/GHSA-8g87-j6q8-g93x...

6.1CVSS5.8AI score0.00031EPSS

Positive Technologies•added 2026/05/06 12:0 a.m.•5 views

PT-2026-38304

PraisonAI is a multi-agent teams system. From version 4.5.139 to before version 4.6.32, CVE-2026-40287's fix gated tools.py auto-import behind PRAISONAI ALLOW LOCAL TOOLS=true in two files tool resolver.py, api/call.py. A third import sink in praisonai/templates/tool override.py was missed and...

8.4CVSS5.9AI score0.00008EPSS

Exploits2References8

Wolfi•added 2026/05/05 7:48 p.m.•10 views

GHSA-M7HM-VM4X-28JF vulnerabilities

Vulnerabilities for packages: dagdotdev...

Github Security Blog•added 2026/05/05 6:28 p.m.•5 views

Exploits0

@tdurieux/anonymous_github Vulnerable to XSS via Unsanitized GitHub Repository Content Rendering in Anonymous GitHub Origin

Summary Anonymous GitHub fetches repository content e.g., markdown files from GitHub's API and renders it without sanitization. On the client side, markdown is parsed with marked with sanitize: false and injected into the DOM via $sce.trustAsHtml + ng-bind-html, bypassing AngularJS's built-in XSS...

6AI score

Exploits0References2Affected Software1

Snyk•added 2026/05/05 6:28 p.m.•3 views

Cross-site Scripting (XSS)

Overview @tdurieux/anonymousgithub is an Anonymise Github repositories for double-anonymous reviews Affected versions of this package are vulnerable to Cross-site Scripting XSS via the renderMD function. An attacker can execute arbitrary JavaScript in the application origin by crafting a maliciou...

8.6CVSS5.8AI score

Exploits0References3

OSV•added 2026/05/05 6:28 p.m.•1 views

GHSA-G485-8J3V-P6X8 @tdurieux/anonymous_github Vulnerable to XSS via Unsanitized GitHub Repository Content Rendering in Anonymous GitHub Origin

8.1CVSS6AI score

Exploits0References2

Circl•added 2026/05/05 6:5 p.m.•4 views

CVE-2026-42578

creationtimestamp| type| source ---|---|--- 2026-05-05 18:05:31+00:00| published-proof-of-concept| https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr...

7.5CVSS6.9AI score0.0001EPSS

Circl•added 2026/05/05 3:0 a.m.•4 views

CVE-2026-350234

creationtimestamp| type| source ---|---|--- 2026-05-05 03:00:04+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/82846 2026-05-05 09:00:04+00:00| seen| Telegram/YNBAQ7wY3nDaf6oW9SSpET1W5P-GdTLvm9dgaOEDkfw4Y...

Circl•added 2026/05/04 11:42 p.m.•3 views

CVE-2026-44721

creationtimestamp| type| source ---|---|--- 2026-05-04 23:42:51+00:00| published-proof-of-concept| https://github.com/open-webui/open-webui/security/advisories/GHSA-gf5m-wcrh-7928...

7.3CVSS7.2AI score0.00036EPSS

Circl•added 2026/05/04 11:31 p.m.•3 views

GHSA-96VC-WCXF-JJFF

creationtimestamp| type| source ---|---|--- 2026-05-04 23:31:29+00:00| seen| https://gist.github.com/limcheekin/b22dc88a260c8e395b6d84d05bd62a04...

Circl•added 2026/05/04 11:31 p.m.•4 views

GHSA-QG5C-HVR5-HJGR

creationtimestamp| type| source ---|---|--- 2026-05-04 23:31:29+00:00| seen| https://gist.github.com/limcheekin/b22dc88a260c8e395b6d84d05bd62a04...

Circl•added 2026/05/04 10:10 p.m.•0 views

GHSA-G38R-8GMR-GHRF

creationtimestamp| type| source ---|---|--- 2026-05-04 22:10:29+00:00| seen| https://gist.github.com/alon710/15d45700e9c417f92716ddfa05ebc56f...

Circl•added 2026/05/04 8:40 p.m.•2 views

GHSA-X3H8-JRGH-P8JX

creationtimestamp| type| source ---|---|--- 2026-05-04 20:40:29+00:00| seen| https://gist.github.com/alon710/b60926baf5e2d9d70756e13d5032afa9...

Circl•added 2026/05/04 8:10 p.m.•0 views

GHSA-Q49M-57VM-C8CC

creationtimestamp| type| source ---|---|--- 2026-05-04 20:10:29+00:00| seen| https://gist.github.com/alon710/e5f670283b66e1c583d8b3f3f9d1efba...

Snyk•added 2026/05/04 7:44 p.m.•4 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the YAML metadata parsing process. An attacker can cause excessive memory consumption and potentially trigger an out-of-memory condition on the server by uploading a crafted image ...

5.3CVSS5.8AI score0.00048EPSS

Exploits1References2

Snyk•added 2026/05/04 7:38 p.m.•5 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference through the UploadAllFiles process. An attacker can cause the daemon to crash by importing a truncated or malformed backup archive that triggers a nil-pointer dereference during tar file iteration. Remediation...

7.1CVSS5.8AI score0.00018EPSS

Exploits1References2

Circl•added 2026/05/04 5:10 p.m.•3 views

CVE-2026-41358

creationtimestamp| type| source ---|---|--- 2026-05-04 17:10:29+00:00| seen| https://gist.github.com/alon710/d4f3d9fbcfea6645ceefb383fa46637f...

5.4CVSS5.7AI score0.00017EPSS