CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29553 matches found

Chainguard•added 2026/01/14 7:17 p.m.•4 views

GHSA-9WPJ-H5JQ-88P9 vulnerabilities

Vulnerabilities for packages: redis...

7AI score

Exploits0

OSV•added 2026/01/14 7:15 p.m.•10 views

GO-2025-4251 Ollama has missing authentication enabling attackers to perform model management operations in github.com/ollama/ollama

Ollama has missing authentication enabling attackers to perform model management operations in github.com/ollama/ollama...

9.8CVSS7AI score0.00123EPSS

Exploits0References3

Circl•added 2026/01/14 7:4 p.m.•3 views

CVE-2020-9039

creationtimestamp| type| source ---|---|--- 2026-01-14 19:04:28+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2020/CVE-2020-9039.yaml 2026-01-15 21:03:01+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mciiaea53b2b...

9.8CVSS9.2AI score0.49114EPSS

Exploits0References2

Chainguard•added 2026/01/14 1:17 a.m.•4 views

GHSA-VH2P-4GFM-V9V7 vulnerabilities

Vulnerabilities for packages: linux-qemu, linux-gcp, linux-azure, linux-vmware, linux-aws...

5.2AI score

Exploits0

NVD•added 2026/01/13 9:15 p.m.•5 views

CVE-2026-22869

Eigent is a multi-agent Workforce. A critical security vulnerability in the CI workflow .github/workflows/ci.yml allows arbitrary code execution from fork pull requests with repository write permissions. The vulnerable workflow uses pullrequesttarget trigger combined with checkout of untrusted PR...

9.8CVSS0.00162EPSS

Exploits1References4

CVE•added 2026/01/13 8:38 p.m.•30 views

CVE-2026-22869

Eigent’s CVE-2026-22869 affects its CI workflow (.github/workflows/ci.yml) used in the Eigent multi‑agent Workforce. The vulnerability arises from using the pull_request_target trigger in combination with checking out untrusted PR code, enabling arbitrary code execution from fork pull requests wi...

9.8CVSS7.5AI score0.00162EPSS

Exploits1References4Affected Software1

vulnersOsv•added 2026/01/13 7:54 p.m.•6 views

@cenk1cenk2/renovate-config (>=2.0.0 <=2.3.148), @jamietanna/patch-testing (>=0.1.0 <=0.2.28) +8 more potentially affected by unknown CVE via renovate (>=32.241.11 <=42.66.1)

renovate NPM version =32.241.11, =2.0.0, =0.1.0, =0.1.0, =0.5.0, =0.1.0, =0.1.0, =0.0.1, =0.19.0 - @zotero-chinese/renovate-config =1.0.3 Source cves: unknown CVE Source advisory: OSV:GHSA-PFQ2-HH62-7M96...

5.8AI score

Exploits0

Circl•added 2026/01/13 6:1 p.m.•3 views

CVE-2026-20957

creationtimestamp| type| source ---|---|--- 2026-01-13 18:01:16+00:00| seen| https://www.thezdi.com/blog/2026/1/13/the-january-2026-security-update-review 2026-01-13 18:18:45+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0010 2026-01-13 19:01:58+00:00| seen|...

7.8CVSS5.7AI score0.00076EPSS

Exploits0References5

Circl•added 2026/01/13 6:1 p.m.•3 views

CVE-2026-20944

creationtimestamp| type| source ---|---|--- 2026-01-13 18:01:16+00:00| seen| https://www.thezdi.com/blog/2026/1/13/the-january-2026-security-update-review 2026-01-13 18:17:02+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115889158303083604 2026-01-13 18:18:45+00:00| seen|...

8.4CVSS5.7AI score0.00033EPSS

Exploits0References6

OSV•added 2026/01/13 4:42 p.m.•4 views

GO-2026-4297 Mattermost Server has intermittent Authorization bypass for resource-owners in github.com/mattermost/mattermost-server

Mattermost Server has intermittent Authorization bypass for resource-owners in github.com/mattermost/mattermost-server...

8.1CVSS6.9AI score0.00209EPSS

Exploits0References3

OSV•added 2026/01/13 4:42 p.m.•2 views

GO-2026-4303 Mattermost Server is vulnerable CSV Injection in github.com/mattermost/mattermost-server

Mattermost Server is vulnerable CSV Injection in github.com/mattermost/mattermost-server...

9.8CVSS7.1AI score0.00647EPSS

Exploits0References4

Circl•added 2026/01/13 2:36 p.m.•2 views

GHSA-MQW7-C5GG-XQ97

creationtimestamp| type| source ---|---|--- 2026-01-13 14:36:18+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115888290409404878...

5.8AI score

Exploits0References1

OSV•added 2026/01/13 2:28 p.m.•4 views

GHSA-MQW7-C5GG-XQ97 Jervis Has a RSA PKCS#1 Padding Vulnerability

Vulnerability https://github.com/samrocketman/jervis/blob/157d2b63ffa5c4bb1d8ee2254950fd2231de2b05/src/main/groovy/net/gleske/jervis/tools/SecurityIO.groovyL463-L465...

8.7CVSS6.8AI score0.00009EPSS

Exploits0References6

OSV•added 2026/01/12 5:39 p.m.•6 views

GO-2026-4293 WeKnora vulnerable to SQL Injection in github.com/Tencent/WeKnora

WeKnora vulnerable to SQL Injection in github.com/Tencent/WeKnora...

9.8CVSS7.9AI score0.00016EPSS

Exploits1References3

OSV•added 2026/01/12 5:39 p.m.•2 views

GO-2026-4277 listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover in github.com/knadh/listmonk

listmonk Vulnerable to Stored XSS Leading to Admin Account Takeover in github.com/knadh/listmonk. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

6.4CVSS6AI score0.00008EPSS

Exploits1References4

OSV•added 2026/01/12 5:39 p.m.•4 views

GO-2026-4286 OpenFlagr contains an authentication bypass vulnerability in the HTTP middleware in github.com/openflagr/flagr

OpenFlagr contains an authentication bypass vulnerability in the HTTP middleware in github.com/openflagr/flagr...

9.3CVSS7.1AI score0.00235EPSS

Exploits0References6

Circl•added 2026/01/12 1:26 p.m.•3 views

RHSA-2026:0424

creationtimestamp| type| source ---|---|--- 2026-01-12 13:26:42+00:00| seen| https://gist.github.com/Darkcrai86/3cc9ce8a0ecea48c6749ff66fb3d9cd5...

5.8AI score

Exploits0References1