CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

29580 matches found

Circl•added 2026/02/25 11:40 p.m.•0 views

GHSA-MPHV-75CG-56WG

creationtimestamp| type| source ---|---|--- 2026-02-25 23:40:19+00:00| seen| https://gist.github.com/alon710/2fdb93ea28abae568076465460152300...

4.8AI score

Exploits0References1

OSV•added 2026/02/25 11:7 p.m.•3 views

GO-2026-4545 esm.sh is vulnerable to full-response SSRF in github.com/esm-dev/esm.sh

esm.sh is vulnerable to full-response SSRF in github.com/esm-dev/esm.sh...

8.7CVSS5.5AI score0.00381EPSS

Exploits1References4

OSV•added 2026/02/25 11:7 p.m.•5 views

GO-2026-4546 FileBrowser Quantum: Password Protection Not Enforced on Shared File Links in github.com/gtsteffaniak/filebrowser/backend

FileBrowser Quantum: Password Protection Not Enforced on Shared File Links in github.com/gtsteffaniak/filebrowser/backend...

7.1CVSS5.5AI score0.00307EPSS

Exploits1References4

Wolfi•added 2026/02/25 7:48 p.m.•4 views

GHSA-QRVQ-68C2-7GRW vulnerabilities

Vulnerabilities for packages: k3s, telegraf, kine, nats-top...

5.8AI score

Exploits0

Circl•added 2026/02/25 7:10 p.m.•1 views

GHSA-JHP4-JVQ3-W5XR

creationtimestamp| type| source ---|---|--- 2026-02-25 19:10:19+00:00| seen| https://gist.github.com/alon710/1b38be1c4bfe28706dfdf76e6aecf149...

4.8AI score

Exploits0References1

OSV•added 2026/02/25 6:59 p.m.•4 views

GHSA-CVWJ-6C9H-JG6V Parse Dashboard is Missing Authorization for its Agent Endpoint

Impact The AI Agent API endpoint POST /apps/:appId/agent does not enforce authorization. Authenticated users scoped to specific apps can access any other app's agent endpoint by changing the app ID in the URL. Read-only users are given the full master key instead of the read-only master key and c...

9.3CVSS5.5AI score0.0022EPSS

Exploits0References4

NVD•added 2026/02/25 4:23 p.m.•4 views

CVE-2026-27701

LiveCode is an open-source, client-side code playground. Prior to commit e151c64c2bd80d2d53ac1333f1df9429fe6a1a11, LiveCode's i18n-update-pull GitHub Actions workflow is vulnerable to JavaScript injection. The title of the Pull Request associated with the triggering issue comment is interpolated...

8.8CVSS0.0025EPSS

Exploits0References2

EUVD•added 2026/02/25 3:6 p.m.•1 views

EUVD-2026-8645

8.8CVSS5.8AI score0.0025EPSS

Exploits0References2

OSV•added 2026/02/25 3:6 p.m.•5 views

CVE-2026-27701 LiveCodes vulnerable to JavaScript Injection via untrusted PR title in i18n-update-pull workflow

8.8CVSS6.1AI score0.0025EPSS

Exploits0References4

Circl•added 2026/02/25 1:40 a.m.•1 views

GHSA-XJHV-V822-PF94

creationtimestamp| type| source ---|---|--- 2026-02-25 01:40:27+00:00| seen| https://gist.github.com/alon710/447723fe5251aee242f8395c82fa3afa...

4.8AI score

Exploits0References1

Circl•added 2026/02/25 1:8 a.m.•2 views

GHSA-299V-8PQ9-5GJQ

creationtimestamp| type| source ---|---|--- 2026-02-25 01:08:27+00:00| seen| https://gist.github.com/alon710/95d75a59b32de2eaa17ab17568afc3b1...

4.8AI score

Exploits0References1

Circl•added 2026/02/25 1:8 a.m.•1 views

GHSA-G3GW-Q23R-PGQM

creationtimestamp| type| source ---|---|--- 2026-02-25 01:08:20+00:00| seen| https://gist.github.com/alon710/3c4ee34d2cdc53cc5dccf62f09e44104...

4.8AI score

Exploits0References1

Circl•added 2026/02/25 1:8 a.m.•2 views

GHSA-V2GC-RM6G-WRW9

creationtimestamp| type| source ---|---|--- 2026-02-25 01:08:11+00:00| seen| https://gist.github.com/alon710/2a6bff36b163c3eb59d13fedcce793b9...

4.8AI score

Exploits0References1

Circl•added 2026/02/25 1:8 a.m.•2 views

GHSA-78QV-3MPX-9CQQ

creationtimestamp| type| source ---|---|--- 2026-02-25 01:08:04+00:00| seen| https://gist.github.com/alon710/2374cc8dbd605d3c0e5e8ece442a11db...

4.8AI score

Exploits0References1

CNNVD•added 2026/02/25 12:0 a.m.•6 views

LiveCode 代码注入漏洞

LiveCode is a multi-platform programming tool developed by the LiveCode team. It can run on iOS, Android, OS X, Windows 95 through Windows 10, Raspberry Pi, and various Unix variants including Linux, Solaris, and BSD. LiveCode has a code injection vulnerability. This vulnerability stems from the...

8.8CVSS6AI score0.0025EPSS

Exploits0References2

Positive Technologies•added 2026/02/25 12:0 a.m.•8 views

PT-2026-21922

Name of the Vulnerable Software and Affected Versions LiveCode versions prior to commit e151c64c2bd80d2d53ac1333f1df9429fe6a1a11 Description LiveCode is an open-source, client-side code playground. The i18n-update-pull GitHub Actions workflow is susceptible to JavaScript injection prior to commit...

8.8CVSS6.1AI score0.0025EPSS

Exploits0References7

Wolfi•added 2026/02/24 7:48 p.m.•5 views

GHSA-GQ3J-XVXP-8HRF vulnerabilities

Vulnerabilities for packages: langfuse...

5.2AI score

Exploits0

The Hacker News•added 2026/02/24 6:52 p.m.•8 views

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious Copilot instructions in a GitHub issue. The artificial intelligence AI-driven vulnerability has been codenamed RoguePilot by Orca Security. It has since been patche...

6.4AI score

Exploits0

Snyk•added 2026/02/24 3:26 a.m.•4 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the PFCP SessionReportRequest process when ReportType.USAR is set to 1 and the UsageReport omits the mandatory URRID sub-IE. An attacker can cause the service to crash and terminate by sending a specially...

8.7CVSS5.9AI score0.00302EPSS

Exploits1References2

Wolfi•added 2026/02/24 1:53 a.m.•4 views

GHSA-M7JM-9GC2-MPF2 vulnerabilities

Vulnerabilities for packages: prism, saf, tileserver-gl, renovate...

5.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by