Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

183 matches found

Circl
Circladded 2026/05/14 7:52 a.m.3 views

CVE-2026-5297

creationtimestamp| type| source ---|---|--- 2026-05-14 07:52:53+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-su-gitlab-ce/ee-14 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/gitlab-multiple-vulnerabilities20260515...

5.8AI score
Exploits0References2
Circl
Circladded 2026/05/12 4:5 a.m.6 views

CVE-2026-6865

creationtimestamp| type| source ---|---|--- 2026-05-12 04:05:34+00:00| seen| https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-schneider-electric-11...

7.1CVSS5.8AI score0.00061EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/12 3:35 a.m.3 views

Malicious code in @uipath/gov-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1528428c4478092edf22976f2f4f138666d82e58ca45ef5926c7300e27ca128 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
NVD
NVDadded 2026/05/07 8:16 p.m.7 views

CVE-2026-43510

manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. Fixed in 1.176.0 on or around 2026-04-30...

7.6CVSS0.00024EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/05/07 6:50 p.m.4 views

CVE-2026-43510 CISA manage.get.gov insecure portfolio administrative privileges

manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already in another organization. Fixed in 1.176.0 on or around 2026-04-30...

7.6CVSS5.8AI score0.00024EPSS
Exploits0References6
Circl
Circladded 2026/03/23 10:37 a.m.3 views

CVE-2026-22902

creationtimestamp| type| source ---|---|--- 2026-03-23 10:37:14+00:00| seen| https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-qnap-7 2026-03-23 14:40:08+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mhqc3gk4px2k...

8.4CVSS5.8AI score0.00024EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-49024

Malicious code in bioql PyPI...

4.3CVSS4.9AI score0.00056EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/09/06 12:29 p.m.7 views

CVE-2025-7385

Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL injection vulnerability, which might be exploited by an unauthenticated remote attacker. Versions 4.0 and above are not affected...

9.3CVSS8.1AI score0.00256EPSS
Exploits0References1
NVD
NVDadded 2025/09/04 1:15 p.m.6 views

CVE-2025-7385

Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL injection vulnerability, which might be exploited by an unauthenticated remote attacker. Versions 4.0 and above are not affected...

9.3CVSS0.00256EPSS
Exploits0References2
CVE
CVEadded 2025/09/04 12:5 p.m.13 views

CVE-2025-7385

CVE-2025-7385 affects GOV CMS with a vulnerability in the search query parameter handling that is not properly sanitized, enabling a Blind SQL injection. According to connected documents, the issue impacts GOV CMS versions prior to 4.0; versions 4.0 and above are not affected. The vulnerability c...

9.3CVSS7.4AI score0.00256EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/09/04 12:5 p.m.6 views

CVE-2025-7385 SQL Injection in GOV CMS

Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL injection vulnerability, which might be exploited by an unauthenticated remote attacker. Versions 4.0 and above are not affected...

9.3CVSS7.4AI score0.00256EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/08/14 6:52 p.m.2 views

Malicious code in @zalastax/nolb-gov (npm)

The package @zalastax/nolb-gov was found to contain malicious code...

7AI score
Exploits0
OSV
OSVadded 2025/08/14 6:52 p.m.1 views

MAL-2025-11728 Malicious code in @zalastax/nolb-gov (npm)

The package @zalastax/nolb-gov was found to contain malicious code...

7.2AI score
Exploits0
Vulnrichment
Vulnrichmentadded 2025/07/29 12:0 a.m.4 views

CVE-2025-51044

phpgurukul Nipah virus NiV Testing Management System 1.0 contains a SQL injection vulnerability in the /new-user-testing.php file, due to insufficient validation of user input for the " govtissuedid" parameter...

7.4AI score0.00208EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/07/14 12:5 p.m.2 views

Malicious code in ngf-gov-hr-navbar (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 85f2baa5c5673490af93199349e0ef54f7c581115b1fa83d6df2c9e18430e031 The OpenSSF Package Analysis project identified 'ngf-gov-hr-navbar' @...

6.9AI score
Exploits0
OSV
OSVadded 2025/07/14 12:5 p.m.1 views

MAL-2025-5844 Malicious code in ngf-gov-hr-navbar (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 85f2baa5c5673490af93199349e0ef54f7c581115b1fa83d6df2c9e18430e031 The OpenSSF Package Analysis project identified 'ngf-gov-hr-navbar' @...

7.1AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/23 5:36 a.m.6 views

CVE-2023-44689

e-Gov Client Application Windows version versions prior to 2.1.1.0 and e-Gov Client Application macOS version versions prior to 1.1.1.0 are vulnerable to improper authorization in handler for custom URL scheme. A crafted URL may direct the product to access an arbitrary website. As a result, the...

4.3CVSS6.9AI score0.00056EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 9:35 p.m.5 views

CVE-2021-43269

In Code42 app before 8.8.0, eval injection allows an attacker to change a device’s proxy configuration to use a malicious proxy auto-config PAC file, leading to arbitrary code execution. This affects Incydr Basic, Advanced, and Gov F1; CrashPlan Cloud; and CrashPlan for Small Business. Incydr...

8.8CVSS7.9AI score0.01143EPSS
Exploits0
OSV
OSVadded 2025/04/23 3:47 p.m.2 views

MAL-2025-3385 Malicious code in code-nasa-gov (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/04/23 3:47 p.m.2 views

Malicious code in code-nasa-gov (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Rows per page
Query Builder