Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

21784 matches found

Positive Technologies
Positive Technologiesadded 2026/04/22 12:0 a.m.2 views

PT-2026-34328

A flaw was found in InstructLab. A local attacker could exploit a path traversal vulnerability in the chat session handler by manipulating the logs dir parameter. This allows the attacker to create new directories and write files to arbitrary locations on the system, potentially leading to...

7.1CVSS5.8AI score0.00016EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/04/22 12:0 a.m.1 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013759)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013759 advisory. In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedibufmunge The comedibufmunge function performs a modulo...

5.3AI score0.00063EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/04/22 12:0 a.m.3 views

PT-2026-34586

A vulnerability was determined in ericc-ch copilot-api up to 0.7.0. This impacts an unknown function of the file /token of the component Header Handler. Executing a manipulation of the argument Host can lead to reliance on reverse dns resolution. The attack may be performed from remote. The explo...

5.3CVSS5.3AI score0.00011EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2026/04/22 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013700)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013700 advisory. In the Linux kernel, the following vulnerability has been resolved: media: ov5675: Fix memleak in ov5675initcontrols There is a kmemleak when testing the...

5.7AI score0.00029EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/04/21 11:49 p.m.1 views

CVE-2026-41135 free5GC PCF: Memory Leak via CORS Middleware Registration in HTTP Handler Leads to Denial of Service

free5GC UDR is the Policy Control Function PCF for free5GC, an an open-source project for 5th generation 5G mobile core networks. A memory leak vulnerability in versions prior to 1.4.3 allows any unauthenticated attacker with network access to the PCF SBI interface to cause uncontrolled memory...

7.5CVSS5.7AI score0.00048EPSS
Exploits1References2
EUVD
EUVDadded 2026/04/21 9:31 p.m.4 views

EUVD-2026-24243

A vulnerability was determined in Bagisto up to 2.3.15. Affected by this vulnerability is an unknown functionality of the component Custom Scripts Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may...

5.1CVSS4.4AI score0.00034EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2026/04/21 9:31 p.m.7 views

Bagisto affected by Server-Side Request Forgery

A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted...

6.5CVSS6.2AI score0.00043EPSS
Exploits0References6Affected Software1
OSV
OSVadded 2026/04/21 9:31 p.m.0 views

GHSA-65FP-7G2V-658R Bagisto affected by Cross-site Scripting

A vulnerability was determined in Bagisto up to 2.3.15. Affected by this vulnerability is an unknown functionality of the component Custom Scripts Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may...

5.1CVSS4.4AI score0.00034EPSS
Exploits0References6
EUVD
EUVDadded 2026/04/21 9:31 p.m.3 views

EUVD-2026-24241

A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted...

6.5CVSS5.3AI score0.00043EPSS
Exploits0References5
OSV
OSVadded 2026/04/21 9:31 p.m.3 views

GHSA-X3F9-VCP2-HGCW Bagisto affected by Server-Side Request Forgery

A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted...

6.3CVSS6.2AI score0.00043EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2026/04/21 9:31 p.m.5 views

Bagisto affected by Cross-site Scripting

A vulnerability was determined in Bagisto up to 2.3.15. Affected by this vulnerability is an unknown functionality of the component Custom Scripts Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may...

5.1CVSS4.4AI score0.00034EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/04/21 8:30 p.m.1 views

CVE-2026-6796

A vulnerability was determined in Sanluan PublicCMS up to 6.202506.d. Affected is the function loglogin of the file core/src/main/java/com/publiccms/controller/admin/LoginAdminController.java of the component Failed Login Handler. This manipulation of the argument errorPassword causes cleartext...

5.3CVSS5.5AI score0.00014EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/21 8:30 p.m.2 views

CVE-2026-6796 Sanluan PublicCMS Failed Login LoginAdminController.java log_login cleartext storage in file

A vulnerability was determined in Sanluan PublicCMS up to 6.202506.d. Affected is the function loglogin of the file core/src/main/java/com/publiccms/controller/admin/LoginAdminController.java of the component Failed Login Handler. This manipulation of the argument errorPassword causes cleartext...

5.3CVSS5.5AI score0.00014EPSS
Exploits0References3
CVE
CVEadded 2026/04/21 8:30 p.m.5 views

CVE-2026-6796

Sanluan PublicCMS (up to 6.202506.d) is affected by CVE-2026-6796 via the Failed Login Handler component, specifically the log_login function in core/src/main/java/com/publiccms/controller/admin/LoginAdminController.java. The vulnerability arises from manipulation of the argument errorPassword, l...

5.3CVSS5.5AI score0.00014EPSS
Exploits0References3
NVD
NVDadded 2026/04/21 7:16 p.m.2 views

CVE-2026-6745

A vulnerability was determined in Bagisto up to 2.3.15. Affected by this vulnerability is an unknown functionality of the component Custom Scripts Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may...

5.1CVSS0.00034EPSS
Exploits0References4
NVD
NVDadded 2026/04/21 7:16 p.m.1 views

CVE-2026-6744

A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted...

6.5CVSS0.00043EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/21 6:30 p.m.27 views

CVE-2026-6745 Bagisto Custom Scripts cross site scripting

A vulnerability was determined in Bagisto up to 2.3.15. Affected by this vulnerability is an unknown functionality of the component Custom Scripts Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may...

5.1CVSS0.00034EPSS
Exploits0References4
CVE
CVEadded 2026/04/21 6:0 p.m.6 views

CVE-2026-6744

Bagisto (up to 2.3.15) contains a vulnerability in the Copy function of the Downloadable Link Handler that enables server-side request forgery (SSRF). The issue is exploitable remotely and has publicly available exploits; vendor notes that issues are addressed via a security advisory and plans fi...

6.5CVSS6.1AI score0.00043EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/04/21 6:0 p.m.0 views

CVE-2026-6744 Bagisto Downloadable Link copy server-side request forgery

A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted...

6.5CVSS6.1AI score0.00043EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/21 6:0 p.m.28 views

CVE-2026-6744 Bagisto Downloadable Link copy server-side request forgery

A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted...

6.5CVSS0.00043EPSS
Exploits0References4
Rows per page
Query Builder