CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/03/18 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-27977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. Starting in version 16.0.1 and prior to version 16.1.7, in next dev, cross-site protectio...

5.4CVSS5.7AI score0.00006EPSS

Exploits1References2

ATTACKERKB•added 2026/03/17 11:56 p.m.•4 views

CVE-2026-27977

Next.js is a React framework for building full-stack web applications. Starting in version 16.0.1 and prior to version 16.1.7, in next dev, cross-site protection for internal websocket endpoints could treat Origin: null as a bypass case even if allowedDevOrigins is configured, allowing...

2.3CVSS5.6AI score0.00006EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2026/03/17 11:56 p.m.•4 views

CVE-2026-27977 Next.js: null origin can bypass dev HMR websocket CSRF checks

2.3CVSS5.6AI score0.00006EPSS

Exploits1References3

Cvelist•added 2026/03/17 11:56 p.m.•32 views

CVE-2026-27977 Next.js: null origin can bypass dev HMR websocket CSRF checks

2.3CVSS0.00006EPSS

Exploits1References3

CVE•added 2026/03/17 11:56 p.m.•13 views

CVE-2026-27977

CVE-2026-27977 affects the Next.js development server. The vulnerability lies in the Next.js dev mode where cross-site protection for internal HMR websocket endpoints could treat Origin: null as a permitted bypass even when allowedDevOrigins is configured, allowing privacy-sensitive contexts (e.g...

5.4CVSS5.6AI score0.00006EPSS

Exploits1References3Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-0849

Malware in sbrugna...

7.5CVSS7.6AI score0.003EPSS

Exploits1References7

Openbugbounty•added 2024/03/06 11:3 p.m.•5 views

hmr-gmbh.nl Improper Access Control vulnerability OBB-3867010

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Openbugbounty•added 2024/02/25 9:31 a.m.•7 views

hmr-gmbh.net Improper Access Control vulnerability OBB-3858284

Openbugbounty•added 2023/12/28 8:8 p.m.•3 views

hmr-gmbh.fr Improper Access Control vulnerability OBB-3824621

Openbugbounty•added 2023/12/25 3:47 a.m.•4 views

hmr-gmbh.dk Improper Access Control vulnerability OBB-3822260

Openbugbounty•added 2023/08/04 3:15 a.m.•7 views

hmr-gmbh.com Cross Site Scripting vulnerability OBB-3567290

6.1AI score

Openbugbounty•added 2023/01/08 3:46 p.m.•8 views

hmr-gmbh.com Cross Site Scripting vulnerability OBB-3134219

Openbugbounty•added 2022/03/30 9:29 p.m.•10 views

test-php7.hmr-gmbh.com Cross Site Scripting vulnerability OBB-2456410

Openbugbounty•added 2020/09/27 5:8 p.m.•14 views

hmr-gmbh.net Cross Site Scripting vulnerability OBB-1369386

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Openbugbounty•added 2020/09/24 4:30 p.m.•9 views

hmr-gmbh.net Cross Site Scripting vulnerability OBB-1363009

Openbugbounty•added 2020/09/24 1:39 p.m.•5 views

hmr-gmbh.com Cross Site Scripting vulnerability OBB-1362436