CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

221 matches found

CVE-2026-49077

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tips and Tricks HQ WP eMember allows Retrieve Embedded Sensitive Data. This issue affects WP eMember: from n/a through v10.2.2...

5.3CVSS

Exploits0References1

NVD•added 2026/05/04 3:16 a.m.•7 views

CVE-2026-7723

A flaw has been found in PrefectHQ prefect up to 3.6.13. Affected is an unknown function of the file /api/events/in of the component WebSocket Endpoint. Executing a manipulation can lead to missing authentication. The attack may be performed from remote. The exploit has been published and may be...

7.5CVSS0.00135EPSS

Exploits0References8

IBM Security Bulletins•added 2026/04/27 6:31 a.m.•3 views

Security Bulletin: Multiple security vulnerabilities related to Angular and JJWT have been fixed in IBM Informix HQ 3.2.2.

Summary IBM Informix HQ versions before 3.2.2 are affected by several security flaws in third-party components Angular and JJWT. These vulnerabilities have been fixed in IBM Informix HQ 3.2.2. Vulnerability Details CVEID:CVE-2026-27970 DESCRIPTION: Angular is a development platform for building...

8.5CVSS6.7AI score0.00391EPSS

Exploits2Affected Software1

Vulnrichment•added 2026/04/20 9:45 a.m.•1 views

CVE-2026-6626 Cockpit-HQ Cockpit Asset Handler/Aggregate data query logic injection

A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The manipulation results in improper neutralization of special elements in data query logic. It is possible to launch the attack...

6.5CVSS5.4AI score0.00078EPSS

Exploits0References4

CVE•added 2026/04/20 9:45 a.m.•4 views

CVE-2026-6626

Technical details are not publicly provided in the supplied documents. The CVE affects Cockpit-HQ Cockpit up to 2.13.5 (Asset Handler/Aggregate Handler data query logic); remote exploit claimed. Monitor for updates.

6.5CVSS6.2AI score0.00078EPSS

Exploits0References4

Cvelist•added 2026/04/20 9:45 a.m.•30 views

CVE-2026-6626 Cockpit-HQ Cockpit Asset Handler/Aggregate data query logic injection

6.5CVSS0.00078EPSS

Exploits0References4

OSV•added 2026/04/08 3:8 p.m.•0 views

MINI-R5R6-92HQ-2R3R

Bulletin has no description...

5.7AI score

Exploits0

RedhatCVE•added 2026/03/26 3:7 p.m.•1 views

CVE-2026-28070

Missing Authorization vulnerability in Tips and Tricks HQ WP eMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP eMember: from n/a through v10.2.2...

5.3CVSS5.2AI score0.00014EPSS

Exploits0References1

EUVD•added 2026/03/19 6:30 a.m.•1 views

EUVD-2026-13049

Missing Authorization vulnerability in Tips and Tricks HQ WP eMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP eMember: from n/a through v10.2.2...

5.3CVSS5.8AI score0.00014EPSS

Exploits0References2

NVD•added 2026/03/19 6:16 a.m.•1 views

CVE-2026-28070

Missing Authorization vulnerability in Tips and Tricks HQ WP eMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP eMember: from n/a through v10.2.2...

5.3CVSS0.00014EPSS

Exploits0References1

Vulnrichment•added 2026/03/19 5:20 a.m.•1 views

CVE-2026-28070 WordPress WP eMember plugin <= v10.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tips and Tricks HQ WP eMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP eMember: from n/a through v10.2.2...

5.3CVSS5.8AI score0.00014EPSS

Exploits0References1

ATTACKERKB•added 2026/03/19 5:18 a.m.•1 views

CVE-2026-28073

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tips and Tricks HQ WP eMember allows Reflected XSS.This issue affects WP eMember: from n/a through v10.2.2...

7.1CVSS5.8AI score0.00045EPSS

Exploits0References2

OSV•added 2026/01/29 12:42 a.m.•1 views

CGA-3R43-HQ4X-HV47

Bulletin has no description...

4.9CVSS6.6AI score0.00389EPSS

Exploits0

Positive Technologies•added 2026/01/21 12:0 a.m.•2 views

PT-2026-3800

Digital Crime Report Management System 1.0 contains a critical SQL injection vulnerability affecting multiple login pages that allows unauthenticated attackers to bypass authentication. Attackers can exploit the vulnerability by sending crafted SQL injection payloads in email and password...

8.8CVSS5.9AI score0.00122EPSS

Exploits0References5

RedhatCVE•added 2026/01/09 9:26 a.m.•2 views

CVE-2023-4422

Cross-site Scripting XSS - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.3...

6.8CVSS5.9AI score0.00175EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:57 a.m.•4 views

CVE-2023-4433

Cross-site Scripting XSS - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4...

8.3CVSS5.9AI score0.00254EPSS

Exploits1References1