CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

143 matches found

NVD•added 2026/03/18 9:16 p.m.•1 views

CVE-2026-25873

OmniGen2-RL contains an unauthenticated remote code execution vulnerability in the reward server component that allows remote attackers to execute arbitrary commands by sending malicious HTTP POST requests. Attackers can exploit insecure pickle deserialization of request bodies to achieve code...

9.8CVSS0.00125EPSS

Exploits0References7

ATTACKERKB•added 2026/03/18 7:33 a.m.•3 views

CVE-2026-22317

A command injection vulnerability in the device’s Root CA certificate transfer workflow allows a high-privileged attacker to send crafted HTTP POST requests that result in arbitrary command execution on the underlying Linux OS with root privileges...

7.2CVSS6.1AI score0.00031EPSS

Exploits0References2

Cvelist•added 2026/03/18 7:33 a.m.•28 views

CVE-2026-22317 Command Injection Vulnerability in Root CA Certificate Transfer Workflow

7.2CVSS0.00031EPSS

Exploits0References1

Snyk•added 2026/02/03 10:4 p.m.•2 views

Prototype Pollution

Overview @builder.io/qwik-city is a The meta-framework for Qwik. Affected versions of this package are vulnerable to Prototype Pollution via the formToObj function, which processes form field names with dot notation but does not properly sanitize dangerous property names. An attacker can modify t...

10CVSS6.7AI score0.00074EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 12:40 p.m.•6 views

CVE-2023-43847

Incorrect access control in the outlet control function of web interface in Aten PE6208 2.3.228 and 2.4.232 allows remote authenticated users to control all the outlets as if they were the administrator via HTTP POST requests...

5.3CVSS6.7AI score0.00546EPSS

Exploits1References1