Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

151 matches found

IBM Security Bulletins
IBM Security Bulletinsadded 2026/05/29 8:45 a.m.9 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses uuid-7.0.3.tgz which is vulnerable to CVE-2026-41988

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses uuid-7.0.3.tgz which is vulnerable to CVE-2026-41988.This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before 14.0.0 can make unexpected...

3.2CVSS5.8AI score0.00138EPSS
Exploits0Affected Software1
NVD
NVDadded 2026/05/12 11:16 p.m.11 views

CVE-2026-42158

Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, an adversary with knowledge of an investigation ID, could update the metadata of an investigation of another user. This vulnerability is fixed in 1.2.3...

2.3CVSS0.0017EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/02/26 10:36 p.m.22 views

CVE-2026-28216 hoppscotch has IDOR in updateUserEnvironment / deleteUserEnvironment

hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, any logged-in user can read, modify or delete another user's personal environment by ID. user-environments.resolver.ts:82-109, updateUserEnvironment mutation uses @UseGuardsGqlAuthGuard but is missing the @GqlUser...

8.3CVSS0.00394EPSS
Exploits1References2
CNNVD
CNNVDadded 2026/02/22 12:0 a.m.6 views

WebIncorp ERP SQL注入漏洞

WebIncorp ERP is an enterprise resource planning system developed by WebIncorp Corporation. WebIncorp ERP has a SQL injection vulnerability, which stems from the prodid parameter being susceptible to SQL injections. This vulnerability could allow unverified attackers to manipulate database querie...

8.8CVSS5.9AI score0.00232EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/01/07 9:34 a.m.5 views

CVE-2019-7852

A path disclosure vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Requests for a specific file path could result in a redirect to the URL of the Magento admin panel, disclosing its location to potentially unauthorized parties...

5.3CVSS6.6AI score0.00928EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/07 9:18 a.m.12 views

CVE-2025-1955

A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Scheduling/scheduling/pages/profile.php. The manipulation of the argument username leads to cross site...

5.4CVSS6.3AI score0.0033EPSS
Exploits1References1
EUVD
EUVDadded 2025/11/12 6:31 p.m.5 views

EUVD-2025-131925

A vulnerability in FiberHome GPON ONU HG6145F1 RP4423 allows the device's factory default Wi-Fi password WPA/WPA2 pre-shared key to be predicted from the SSID. The device generates default passwords using a deterministic algorithm that derives the router passphrase from the SSID, enabling an...

6.6AI score0.01168EPSS
Exploits3References3
OSV
OSVadded 2025/11/09 8:15 a.m.2 views

CVE-2025-12918

A security flaw has been discovered in yungifez Skuul School Management System up to 2.6.5. The impacted element is an unknown function of the file /dashboard/fees/fee-invoices/ of the component View Fee Invoice. Performing manipulation of the argument invoiceid results in improper control of...

5.3CVSS5.2AI score0.00327EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-27939

Malware in sbrugna...

4.3CVSS7AI score0.01299EPSS
Exploits0References16
RedhatCVE
RedhatCVEadded 2025/08/08 9:32 p.m.6 views

CVE-2025-7770

Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. The session IDs are generated using a predictable method based on the current timestamp, allowing attackers to recreate valid session IDs. When combined with the ability to circumvent session ID...

8.7CVSS6.7AI score0.00466EPSS
Exploits0References1
Circl
Circladded 2025/08/06 3:0 a.m.4 views

CVE-2025-8612

creationtimestamp| type| source ---|---|--- 2025-08-06 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-806/...

7.3CVSS7.1AI score0.00179EPSS
Exploits0References1
Circl
Circladded 2025/08/05 3:0 a.m.4 views

CVE-2025-8629

creationtimestamp| type| source ---|---|--- 2025-08-05 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-777/...

6.8CVSS6.6AI score0.00964EPSS
Exploits0References1
Circl
Circladded 2025/07/29 1:10 a.m.4 views

CVE-2025-54766

creationtimestamp| type| source ---|---|--- 2025-07-29 01:10:33+00:00| seen| https://bsky.app/profile/jimbecher.bsky.social/post/3lv2wdmsm4s2k...

5.3CVSS6.5AI score0.06454EPSS
Exploits2References1
Circl
Circladded 2025/07/21 7:7 a.m.16 views

CVE-2024-10031

creationtimestamp| type| source ---|---|--- 2025-07-21 07:07:46+00:00| seen| https://poliverso.org/objects/0477a01e-e25d1f2b-32702de2beb9d6c0...

5.8CVSS4.8AI score0.00161EPSS
Exploits0References1
Circl
Circladded 2025/07/20 8:25 p.m.12 views

CVE-2025-48965

creationtimestamp| type| source ---|---|--- 2025-07-20 20:25:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lugcpeou3n2t...

7.5CVSS7.3AI score0.00461EPSS
Exploits0References1
Circl
Circladded 2025/07/20 7:16 a.m.12 views

CVE-2025-7864

creationtimestamp| type| source ---|---|--- 2025-07-20 07:16:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3luewlbjema2i...

6.5CVSS6.3AI score0.00303EPSS
Exploits1References1
Circl
Circladded 2025/07/20 3:1 a.m.14 views

CVE-2025-7858

creationtimestamp| type| source ---|---|--- 2025-07-20 03:01:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lueicuxicd2t...

5.4CVSS7.3AI score0.00234EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/07/17 11:34 a.m.2 views

CVE-2025-53032

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 9.0.0-9.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks ...

4.9CVSS5.9AI score0.00485EPSS
Exploits0References4
Cvelist
Cvelistadded 2025/07/15 7:27 p.m.4 views

CVE-2025-50100

...

2.2CVSS0.00358EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/07/15 7:27 p.m.5 views

CVE-2025-50072

...

4CVSS0.00157EPSS
Exploits0References1
Rows per page
Query Builder