Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

NVD
NVDadded 2 days ago6 views

CVE-2026-49120

Medplum before 5.1.14 contains a server-side request forgery vulnerability in the subscription worker that allows authenticated users to perform unauthorized internal network requests by creating FHIR Subscription resources with arbitrary endpoint URLs. Attackers can point subscription endpoints ...

8.5CVSS0.00028EPSS
Exploits0References4
Fedora
Fedoraadded 2026/03/28 12:19 a.m.1 views

[SECURITY] Fedora 44 Update: rust-ambient-id-0.0.11-1.fc44

Detects ambient OIDC credentials in a variety of environments...

5.8AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/01/08 3:14 a.m.2 views

CVE-2025-47348

Memory corruption while processing identity credential operations in the trusted application...

7.8CVSS7.1AI score0.00022EPSS
Exploits0References1
NVD
NVDadded 2026/01/07 12:17 p.m.3 views

CVE-2025-47348

Memory corruption while processing identity credential operations in the trusted application...

7.8CVSS0.00022EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/01/06 12:0 a.m.1 views

PT-2026-1538

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description A memory corruption issue exists when handling identity credential operations within the trusted application. The issue can be triggered by specific operations related to identity credentials. Recommendations ...

7.8CVSS6.5AI score0.00022EPSS
Exploits0References5
The Hacker News
The Hacker Newsadded 2025/12/16 4:35 p.m.9 views

Compromised IAM Credentials Power a Large AWS Crypto Mining Campaign

An ongoing campaign has been observed targeting Amazon Web Services AWS customers using compromised Identity and Access Management IAM credentials to enable cryptocurrency mining. The activity, first detected by Amazon's GuardDuty managed threat detection service and its automated security...

7.2AI score
Exploits0
NVD
NVDadded 2025/11/13 8:15 p.m.2 views

CVE-2025-64709

Typebot is an open-source chatbot builder. In versions prior to 3.13.1, a Server-Side Request Forgery SSRF vulnerability in the Typebot webhook block HTTP Request component functionality allows authenticated users to make arbitrary HTTP requests from the server, including access to AWS Instance...

9.9CVSS0.00042EPSS
Exploits1References1
OSV
OSVadded 2025/06/06 2:15 a.m.0 views

CVE-2024-56343

IBM Verify Identity Access Digital Credentials 24.06 could allow an authenticated user to crash the service with a specially crafted POST request...

6.5CVSS5.8AI score
Exploits0References1
OSV
OSVadded 2024/02/26 4:27 p.m.19 views

CVE-2024-0455

The inclusion of the web scraper for AnythingLLM means that any user with the proper authorization level manager, admin, and when in single user could put in the URL http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance which is a special IP and URL th...

7.5CVSS7AI score
Exploits0References2
ThreatPost
ThreatPostadded 2019/09/10 6:50 p.m.115 views

ThreatList: Amidst Data Breaches, Account Creation Fraud Soars in 2019

The first half of 2019 saw a 13 percent increase in fraudulent activity compared to the previous six months, with a spike in June representing the highest-volume bot attack that’s been recorded since 2016, according to an analysis from LexisNexis Risk Solutions. The firm’s report, with data glean...

1.2AI score
Exploits0References6
Rows per page
Query Builder