Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-26084

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00092EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/07/22 12:0 a.m.7 views

CVE-2025-51862

Insecure Direct Object Reference IDOR vulnerability in TelegAI telegai.com thru 2025-05-26 in its chat component. An attacker can exploit this IDOR to tamper other users' conversation. Additionally, malicious contents and XSS payloads can be injected, leading to phishing attack, user spoofing and...

0.00181EPSS
Exploits1References1
wpexploit
wpexploitadded 2022/03/29 12:0 a.m.52 views

DW Question & Answer Pro <= 1.3.4 - Arbitrary Comment Edition via IDOR

The plugin does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments. Vendor was notified via Envato on September 28th, 2021, but did not properly fix the issue and was notified numerous times since. As any authenticated user, post a...

4.3CVSS0.7AI score0.00153EPSS
Exploits2
Hacker One
Hacker Oneadded 2020/03/31 2:5 a.m.25 views

Helium: Organization Takeover via invitation API

Hello @helium, today I would like to show you how a malicious user could exploit an IDOR affecting the /invitations resource to gain Administrator privileges inside an organization of which he's part of as a reader. Steps to reproduce the bug Setup Let's assume that three accounts exist: -...

0.5AI score
Exploits0
Rows per page
Query Builder