CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

GithubExploit•added 2 days ago•39 views

Exploit for Improper Input Validation in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

No d...

10CVSS7AI score0.94358EPSS

Exploits341

EUVD•added 2 days ago•4 views

EUVD-2025-210048

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mojoomla School Management allows SQL Injection. This issue affects School Management: from n/a through 93.2.0...

7.6CVSS5.8AI score0.00027EPSS

NVD•added 3 days ago•8 views

CVE-2026-8035

Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux...

7.1CVSS0.00013EPSS

NVD•added 3 days ago•5 views

CVE-2019-25723

Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal...

6.3CVSS0.00043EPSS

CVE•added 3 days ago•11 views

CVE-2021-4479

Dräger Atlan A350 vulnerable software versions 1.00–1.01 due to improper input handling in the Medibus interface. An attacker can send crafted non‑Medibus‑compliant data to trigger a denial of service by overloading the internal processor, potentially causing device operation disruption over seve...

6.3CVSS5.8AI score0.00043EPSS

Vulnrichment•added 3 days ago•4 views

CVE-2026-8036 Local privilege escalation in NI-PAL

8.4CVSS5.9AI score0.00018EPSS

Cvelist•added 3 days ago•24 views

CVE-2026-8036 Local privilege escalation in NI-PAL

8.4CVSS0.00018EPSS

Vulnrichment•added 3 days ago•5 views

CVE-2026-7195 CWE-20: Improper Input Validation in web services in Progress Sitefinity

CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote unauthenticated attacker to...

8.8CVSS5.8AI score0.00053EPSS

EUVD•added 3 days ago•5 views

EUVD-2026-33910

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ahmad WP Job Portal allows Reflected XSS. This issue affects WP Job Portal: from n/a through 2.5.1...

EUVD•added 3 days ago•5 views

EUVD-2025-210033

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UnboundStudio Accordion FAQ allows Reflected XSS. This issue affects Accordion FAQ: from n/a through 2.2.1...

EUVD•added 3 days ago•8 views

EUVD-2026-33848

Memory corruption while processing fastboot commands with improperly formatted input...

7.2CVSS5.8AI score0.00019EPSS

Positive Technologies•added 3 days ago•7 views

PT-2026-45759

8.8CVSS5.8AI score0.00053EPSS

Positive Technologies•added 3 days ago•6 views

PT-2026-45849

8.4CVSS5.9AI score0.00018EPSS

Exploits0References4

Vulnrichment•added 4 days ago•7 views

CVE-2026-0051

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00106EPSS

NVD•added 4 days ago•8 views

CVE-2026-42678

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Liquid Web / StellarWP GiveWP allows DOM-Based XSS. This issue affects GiveWP: from n/a through 4.14.5...

7.1CVSS0.00033EPSS

Cvelist•added 4 days ago•24 views

CVE-2026-42678 WordPress GiveWP plugin <= 4.14.5 - Cross Site Scripting (XSS) vulnerability

7.1CVSS0.00033EPSS

EUVD•added 4 days ago•8 views

EUVD-2026-33684

Cvelist•added 4 days ago•23 views

CVE-2026-42683 WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.8...

7.1CVSS0.00033EPSS

EUVD•added 4 days ago•8 views

EUVD-2026-33652

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VeronaLabs WP Statistics allows DOM-Based XSS. This issue affects WP Statistics: from n/a through 14.16.6...