Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

NVD
NVDadded yesterday5 views

CVE-2026-44780

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, ReviewableQueuedPostSerializer unconditionally included payload"rawemail" for posts that arrived via incoming email...

4.3CVSS0.0003EPSS
Exploits0References1
EUVD
EUVDadded yesterday3 views

EUVD-2026-36584

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, ReviewableQueuedPostSerializer unconditionally included payload"rawemail" for posts that arrived via incoming email...

4.3CVSS5.2AI score0.0003EPSS
Exploits0References1
Snyk
Snykadded 2025/11/30 3:39 a.m.1 views

Cross-site Scripting (XSS)

Overview tryton-sao is a Tryton webclient Affected versions of this package are vulnerable to Cross-site Scripting XSS via the HTML element used to display the documents. An attacker can execute arbitrary JavaScript code in the context of the user's browser by uploading a crafted HTML file as an...

8.7CVSS5.3AI score0.00024EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/08/09 12:23 a.m.2 views

CVE-2025-54788

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. In versions and below, the InboundEmail module allows the arbitrary execution of queries in the backend database, leading to SQL injection. This can have wide-reaching implications on...

8.8CVSS7.6AI score0.00395EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/08/07 12:0 a.m.1 views

SuiteCRM SQL注入漏洞

SuiteCRM is a customer relationship management system from the SuiteCRM team. SuiteCRM suffers from a SQL injection vulnerability that stems from the InboundEmail module allowing arbitrary queries to be executed in the back-end database, which could lead to SQL injection...

8.8CVSS7.8AI score0.00395EPSS
Exploits0References2
OSV
OSVadded 2025/08/06 11:48 p.m.1 views

CVE-2025-54788 SuiteCRM: Authenticated Blind SQL Injection in InboundEmail module

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. In versions and below, the InboundEmail module allows the arbitrary execution of queries in the backend database, leading to SQL injection. This can have wide-reaching implications on...

8.8CVSS7.7AI score0.00395EPSS
Exploits0References4
Hacker One
Hacker Oneadded 2023/06/05 2:49 a.m.4 views

Basecamp: Spam & Clearance checks disabled with existing referenced Message-ID

A vulnerability in the inbound email processing allowed crafted emails to bypass spam filtering and The Screener when they appeared to be in reply to an existing thread...

5.6AI score
Exploits0
Rows per page
Query Builder