Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8843 matches found

Positive Technologies
Positive Technologiesadded 2026/03/05 12:0 a.m.5 views

PT-2026-23329

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Police Department police-department allows PHP Local File Inclusion.This issue affects Police Department: from n/a through = 2.17...

5.9AI score0.00403EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/03/05 12:0 a.m.6 views

PT-2026-23292

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Scientia scientia allows PHP Local File Inclusion.This issue affects Scientia: from n/a through = 1.2.4...

5.9AI score0.00403EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/03/05 12:0 a.m.4 views

PT-2026-23346

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Legrand legrand allows PHP Local File Inclusion.This issue affects Legrand: from n/a through = 2.17...

5.9AI score0.00403EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/03/05 12:0 a.m.4 views

PT-2026-23189

Name of the Vulnerable Software and Affected Versions LaunchandSell Tribe versions through 1.7.3 Description The software contains an Improper Control of Filename for Include/Require Statement issue, also known as a PHP Remote File Inclusion. This allows for PHP Local File Inclusion...

5.8AI score0.00519EPSS
Exploits0References3
Snyk
Snykadded 2026/03/03 7:57 p.m.1 views

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the $include directive in configuration file resolution. An attacker can access arbitrary files outside the intended directory by specifying absolute or traversal...

6.9CVSS6.2AI score0.00146EPSS
Exploits0References2
OSV
OSVadded 2026/03/03 7:57 p.m.3 views

GHSA-56PC-6HVP-4GV4 OpenClaw vulnerable to arbitrary file read via $include directive

Vulnerability Path traversal in config $include resolution allowed arbitrary local file reads outside the config directory boundary CWE-22. Attack Vectors 1. If an attacker can modify OpenClaw config, they can set $include to absolute paths for example /etc/passwd and read files accessible to the...

6.9CVSS6AI score0.00146EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2026/03/03 7:57 p.m.6 views

OpenClaw vulnerable to arbitrary file read via $include directive

Vulnerability Path traversal in config $include resolution allowed arbitrary local file reads outside the config directory boundary CWE-22. Attack Vectors 1. If an attacker can modify OpenClaw config, they can set $include to absolute paths for example /etc/passwd and read files accessible to the...

6.7CVSS6AI score0.00146EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologiesadded 2026/03/03 12:0 a.m.3 views

PT-2026-24671

Vulnerability Path traversal in config $include resolution allowed arbitrary local file reads outside the config directory boundary CWE-22. Attack Vectors 1. If an attacker can modify OpenClaw config, they can set $include to absolute paths for example /etc/passwd and read files accessible to the...

6.7CVSS5.8AI score0.00146EPSS
Exploits0References11
Github Security Blog
Github Security Blogadded 2026/03/02 9:26 p.m.9 views

Idno Vulnerable to Remote Code Execution via Chained Import File Write and Template Path Traversal

Affected Versions: Tested on current dev branch build fingerprint 505...7bd86 CVSS v4 Score: 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Privileges Required: Web application admin account for file write, any authenticated user for RCE trigger --- Summary Two separate...

8.6CVSS6.3AI score0.00673EPSS
Exploits1References4Affected Software1
GithubExploit
GithubExploitadded 2026/02/26 4:10 p.m.153 views

Exploit for CVE-2026-21627

CVE-2026-21627---Tassos-Novarai...

9.5CVSS5.5AI score0.00397EPSS
Exploits1
The Hacker News
The Hacker Newsadded 2026/02/23 7:41 p.m.9 views

APT28 Targeted European Entities Using Webhook-Based Macro Malware

The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign targeting specific entities in Western and Central Europe. The activity, per S2 Grupo's LAB52 threat intelligence team, was active between September 2025 and January 2026. It has been codenamed...

6AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/02/21 7:31 p.m.13 views

CVE-2025-69407

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Struktur struktur allows PHP Local File Inclusion.This issue affects Struktur: from n/a through = 2.5.1...

8.1CVSS5.5AI score0.00512EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/21 7:31 p.m.11 views

CVE-2025-69397

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Tint tint allows PHP Local File Inclusion.This issue affects Tint: from n/a through = 1.7...

8.1CVSS5.5AI score0.00512EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/21 7:31 p.m.4 views

CVE-2025-69410

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Edge-Themes Belletrist belletrist allows PHP Local File Inclusion.This issue affects Belletrist: from n/a through = 1.2...

8.1CVSS5.5AI score0.00512EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/21 7:31 p.m.2 views

CVE-2025-69399

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Cobble cobble allows PHP Local File Inclusion.This issue affects Cobble: from n/a through = 1.7...

8.1CVSS5.5AI score0.00512EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/21 7:30 p.m.4 views

CVE-2025-69395

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Gable gable allows PHP Local File Inclusion.This issue affects Gable: from n/a through = 1.5...

8.1CVSS5.5AI score0.00561EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/21 7:30 p.m.5 views

CVE-2025-69402

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX R rf allows PHP Local File Inclusion.This issue affects R: from n/a through = 1.5...

8.1CVSS5.5AI score0.00561EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/21 7:30 p.m.4 views

CVE-2025-69374

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SolverWp Eleblog – Elementor Blog And Magazine Addons ele-blog allows PHP Local File Inclusion.This issue affects Eleblog – Elementor Blog And Magazine Addons: from n/a through =...

8.1CVSS5.5AI score0.00549EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/21 7:30 p.m.6 views

CVE-2025-69409

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes PJ | Life & Business Coaching pj allows PHP Local File Inclusion.This issue affects PJ | Life & Business Coaching: from n/a through = 3.0.0...

8.1CVSS5.5AI score0.00512EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/02/21 7:30 p.m.4 views

CVE-2025-69383

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Agence web Eoxia - Montpellier WP shop wpshop allows PHP Local File Inclusion.This issue affects WP shop: from n/a through = 2.6.1...

7.5CVSS5.5AI score0.00339EPSS
Exploits0References1
Rows per page
Query Builder