Lucene search
+L

6547 matches found

Cvelist
Cvelist
added yesterday18 views

CVE-2026-15091 Multiple Vulnerabilities in IBM Engineering AI hub.

IBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to execute arbitrary scripts due to improper neutralization of input during web page generation...

9.3CVSS
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-45261

IBM Engineering AI Hub 1.0.0, 1.1.0, and 1.2.0 could allow a remote attacker to execute arbitrary scripts due to improper neutralization of input during web page generation...

9.3CVSS5.3AI score
Exploits0References1
EUVD
EUVD
added yesterday7 views

EUVD-2026-45201

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Gis Informatics Engineering Consulting Laboratory R&D and Software Services Inc. GisLab Laboratory Management System allows SQL Injection. This issue affects GisLab Laboratory Management System: fr...

9.8CVSS5.6AI score
Exploits0References1
NVD
NVD
added 2 days ago6 views

CVE-2026-58643

Improper neutralization of input during web page generation 'cross-site scripting' in Windows Admin Center allows an unauthorized attacker to perform spoofing over a network...

6.1CVSS0.0024EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2 days ago42 views

Microsoft SharePoint Server Spoofing Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

4.6CVSS6.1AI score0.00227EPSS
Exploits0
NVD
NVD
added 4 days ago6 views

CVE-2026-55034

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

8.7CVSS0.00718EPSS
Exploits0References1
NVD
NVD
added 4 days ago4 views

CVE-2026-55016

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS0.00335EPSS
Exploits0References1
NVD
NVD
added 4 days ago5 views

CVE-2026-58647

Improper neutralization of input during web page generation 'cross-site scripting' in Power BI allows an authorized attacker to perform spoofing over a network...

8CVSS0.00348EPSS
Exploits0References1
CVE
CVE
added 4 days ago11 views

CVE-2026-58647

CVE-2026-58647 affects Microsoft Power BI Power BI Report Server. The issue is an improper neutralization of input during web page generation, enabling cross-site scripting. Attackers must be authorized, require user interaction, and can exploit over the network to perform spoofing with high impa...

8CVSS6.1AI score0.00348EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 4 days ago6 views

Microsoft PowerBI Report Server Spoofing Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Power BI allows an authorized attacker to perform spoofing over a network...

8CVSS6.1AI score0.00348EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 4 days ago13 views

Active Directory Federation Server Spoofing Vulnerability

Improper neutralization of input during web page generation 'cross-site scripting' in Active Directory Federation Services AD FS allows an authorized attacker to perform spoofing over a network...

4.8CVSS6.1AI score0.0038EPSS
Exploits0
Positive Technologies
Positive Technologies
added 4 days ago10 views

PT-2026-58504

Name of the Vulnerable Software and Affected Versions Active Directory Federation Services affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to perform spoofing over a network...

4.8CVSS6AI score0.0038EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 4 days ago8 views

PT-2026-58539

Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Improper neutralization of input during web page generation leads to a cross-site scripting issue, which allows an authorized attacker to perform spoofing over a network...

8.7CVSS4.6AI score0.00718EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 4 days ago23 views

PT-2026-58525

Name of the Vulnerable Software and Affected Versions Microsoft Office SharePoint affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting, which allows an authorized attacker to perform spoofing over a network...

5.4CVSS6AI score0.00335EPSS
Exploits0References4
NVD
NVD
added 5 days ago9 views

CVE-2026-57780

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Plugin Envision Envision Page Builder envision-page-builder allows DOM-Based XSS.This issue affects Envision Page Builder: from n/a through = 0.22...

6.5CVSS0.00218EPSS
Exploits0References1
NVD
NVD
added 5 days ago6 views

CVE-2026-57732

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Opt-In Builder td-subscription allows DOM-Based XSS.This issue affects tagDiv Opt-In Builder: from n/a through = 1.7.4...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
added 5 days ago5 views

CVE-2026-57706

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Dokan, Inc. Dokan dokan-lite allows Reflected XSS.This issue affects Dokan: from n/a through = 5.0.6...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
added 5 days ago3 views

CVE-2026-57421

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CRM Perks CRM Perks Forms crm-perks-forms allows Reflected XSS.This issue affects CRM Perks Forms: from n/a through = 1.1.7...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
added 5 days ago3 views

CVE-2026-57423

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kofi Mokome Message Filter for Contact Form 7 cf7-message-filter allows Reflected XSS.This issue affects Message Filter for Contact Form 7: from n/a through = 1.6.3.8...

7.1CVSS0.0018EPSS
Exploits0References1
NVD
NVD
added 5 days ago3 views

CVE-2026-57693

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Spacetime Ad Inserter ad-inserter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ad Inserter: from n/a through = 2.8.11...

6.5CVSS0.00161EPSS
Exploits0References1
Rows per page
Query Builder