CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

173781 matches found

NVD•added 2026/06/09 9:17 p.m.•5 views

CVE-2026-47931

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed...

9.9CVSS0.00634EPSS

Exploits0References1

NVD•added 2026/06/09 9:17 p.m.•7 views

CVE-2026-47928

10CVSS0.08871EPSS

Exploits0References1

NVD•added 2026/06/09 9:17 p.m.•9 views

CVE-2026-47930

ColdFusion versions 2023.19, 2025.8 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access...

8.1CVSS0.0039EPSS

Exploits0References1

NVD•added 2026/06/09 9:17 p.m.•6 views

CVE-2026-34416

OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious input through the project request parameter. Attackers can craft a malicious URL containing unsanitized input that...

6.1CVSS0.00199EPSS

Exploits0References2

CVE•added 2026/06/09 9:2 p.m.•11 views

CVE-2026-34417

OSCAL-GUI contains a reflected XSS vulnerability in oscal-forms.php. An unauthenticated attacker can inject content via the project_request parameter, which is URL-decoded and assigned to project_id in oscal-functions.php. If the provided project ID isn’t found, the unsanitized value is concatena...

6.1CVSS5.6AI score0.00168EPSS

Exploits0References2

RedhatCVE•added 2026/06/09 8:59 p.m.•6 views

CVE-2026-11552

A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management and Examination System 1.0. Affected by this issue is some unknown functionality of the file importusers.php. The manipulation of the argument rawpassword with...

6.9CVSS5.6AI score0.00286EPSS

Exploits0References1

CVE•added 2026/06/09 8:33 p.m.•21 views

CVE-2026-47928

CVE-2026-47928 affects ColdFusion versions 2023.19, 2025.8 and earlier. The issue is an Improper Input Validation vulnerability that could allow arbitrary code execution in the context of the current user . Exploitation is possible without user interaction, and the document set notes a scope chan...

10CVSS6.2AI score0.08871EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/06/09 8:33 p.m.•4 views

CVE-2026-47928 ColdFusion | Improper Input Validation (CWE-20)

9.6CVSS6.2AI score0.08871EPSS

Exploits0References1

Cvelist•added 2026/06/09 8:33 p.m.•32 views

CVE-2026-47928 ColdFusion | Improper Input Validation (CWE-20)

9.6CVSS0.08871EPSS

Exploits0References1

EUVD•added 2026/06/09 8:33 p.m.•6 views

EUVD-2026-35830

9.6CVSS6.2AI score0.08871EPSS

Exploits0References1

Vulnrichment•added 2026/06/09 8:33 p.m.•6 views

CVE-2026-47931 ColdFusion | Improper Input Validation (CWE-20)

8.4CVSS6.2AI score0.00634EPSS

Exploits0References1

CVE•added 2026/06/09 8:33 p.m.•11 views

CVE-2026-47931

This CVE affects Adobe ColdFusion versions 2023.19, 2025.8 and earlier. It is caused by improper input validation that could allow arbitrary code execution in the context of the current user, with exploitation not requiring user interaction. The connected advisories indicate updates have been rel...

9.9CVSS6.2AI score0.00634EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/06/09 8:33 p.m.•32 views

CVE-2026-47931 ColdFusion | Improper Input Validation (CWE-20)

8.4CVSS0.00634EPSS

Exploits0References1

EUVD•added 2026/06/09 8:33 p.m.•10 views

EUVD-2026-35829

8.4CVSS6.2AI score0.00634EPSS

Exploits0References1

CVE•added 2026/06/09 8:33 p.m.•11 views

CVE-2026-47930

CVE-2026-47930 affects ColdFusion versions 2023.19, 2025.8 and earlier. The issue is an Improper Input Validation vulnerability that allows a low-privileged attacker to bypass security measures and gain unauthorized read and write access, with exploitation not requiring user interaction. The CVSS...

8.1CVSS5.5AI score0.0039EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/06/09 8:33 p.m.•4 views

CVE-2026-47930 ColdFusion | Improper Input Validation (CWE-20)

8.1CVSS5.5AI score0.0039EPSS

Exploits0References1

Cvelist•added 2026/06/09 8:33 p.m.•33 views

CVE-2026-47930 ColdFusion | Improper Input Validation (CWE-20)

8.1CVSS0.0039EPSS

Exploits0References1

Github Security Blog•added 2026/06/09 8:31 p.m.•9 views

Net::IMAP: Command Injection via ID command argument

Summary Two Net::IMAP commands, id and enable, do not validate their arguments. Arguments to either command could be used by an attacker to inject arbitrary IMAP commands. Please note that passing untrusted inputs to these commands is usually inappropriate and expected to be uncommon. Details Whe...

5.6AI score0.0002EPSS

Exploits0References3Affected Software1

OSV•added 2026/06/09 8:31 p.m.•3 views

GHSA-46Q3-7GV7-QMGG Net::IMAP: Command Injection via ID command argument

5.8CVSS5.6AI score0.0002EPSS

Exploits0References3

NVD•added 2026/06/09 8:17 p.m.•8 views

CVE-2026-47909

Dreamweaver Desktop versions 21.7 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this...

6.3CVSS0.00148EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by