CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2154 matches found

CVE•added 2026/04/05 8:45 p.m.•2 views

CVE-2019-25687

Pegasus CMS 1.0 is affected by a remote code execution vulnerability in the extra_fields.php plugin. The flaw arises from unsafe eval usage, allowing unauthenticated attackers to send malicious PHP code via the action parameter in POST requests to submit.php, achieving code execution and an inter...

9.8CVSS6.7AI score0.01416EPSS

Exploits1References3Affected Software1

Fedora•added 2026/04/05 12:55 a.m.•5 views

[SECURITY] Fedora 43 Update: mapserver-8.4.1-3.fc43

MapServer is an Open Source platform for publishing spatial data and interactive mapping applications to the web...

7.5CVSS5.9AI score0.00647EPSS

Exploits1

GithubExploit•added 2026/03/27 11:0 a.m.•114 views

msfpro

msfpro 🔥 Lightweight Web Exploitation Framework for Bug Bou...

6AI score

Exploits0

RedhatCVE•added 2026/03/26 3:1 p.m.•3 views

CVE-2026-32005

OpenClaw versions prior to 2026.2.25 fail to enforce sender authorization checks for interactive callbacks including blockaction, viewsubmission, and viewclosed in shared workspace deployments. Unauthorized workspace members can bypass allowFrom restrictions and channel user allowlists to enqueue...

8.1CVSS5.8AI score0.00283EPSS

Exploits0References1

GithubExploit•added 2026/03/26 12:52 p.m.•173 views

Exploit for Argument Injection in Gnu Inetutils

Telnet Vulnerability Scanner CVE-2026-24061 & CVE-2026-32746...

9.8CVSS7.8AI score0.98871EPSS

Exploits66

CNVD•added 2026/03/26 12:0 a.m.•1 views

OpenClaw Security Bypass Vulnerability (CNVD-2026-16055)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to cause bypassing of interactive approval prompts...

5.4CVSS5.9AI score0.00257EPSS

Exploits0

NVD•added 2026/03/25 5:16 p.m.•0 views

CVE-2026-23806

Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...

7.5CVSS0.00353EPSS

Exploits0References1

Cvelist•added 2026/03/25 4:14 p.m.•21 views

CVE-2026-23806 WordPress Jobs for WordPress plugin <= 2.8 - Broken Access Control vulnerability

7.5CVSS0.00353EPSS

Exploits0References1

GithubExploit•added 2026/03/25 9:19 a.m.•110 views

Ja4Scanner

Ja4Scanner — Bug Bounty Hunter's Toolkit A Python CLI tool fo...

5.8AI score

Exploits0

RedhatCVE•added 2026/03/24 9:31 a.m.•3 views

CVE-2026-32942

A flaw was found in PJSIP, a multimedia communication library. A remote attacker could exploit a heap use-after-free vulnerability in the Interactive Connectivity Establishment ICE session. This occurs due to race conditions between session destruction and callbacks, potentially allowing for...

9.3CVSS6.5AI score0.00319EPSS

Exploits0References2

CNVD•added 2026/03/24 12:0 a.m.•2 views

OpenClaw has an unspecified vulnerability (CNVD-2026-14838)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that stems from a failure to enforce sender authorization checks on interactive callbacks in shared workspace deployments, which can be exploited by an attacker to cause...

8.1CVSS5.9AI score0.00283EPSS

Exploits0References1

Positive Technologies•added 2026/03/21 12:0 a.m.•2 views

PT-2026-26747

OpenClaw versions prior to 2026.2.23 contain an authorization bypass vulnerability in the ACP client that auto-approves tool calls based on untrusted toolCall.kind metadata and permissive name heuristics. Attackers can bypass interactive approval prompts for read-class operations by spoofing tool...

5.4CVSS5.8AI score0.00257EPSS

Exploits0References5