CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

70 matches found

CNNVD•added 2026/05/26 12:0 a.m.•7 views

Snipe-IT 输入验证错误漏洞

Snipe-IT is a set of open-source IT asset/license management systems developed by Grokability. Versions of Snipe-IT prior to 8.4.1 contained a vulnerability related to input validation errors. This vulnerability stemmed from the unauthorized storage of HTTP Referer headers in session variables,...

7.1CVSS5.8AI score0.00013EPSS

Exploits0References3

GithubExploit•added 2026/04/16 2:37 p.m.•77 views

Exploit for CVE-2025-15602

CVE-2025-15602-PoC CVE-2025-15602-PoC is a proof of concept f...

8.8CVSS5.8AI score0.00029EPSS

Exploits1

IBM Security Bulletins•added 2026/03/02 12:25 p.m.•8 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationServer and IntegrationRuntime operands are vulnerable to denial of service (CVE-2026-2327)

Summary Node.js module markdown-it is used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container DesignerAuthoring, IntegrationServer and IntegrationRuntime operands are vulnerable to regular expression denial of service ReDoS. This bulletin provides...

7.5CVSS5.9AI score0.00021EPSS

Exploits0Affected Software1

NVD•added 2026/02/12 6:16 a.m.•3 views

CVE-2026-2327

Versions of the package markdown-it from 13.0.0 and before 14.1.1 are vulnerable to Regular Expression Denial of Service ReDoS due to the use of the regex /+$/ in the linkify function. An attacker can supply a long sequence of characters followed by a non-matching character, which triggers...

7.5CVSS0.00021EPSS

Exploits0References4

IBM Security Bulletins•added 2025/11/28 7:14 p.m.•4 views

Security Bulletin: Astronomer with IBM is vulnerable to cross-site scripting due to the markdown-it package (CVE-2025-7969)

Summary Markdown-it is used by Astronomer with IBM as part of markdown parsing functionality. Vulnerability Details CVEID:CVE-2025-7969 DESCRIPTION: Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting...

6.9CVSS5.9AI score0.00063EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2025/11/03 10:14 p.m.•13 views

Security Bulletin: security vulnerabilities are addressed with IBM Business Automation Insights iFixes for October 2025.

Summary Security vulnerabilities are addressed with IBM Business Automation Insights 24.0.0-IF005 and 25.0.0-IF002. These vulnerabilities have been also addressed in 24.0.1-IF005. Vulnerability Details CVEID:CVE-2025-36091 DESCRIPTION: IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and...

9.1CVSS8.1AI score0.14515EPSS

Exploits7Affected Software1