CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2 days ago•5 views

EUVD-2026-33549

Vulnrichment•added 2 days ago•4 views

CVE-2026-48191 Wrong Permission Handling in Document Search Article Meta Filters

ATTACKERKB•added 2 days ago•4 views

CVE-2026-48191

Exploits0References2Affected Software1

Positive Technologies•added 2 days ago•5 views

PT-2026-45263

CNNVD•added 2 days ago•3 views

OTRS security vulnerabilities

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X. These vulnerabilities stem from improper handling of permissions for external interfaces and the configuration ite...

3.5CVSS5.7AI score0.00021EPSS

CNNVD•added 2 days ago•3 views

NextCloud Teams security vulnerabilities

NextCloud Teams is an open-source team collaboration and group management tool developed by NextCloud. There were security vulnerabilities in versions of NextCloud Teams between 32.0.0 and 32.0.9, as well as between 33.0.0 and 33.0.3. These vulnerabilities stemmed from the system automatically...

6.4CVSS5.8AI score0.00033EPSS

Exploits0References4

CNNVD•added 2 days ago•3 views

OTRS security vulnerabilities

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X of OTRS, as well as versions before 2026.4.X. These vulnerabilities stem from improper handling of permissions in the document search...

NVD•added 5 days ago•9 views

CVE-2025-14042

The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Project Details' custom field in Portfolio Items in all versions up to, and including, 13.4.1. This is due to insufficient input sanitization and output escaping on...

6.4CVSS0.00024EPSS

CVE•added 5 days ago•10 views

CVE-2025-14042

The CVE concerns the WordPress theme “Automotive Car Dealership Business” (versions

6.4CVSS6AI score0.00024EPSS

Vulnrichment•added 5 days ago•4 views

CVE-2025-14042 Automotive Car Dealership Business WordPress Theme <= 13.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Portfolio Project Details

6.4CVSS6AI score0.00024EPSS

Positive Technologies•added 5 days ago•8 views

PT-2026-44750

6.4CVSS6AI score0.00024EPSS

Exploits0References3

RedhatCVE•added 2026/05/23 8:12 a.m.•9 views

CVE-2026-9011

The Ditty – Responsive News Tickers, Sliders, and Lists plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.1.65. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

NVD•added 2026/05/22 9:16 a.m.•10 views

CVE-2026-9011

7.5CVSS0.00036EPSS

ATTACKERKB•added 2026/05/22 7:50 a.m.•3 views

CVE-2026-9011

CVE•added 2026/05/22 7:50 a.m.•12 views

Exploits0References9

CVE-2026-9011

Technical details are not publicly available in the provided documents. Monitor for updates.

Vulnrichment•added 2026/05/22 7:50 a.m.•3 views

CVE-2026-9011 Ditty <= 3.1.65 - Missing Authorization to Unauthenticated Sensitive Information Disclosure via ditty_init AJAX Action

EUVD•added 2026/05/22 7:50 a.m.•5 views

EUVD-2026-31419

Positive Technologies•added 2026/05/22 12:0 a.m.•6 views

PT-2026-42740

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Exploits0References9

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: Fixed the lockdep splat issue and potential deadlock that occurs after running delayed items. When running delayed items, we hold the mutex of the delayed node. Then, we attempt to modify a subvolume btree to insert, updat...

5.9AI score0.00024EPSS