CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

112 matches found

vulnersOsv•added 2026/04/10 5:8 p.m.•5 views

bg.codexio.ai:openai-api-examples (>=0.8.0.BETA <=0.9.0.BETA-JDK17), ch.cern:cerndb-sw-zkpolicy (=1.0.1-21) +305 more potentially affected by CVE-2026-34477 via org.apache.logging.log4j:log4j-core (>=3.0.0-alpha1 <=3.0.0-beta3)

org.apache.logging.log4j:log4j-core MAVEN version =3.0.0-alpha1, =0.8.0.BETA, =1.0.0, =0.0.2, =00.00.03, =1.0.6, =1.0.7, =1.0.0, =2.0.21, =1.0, =1.0.2 and more Source cves: CVE-2026-34477 Source advisory: SNYK:JAVA-ORGAPACHELOGGINGLOG4J-15967727...

6.3CVSS5.8AI score0.00039EPSS

vulnersOsv•added 2026/04/07 9:31 a.m.•4 views

at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1035 more potentially affected by CVE-2026-34197 via org.apache.activemq:activemq-broker (>=5.10.0 <=5.19.4)

org.apache.activemq:activemq-broker MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2026-34197 Source advisory: OSV:GHSA-RXPJ-7QVF-XV3...

8.8CVSS6.6AI score0.83461EPSS

vulnersOsv•added 2026/03/31 11:2 p.m.•3 views

com.newmediaworks:nmw-oss-website (>=1.7.0 <=1.11.0), com.pragmatickm:website (>=1.10.0 <=2.0.0) +111 more potentially affected by CVE-2025-13465 +1 more via org.webjars.npm:lodash (>=4.0.0 <=4.17.5)

org.webjars.npm:lodash MAVEN version =4.0.0, =1.7.0, =1.10.0, =1.11.0, =1.7.0, =1.6.1, =1.11.0, =1.13.0, =1.0, =1.0, =1.0, =1.2.0, =3.5.0, =3.5.0, =3.5.0, =3.12.0 and more Source cves: CVE-2025-13465, CVE-2026-2950 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15869623...

7.9CVSS6.4AI score0.00028EPSS

vulnersOsv•added 2026/03/26 6:49 p.m.•2 views

ai.agentican:agentican-framework-core (>=0.1.0-alpha.2 <=0.1.0-alpha.3), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.3) +19526 more potentially affected by CVE-2026-33871 via io.netty:netty-codec-http2 (>=4.1.0.Beta4 <=4.1.131.Final)

io.netty:netty-codec-http2 MAVEN version =4.1.0.Beta4, =0.1.0-alpha.2, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.2, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.28.0 and more Source cves: CVE-2026-33871 Sourc...

8.7CVSS7.2AI score0.00038EPSS

vulnersOsv•added 2026/03/26 6:34 p.m.•1 views

com.codbex.aion:codbex-aion-platform (>=0.5.6 <=0.5.7), com.codbex.aion:codbex-aion-platform-keycloack (>=0.5.6 <=0.5.7) +96 more potentially affected by CVE-2024-45296 +1 more via org.webjars.npm:path-to-regexp (>=0.1.7 <=8.2.0)

org.webjars.npm:path-to-regexp MAVEN version =0.1.7, =0.5.6, =0.5.6, =0.5.6, =0.4.0, =0.4.0, =0.5.3, =0.5.5 - com.codbex.kronos:codbex-kronos-coverage-aggregate =0.4.0 - com.codbex.kronos:codbex-kronos-modules-all =0.4.0 - com.codbex.kronos:codbex-kronos-modules-engines-all =0.4.0 -...

7.5CVSS6.7AI score0.00066EPSS

Packet Storm News•added 2026/03/26 12:0 a.m.•0 views

A Large-Scale Empirical Study on the Generalizability of Disclosed Java Library Vulnerability Exploits

Open-source software supply chain security relies heavily on assessing affected versions of library vulnerabilities. While prior studies have leveraged exploits for verifying vulnerability affected versions, they point out a key limitation that exploits are version-specific and cannot be directly...

vulnersOsv•added 2026/03/24 9:30 a.m.•2 views

com.io7m.jsay:com.io7m.jsay (=0.0.2), com.jkoolcloud.tnt4j.streams:tnt4j-streams-jms (>=1.14.2 <=2.3.0) +5 more potentially affected by CVE-2026-32642 via org.apache.activemq:artemis-openwire-protocol (>=2.0.0 <=2.4.0)

org.apache.activemq:artemis-openwire-protocol MAVEN version =2.0.0, =1.14.2, =0.1.0, =0.1.0, =2.0.0, =2.31.1, =2.29.0, =2.44.0 Source cves: CVE-2026-32642 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-15791526...

4.3CVSS5.8AI score0.00029EPSS

vulnersOsv•added 2026/03/20 2:41 a.m.•5 views

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.6.0) +9908 more potentially affected by CVE-2026-22737 via org.springframework:spring-webmvc (>=6.0.0 <=6.2.16)

org.springframework:spring-webmvc MAVEN version =6.0.0, =0.2.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.8.7 and more Source cves: CVE-2026-22737 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-15701845...

5.9CVSS5.8AI score0.00096EPSS

Packet Storm News•added 2026/03/09 12:0 a.m.•2 views

Coverage-Guided Multi-Agent Harness Generation for Java Library Fuzzing

Coverage-guided fuzzing has proven effective for software testing, but targeting library code requires specialized fuzz harnesses that translate fuzzer-generated inputs into valid API invocations. Manual harness creation is time-consuming and requires deep understanding of API semantics,...

vulnersOsv•added 2026/02/26 6:18 a.m.•2 views

com.codbex.atlas:codbex-atlas-application (>=2.62.0 <=2.107.0), com.codbex.gaia:codbex-gaia-application (>=2.61.0 <=2.64.0) +22 more potentially affected by CVE-2026-27942 via org.webjars.npm:fast-xml-parser (>=4.5.3 <=5.2.5)

org.webjars.npm:fast-xml-parser MAVEN version =4.5.3, =2.62.0, =2.61.0, =2.52.0, =2.52.0, =2.51.0, =2.51.0, =3.6.0, =2.50.0, =5.0.0, =5.0.0, =11.58.0, =12.2.0, =11.58.0, =11.58.0, =11.48.2, =12.1.0 and more Source cves: CVE-2026-27942 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15353392...

7.5CVSS7.1AI score0.00018EPSS

Tenable Nessus•added 2026/01/20 12:0 a.m.•1 views

MiracleLinux 9 : java-1.8.0-openjdk-1.8.0.332.b09-1.el9 (AXSA:2022-3957:12)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3957:12 advisory. OpenJDK: Defective secure validation in Apache Santuario Libraries, 8278008 CVE-2022-21476 OpenJDK: Unbounded memory allocation when compiling craft...

7.5CVSS8.5AI score0.00199EPSS

Exploits0References6

vulnersOsv•added 2026/01/07 6:30 p.m.•1 views

africa.absa:inception-application (>=1.0.0 <=1.2.0), app.fmgp:scala-did-docs_3 (>=0.1.0-M16 <=0.1.0-M33) +2471 more potentially affected by CVE-2025-12543 via io.undertow:undertow-core (>=2.0.0.Alpha1 <=2.2.38.Final)

io.undertow:undertow-core MAVEN version =2.0.0.Alpha1, =1.0.0, =0.1.0-M16, =1.0.0, =1.0.1, =1.0.2, =1.0.0, =1.2.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2025-12543 Source advisory: SNYK:JAVA-IOUNDERTOW-14908846...

9.6CVSS7.3AI score0.0005EPSS

vulnersOsv•added 2026/01/07 5:47 p.m.•5 views

ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=1.21.0 <=1.26.2), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=1.21.0 <=1.26.2) +584 more potentially affected by CVE-2025-66560 via io.quarkus.vertx.utils:quarkus-vertx-utils (>=3.21.0.CR1 <=3.27.1)

io.quarkus.vertx.utils:quarkus-vertx-utils MAVEN version =3.21.0.CR1, =1.21.0, =1.21.0, =1.21.0, =1.21.0, =1.21.0, =1.21.0, =0.0.6, =0.0.6, =0.0.6, =0.0.8, =0.1.0-RC15, =0.1.0-RC15, =0.1.0-RC14, =0.1.0-RC25 and mor...

7.5CVSS5.8AI score0.00024EPSS

vulnersOsv•added 2025/12/18 9:45 p.m.•3 views

africa.shuwari.sbt:sbt-js_2.12_1.0 (>=0.14.1 <=0.16.1), africa.shuwari.sbt:sbt-netbeans_2.12_1.0 (>=0.1.0 <=0.1.1) +21441 more potentially affected by CVE-2025-68161 via org.apache.logging.log4j:log4j-core (>=2.0 <=2.25.2)

org.apache.logging.log4j:log4j-core MAVEN version =2.0, =0.14.1, =0.1.0, =0.9.6, =0.12.0, =0.9.6, =0.9.6, =0.9.6, =0.9.6, =0.14.1, =0.9.6, =0.14.1, =4.4.0.0, =1.4.6, =1.4.6, =1.4.8 and more Source cves: CVE-2025-68161 Source advisory: SNYK:JAVA-ORGAPACHELOGGINGLOG4J-14532782...

6.3CVSS6.4AI score0.00029EPSS

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-12242

Malware in sbrugna...

7.5CVSS7.1AI score0.00233EPSS

Exploits0References32

Gitee•added 2025/09/14 1:32 p.m.•161 views

ysoserial

This is a proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, called ysoserial, is a collection of utilities and property-oriented programming "gadget chains" discovered in common Java libraries that can, under the right conditions, exploit Jav...

vulnersOsv•added 2025/09/05 10:41 p.m.•3 views

ba.sake:hepek-http4s_3 (>=0.31.0 <=0.34.0), ch.linkyard.mcp:jsonrpc2-stdio_3 (>=0.1.0 <=0.3.2) +658 more potentially affected by CVE-2025-58369 via co.fs2:fs2-io_3 (>=3.0-117-375521f <=3.12.0)

co.fs2:fs2-io3 MAVEN version =3.0-117-375521f, =0.31.0, =0.1.0, =0.2.0, =0.1.0, =3.10-4b5f50b, =0.29.0, =0.2.1, =1.0.0, =0.1.0, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-377-020cf9e and more Source cves: CVE-2025-58369 Source advisory:...

5.3CVSS5.8AI score0.00207EPSS

vulnersOsv•added 2025/09/05 10:41 p.m.•4 views

co.fs2:fs2-protocols_2.12 (>=3.10-4b5f50b <=3.12.0-RC2), com.47deg:github4s_2.12 (>=0.29.0 <=0.29.1) +435 more potentially affected by CVE-2025-58369 via co.fs2:fs2-io_2.12 (>=3.0.0 <=3.12.0)

co.fs2:fs2-io2.12 MAVEN version =3.0.0, =3.10-4b5f50b, =0.29.0, =1.0.0, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898,...

5.3CVSS5.8AI score0.00207EPSS

vulnersOsv•added 2025/09/05 10:41 p.m.•2 views

com.47deg:freestyle-http-http4s_2.11 (=0.1.0), com.azavea.geotrellis:geotrellis-server-core_2.11 (>=4.0.1 <=4.2.0) +173 more potentially affected by CVE-2025-58369 via co.fs2:fs2-io_2.11 (>=0.9.1 <=2.1.0)

co.fs2:fs2-io2.11 MAVEN version =0.9.1, =4.0.1, =4.0.1, =4.0.1, =0.4.0, =0.4.0, =5.0.0, =2.0.0, =0.12.7, =0.12.7, =0.12.7, =0.14.1, =0.12.7, =1.1.0, =1.2.1 and more Source cves: CVE-2025-58369 Source advisory: SNYK:JAVA-COFS2-13180115...

5.3CVSS5.8AI score0.00207EPSS

vulnersOsv•added 2025/08/22 9:43 a.m.•2 views

cn.loyom.boot:loyom-boot-business-demo (=1.0.3-JDK21), cn.loyom.boot:loyom-boot-business-sqlite-exe-demo (=1.0.3-JDK21) +101 more potentially affected by CVE-2025-9341 via org.bouncycastle:bcprov-lts8on (=2.73.7)

org.bouncycastle:bcprov-lts8on MAVEN version =2.73.7 is affected by a known vulnerability. The following packages have a transitive dependency on org.bouncycastle:bcprov-lts8on and may be impacted: - cn.loyom.boot:loyom-boot-business-demo =1.0.3-JDK21 -...

5.9CVSS5.8AI score0.00037EPSS

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by