Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

58973 matches found

NVD
NVDadded 2026/03/20 2:16 a.m.4 views

CVE-2026-32880

ChurchCRM is an open-source church management system. Versions prior to 7.0.2 allow an admin user to edit JSON type system settings to store a JavaScript payload that can execute when any admin views the system settings. The JSON input is left unescaped/unsanitized in SystemSettings.php, leading ...

6.4CVSS0.0032EPSS
Exploits1References1
Debian CVE
Debian CVEadded 2026/03/20 1:34 a.m.2 views

CVE-2026-4461

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00281EPSS
Exploits0
Cvelist
Cvelistadded 2026/03/20 1:34 a.m.19 views

CVE-2026-4457

Type Confusion in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

0.00306EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/03/20 1:34 a.m.3 views

CVE-2026-4450

Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00281EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2026/03/20 1:34 a.m.18 views

CVE-2026-4450

CVE-2026-4450 is a vulnerability in Google Chrome’s V8 engine. It describes an out-of-bounds write in V8 prior to 146.0.7680.153 that could enable a remote attacker to cause heap corruption via a crafted HTML page. The issue affects Chrome releases using the affected V8, with a high severity (CVS...

8.8CVSS5.8AI score0.00281EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2026/03/20 1:34 a.m.20 views

CVE-2026-4447

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

0.00354EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/03/20 1:34 a.m.5 views

CVE-2026-4447

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.2AI score0.00354EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/20 1:34 a.m.2 views

CVE-2026-4447

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.2AI score0.00354EPSS
Exploits1References2
EUVD
EUVDadded 2026/03/20 1:34 a.m.4 views

EUVD-2026-13461

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00354EPSS
Exploits1References2
Debian CVE
Debian CVEadded 2026/03/20 1:34 a.m.4 views

CVE-2026-4447

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00354EPSS
Exploits1
CNNVD
CNNVDadded 2026/03/20 12:0 a.m.7 views

Red Hat OpenShift AI 安全漏洞

Red Hat OpenShift AI is an AI lifecycle management platform developed by Red Hat Inc. There is a security vulnerability in Red Hat OpenShift AI, which stems from improper endpoint access control at the /save-document endpoint. This vulnerability could allow unverified remote attackers to write...

6AI score
Exploits0References1
CNNVD
CNNVDadded 2026/03/20 12:0 a.m.7 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 146.0.7680.153 contained a security vulnerability, which was caused by out-of-bound writing in the V8 engine, potentially leading to heap corruption...

8.8CVSS5.8AI score0.00281EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/03/20 12:0 a.m.3 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 146.0.7680.153 contained a security vulnerability, which was caused by improper implementation of the V8 component. This vulnerability could allow remote attackers to exploit heap corruptio...

8.8CVSS5.8AI score0.00281EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/03/20 12:0 a.m.4 views

CVE-2026-30578

File Thinghie 2.5.7 is vulnerable to Cross Site Scripting XSS. A malicious user can leverage the "dir" parameter of the GET request to invoke arbitrary javascript code...

5.9AI score0.00184EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/03/20 12:0 a.m.5 views

Spring Framework 安全漏洞

The Spring Framework is an application development framework developed by Spring in open source. There are security vulnerabilities in Spring Framework versions 7.0.5 and earlier, 6.2.16 and earlier, 6.1.25 and earlier, and 5.3.46 and earlier. These vulnerabilities stem from the use of Java scrip...

5.9CVSS6AI score0.00385EPSS
Exploits0References2
CVE
CVEadded 2026/03/20 12:0 a.m.8 views

CVE-2026-30578

The CVE-2026-30578 entry concerns File Thinghie 2.5.7, vulnerable to Cross Site Scripting (XSS) via the dir parameter in GET requests, allowing injection of arbitrary JavaScript code. Reported across multiple feeds (Red Hat, ENISA/EUVD, NVD, CVE List, CIRCL, CNNVD, AttackersKB, etc.). The availab...

6.5CVSS5.9AI score0.00184EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/03/20 12:0 a.m.4 views

PT-2026-26647

CVE-2026-30579 File Thingie 2.5.7 is vulnerable to Cross Site Scripting XSS. A malicious user can leverage the "upload file" functionality to upload a file with a crafted file nam… https://t.co/N4t4f6wlMZ...

5.8AI score0.00184EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/20 12:0 a.m.4 views

CVE-2026-30579

File Thingie 2.5.7 is vulnerable to Cross Site Scripting XSS. A malicious user can leverage the "upload file" functionality to upload a file with a crafted file name used to trigger a Javascript payload...

5.8AI score0.00184EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/03/20 12:0 a.m.4 views

PT-2026-26651

XinLiangCoder php api doc through commit 1ce5bbf contains a reflected cross-site scripting vulnerability in list method.php that allows remote attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious code through the f parameter. Attackers can craft a malicious URL...

6.1CVSS6AI score0.00257EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2026/03/20 12:0 a.m.3 views

CVE-2026-4461

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00281EPSS
Exploits0References3
Rows per page
Query Builder