Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

676 matches found

Nuclei
Nucleiadded yesterday40 views

MicroStrategy Web 10.4 - Information Disclosure

MicroStrategy Web 10.4 is susceptible to information disclosure. The JVM configuration, CPU architecture, installation folder, and other information are exposed through /MicroStrategyWS/happyaxis.jsp. An attacker can use this vulnerability to learn more about the application environment and there...

7.5CVSS7.3AI score0.89806EPSS
Exploits3References5
Snyk
Snykadded 2026/06/01 10:29 a.m.5 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to improper configuration of the LengthFieldBasedFrameDecoder value. An attacker can cause the application to exhaust JVM heap memory and disrupt service availability by sending...

8.7CVSS5.5AI score0.00203EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/06/01 12:0 a.m.6 views

Apache ActiveMQ security vulnerabilities

Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. There is a security vulnerability in Apache ActiveMQ, which stems from improper input validation and inadequate code...

8.8CVSS6.9AI score0.83461EPSS
Exploits12References2
Positive Technologies
Positive Technologiesadded 2026/06/01 12:0 a.m.7 views

PT-2026-45385

Name of the Vulnerable Software and Affected Versions Apache Fluss versions prior to 0.9.1 Description The Netty LengthFieldBasedFrameDecoder is configured with Integer.MAX VALUE as the maximum frame length. This allows unauthenticated remote attackers to exhaust JVM heap memory on TabletServer a...

7.5CVSS5.8AI score0.00203EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/05/28 4:42 a.m.7 views

CVE-2026-9801

A flaw was found in Keycloak. A remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker compromising an upstream LDAP server, could exploit this vulnerability. By sending a malformed LDAP password...

4.9CVSS5.8AI score0.00247EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/05/28 12:0 a.m.7 views

PT-2026-44194

Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw allows a remote attacker with high privileges, such as a realm administrator configuring a malicious Lightweight Directory Access Protocol LDAP server or an attacker who has compromis...

4.9CVSS5.8AI score0.00247EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/05/28 12:0 a.m.7 views

Keycloak 安全漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak itself. Keycloak has a security vulnerability. This vulnerability allows remote attackers with high privileges—such as domain administrators who configure malicious LDAP servers or attackers who disrupt...

4.9CVSS5.8AI score0.00247EPSS
Exploits0References2
Packet Storm News
Packet Storm Newsadded 2026/05/27 12:0 a.m.10 views

Joern 4.0.548

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/05/19 12:0 a.m.9 views

Joern 4.0.542

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score
Exploits0
NVD
NVDadded 2026/05/12 10:16 p.m.8 views

CVE-2026-44241

Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. From 4.3.0 to before 4.10.22, TimeConverterRegistrar caches DateTimeFormatter instances in an unbounded ConcurrentHashMap whose key is derived from the @Format annotation...

7.5CVSS0.00018EPSS
Exploits0References2
GithubExploit
GithubExploitadded 2026/05/10 1:49 p.m.56 views

cybersec-hw1

cybersec-hw1 Homework 1 for Introduction to Computer Securi...

5.8AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/05/08 12:0 a.m.5 views

Joern 4.0.536

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/05/04 12:0 a.m.2 views

Joern 4.0.532

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.9AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/04/27 12:0 a.m.5 views

Joern 4.0.528

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.3AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/04/24 12:0 a.m.3 views

Joern 4.0.527

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.3AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2026/04/23 4:28 p.m.2 views

Security Bulletin: vulnerability addressed in IBM Big Replicate LiveData Migrator 3.4

Summary The libraries affected include Aircompressor. Dependency packages are being used by IBM Big Replicate LiveData Migrator. This bulletin describes the upgrades necessary to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-36114 DESCRIPTION: Aircompressor is a library with...

8.6CVSS5.7AI score0.00195EPSS
Exploits0Affected Software1
Packet Storm News
Packet Storm Newsadded 2026/04/23 12:0 a.m.3 views

Joern 4.0.526

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.8AI score
Exploits0
Github Security Blog
Github Security Blogadded 2026/04/21 2:53 p.m.7 views

Spinnaker: RCE via expression parsing due to unrestricted context handling

Spinnaker is an open source, multi-cloud continuous delivery platform. Echo like some other services, uses SPeL Spring Expression Language to process information - specifically around expected artifacts. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, unlike orca, it was NOT...

9.9CVSS5.4AI score0.00032EPSS
Exploits0References8Affected Software1
NVD
NVDadded 2026/04/20 9:16 p.m.3 views

CVE-2026-32613

Spinnaker is an open source, multi-cloud continuous delivery platform. Echo like some other services, uses SPeL Spring Expression Language to process information - specifically around expected artifacts. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, unlike orca, it was NOT...

9.9CVSS0.00032EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/14 11:21 p.m.4 views

CVE-2026-39842 OpenRemote is Vulnerable to Expression Injection

OpenRemote is an open-source IoT platform. Versions 1.21.0 and below contain two interrelated expression injection vulnerabilities in the rules engine that allow arbitrary code execution on the server. The JavaScript rules engine executes user-supplied scripts via Nashorn's ScriptEngine.eval...

9.9CVSS6.7AI score0.00081EPSS
Exploits2References2
Rows per page
Query Builder