CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/05/08 6:38 a.m.•7 views

CVE-2026-44916

CVE-2026-44916 affects OpenStack Ironic up to version 35.x, where rendering of instance_info['ks_template'] occurs without sandboxing. The root cause is the lack of sandboxing during template rendering, which can expose sensitive information or enable unintended behavior within the template execu...

3CVSS5.8AI score0.00011EPSS

Exploits0References3

Positive Technologies•added 2026/05/08 12:0 a.m.•4 views

PT-2026-38679

Name of the Vulnerable Software and Affected Versions OpenStack Ironic versions prior to 36.0 Description In OpenStack Ironic, the ks template variable within instance info is rendered without sandboxing. Sandboxing is a security mechanism that isolates executing code to prevent it from accessing...

3CVSS5.9AI score0.00011EPSS

Exploits0References16

RedhatCVE•added 2026/03/26 3:16 p.m.•1 views

CVE-2026-31918

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in immonex immonex Kickstart immonex-kickstart allows Stored XSS.This issue affects immonex Kickstart: from n/a through = 1.13.0...

EUVD•added 2026/03/13 9:31 p.m.•2 views

EUVD-2026-11794

NVD•added 2026/03/13 7:54 p.m.•1 views

CVE-2026-31918

6.5CVSS0.00045EPSS

Vulnrichment•added 2026/03/13 11:41 a.m.•2 views

CVE-2026-31918 WordPress immonex Kickstart plugin <= 1.13.0 - Cross Site Scripting (XSS) vulnerability

5.8AI score0.00045EPSS

CVE•added 2026/03/13 11:41 a.m.•3 views

CVE-2026-31918

The CVE affects the WordPress immonex Kickstart plugin (versions up to 1.13.0). The issue is a Stored XSS caused by improper neutralization of input during web page generation in immonex-kickstart. Impact is XSS via stored data, as described; no exploit details or in-the-wild exploitation are pro...

ATTACKERKB•added 2026/03/13 11:41 a.m.•1 views

CVE-2026-31918

5.8AI score0.00045EPSS

Cvelist•added 2026/03/13 11:41 a.m.•22 views

CVE-2026-31918 WordPress immonex Kickstart plugin <= 1.13.0 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00045EPSS

Positive Technologies•added 2026/03/13 12:0 a.m.•0 views

PT-2026-25173

CNNVD•added 2026/03/13 12:0 a.m.•2 views

Exploits0References3

WordPress plugin immonex Kickstart 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.5CVSS5.6AI score0.00045EPSS

Tenable Nessus•added 2026/01/16 12:0 a.m.•2 views

MiracleLinux 3 : sos-1.7-9.62.1.0.1.AXS3 (AXSA:2013-582:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-582:01 advisory. Sos is a set of tools that gathers information about system hardware and configuration. The information can then be used for diagnostic purposes and debugging...

4.3CVSS5.6AI score0.00438EPSS

Tenable Nessus•added 2026/01/16 12:0 a.m.•3 views

MiracleLinux 4 : wireshark-1.8.10-17.AXS4 (AXSA:2015-372:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-372:01 advisory. Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library,...

5CVSS6.3AI score0.03569EPSS

Exploits0References10

Tenable Nessus•added 2026/01/14 12:0 a.m.•3 views

MiracleLinux 4 : sos-2.2-29.0.1.AXS4 (AXSA:2012-573:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-573:02 advisory. Sos is a set of tools that gathers information about system hardware and configuration. The information can then be used for diagnostic purposes and debugging...

4.3CVSS5.5AI score0.00438EPSS