CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

EUVD•added 2026/06/15 9:30 p.m.•6 views

EUVD-2026-36786

An authenticated Server-Side Request Forgery SSRF in the custom scraper subsystem component of Benjamin Jonard Koillection v1.8.0 allows attackers to scan internal resources via supplying a crafted URL...

5.2AI score0.00248EPSS

Exploits0References2

NVD•added 2026/06/15 8:16 p.m.•8 views

CVE-2026-50888

8.1CVSS0.00248EPSS

Exploits0References1

Positive Technologies•added 2026/06/15 12:0 a.m.•8 views

PT-2026-49329

Name of the Vulnerable Software and Affected Versions Benjamin Jonard Koillection version 1.8.0 Description An authenticated Server-Side Request Forgery SSRF exists in the custom scraper subsystem component. This allows attackers to scan internal resources by supplying a crafted URL. SSRF is a fl...

8.1CVSS5.9AI score0.00248EPSS

Exploits0References4

CVE•added 2026/06/15 12:0 a.m.•14 views

CVE-2026-50888

The CVE-2026-50888 entry concerns an authenticated Server-Side Request Forgery (SSRF) in the custom scraper subsystem component of Benjamin Jonard Koillection v1.8.0. The underlying issue allows an authenticated attacker to cause the application to fetch internal resources by supplying a crafted ...

8.1CVSS5.3AI score0.00248EPSS

Exploits0References1

Cvelist•added 2026/06/15 12:0 a.m.•29 views

CVE-2026-50888

0.00248EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-26312

Malicious code in bioql PyPI...

8.8CVSS4.9AI score0.00374EPSS

Exploits1References8

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-13924

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.0024EPSS

Exploits1References3

NVD•added 2025/08/31 10:15 p.m.•4 views

CVE-2025-9747

A vulnerability has been found in Koillection up to 1.6.18. Affected is an unknown function of the file assets/controllers/csrfprotectioncontroller.js. Such manipulation leads to cross-site request forgery. The attack can be executed remotely. The exploit has been disclosed to the public and may ...

8.8CVSS0.00374EPSS

Exploits1References8

OSV•added 2025/08/31 10:15 p.m.•4 views

CVE-2025-9747

8.8CVSS4.5AI score

Exploits0References8

Cvelist•added 2025/08/31 9:32 p.m.•10 views

CVE-2025-9747 Koillection csrf_protection_controller.js cross-site request forgery

5.3CVSS0.00374EPSS

Exploits1References8

Vulnrichment•added 2025/08/31 9:32 p.m.•2 views

CVE-2025-9747 Koillection csrf_protection_controller.js cross-site request forgery

5.3CVSS6.2AI score0.00374EPSS

Exploits1References8

CVE•added 2025/08/31 9:32 p.m.•18 views

CVE-2025-9747

Koillection vulnerability CVE-2025-9747 affects versions up to 1.6.18 due to an unknown function in assets/controllers/csrf_protection_controller.js, enabling cross-site request forgery. The issue can be exploited remotely, and the exploit has been disclosed publicly. A fix is available in versio...

8.8CVSS4.6AI score0.00374EPSS

Exploits1References8Affected Software1

Positive Technologies•added 2025/08/31 12:0 a.m.•5 views

PT-2025-35428

Name of the Vulnerable Software and Affected Versions: Koillection versions up to 1.6.18 Description: A cross-site request forgery issue exists in Koillection. The issue is related to an unknown function within the assets/controllers/csrf protection controller.js file. This manipulation can be...

8.8CVSS4.4AI score0.00374EPSS

Exploits1References12

CNNVD•added 2025/08/31 12:0 a.m.•4 views

Koillection 安全漏洞

Koillection is a self-hosted service by the individual developer Benjamin Jonard that allows users to manage any type of collection. A security vulnerability exists in Koillection 1.6.18 and earlier versions, which stems from a cross-site request forgery attack due to misuse of the file...

8.8CVSS4.8AI score0.00374EPSS

Exploits1References9