CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action. id: CVE-2012-4878 info: name: FlatnuX CMS - Directory Traversal author: daffainfo severity:...

5CVSS5.6AI score0.02816EPSS

Exploits1References5

Positive Technologies•added yesterday•4 views

PT-2026-48628

CVE-2026-28699 CVE-2026-28699 — Gitea OAuth2 Scope Bypass via HTTP Basic Auth Self-contained lab + writeup for CVE-2026-28699 https://t.co/jAVOhdGDYn...

5.5AI score

Exploits1References1

OSSF Malicious Packages•added 2 days ago•5 views

Malicious code in @thomlecter1122/lab-helper-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9448c8cb290ff20cf707537035a6c383a4506b452c3ddc0e4c56bc398e02dbc7 routerinit.js line 4 contains the canonical obfuscated-payload-execution pattern: evalBuffer.from, 'base64'.toString.... This decodes a hidden bytes...

5.8AI score

Exploits0References5

GithubExploit•added 2 days ago•38 views

The-Full-Attack-Chain

⚔️ The Full Attack Chain — Capstone Red Team Engagement Int...

10CVSS7.9AI score0.94282EPSS

Exploits28

Circl•added 2 days ago•6 views

CVE-2026-44168

creationtimestamp| type| source ---|---|--- 2026-06-10 04:57:15+00:00| seen| https://bsky.app/profile/securitylab-jp.bsky.social/post/3mnvwdsrfzk2z...

5.3AI score

Exploits0References1

Circl•added 2 days ago•8 views

CVE-2026-44170

creationtimestamp| type| source ---|---|--- 2026-06-10 04:57:15+00:00| seen| https://bsky.app/profile/securitylab-jp.bsky.social/post/3mnvwdsrfzk2z...

5.3AI score

Exploits0References1

GithubExploit•added 2 days ago•36 views

cve-research

CVE Research Personal repository for CVE analysis, proof-of-c...

10CVSS7.3AI score0.94439EPSS

Exploits629

OSV•added 3 days ago•3 views

MAL-2026-5403 Malicious code in t-invest-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46c186ac158f68845fc995a94d15d44c2b65a521d2619d2850232e58f4a61419 Package is a dependency-confusion squat: package.json sets version 9999.99.99 the canonical max-version trick used to win resolution against any...

5.5AI score

Exploits0References1

GithubExploit•added 3 days ago•34 views

poc-lab-pro

poc-lab-pro Recent CVE PoC & reproduction scripts. Focused on...

5.5AI score

Exploits0

GithubExploit•added 3 days ago•36 views

auto_exploiter

Auto-Exploiter Framework ⚠️ LEGAL DISCLAIMER — Authorised...

10CVSS5.7AI score0.94282EPSS

Exploits28