CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

104 matches found

NVD•added 2026/06/10 6:17 p.m.•10 views

CVE-2026-50568

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/utils.go validated that a path stayed under a safe directory by calling strings.HasPrefixpath,...

3.6CVSS0.00114EPSS

Exploits0References4

EUVD•added 2026/06/10 5:31 p.m.•9 views

EUVD-2026-36072

Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.25.0, SanitizeFilePath in pkg/utils/utils.go validated that a path stayed under a safe directory by calling strings.HasPrefixpath,...

3.6CVSS5.4AI score0.00114EPSS

Exploits0References4

Packet Storm News•added 2026/04/10 12:0 a.m.•1 views

ChatGPT, Is This Real? the Influence of Generative AI on Writing Style in Top-Tier Cybersecurity Papers

With the release of ChatGPT in 2022, generative AI has significantly lowered the cost of polishing and rewriting text. Due to its widespread usage, conference organizers instated specific requirements researchers need to adhere to when using GenAI. When asked to rewrite text, GenAI can introduce...

Fedora•added 2026/03/29 12:51 a.m.•5 views

[SECURITY] Fedora 43 Update: python-ply-3.11-33.fc43

PLY is a straightforward lex/yacc implementation. Here is a list of its essential features: It is implemented entirely in Python. It uses LR-parsing which is reasonably efficient and well suited for larger grammars. PLY provides most of the standard lex/yacc features including support for empty...

9.8CVSS7.3AI score0.1865EPSS

Packet Storm News•added 2026/03/23 12:0 a.m.•2 views

TLS Certificate and Domain Feature Analysis of Phishing Domains in the Danish .Dk Namespace

Phishing attacks remain a persistent cybersecurity threat, and the widespread adoption of TLS certificates has unintentionally enabled malicious websites to appear trustworthy to users. This study examines whether certificate metadata and domain characteristics can help distinguish phishing domai...

ATTACKERKB•added 2026/03/19 10:1 p.m.•1 views

CVE-2026-30873

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to both 24.10.6 and 25.12.1, the jpgettoken function, which performs lexical analysis by breaking input expressions into tokens, contains a memory leak vulnerability when extracting string literals, field...

2.4CVSS5.7AI score0.00515EPSS

Exploits0References4Affected Software1

Packet Storm News•added 2026/01/09 12:0 a.m.•11 views

HogVul: Black-Box Adversarial Code Generation Framework against LM-Based Vulnerability Detectors

Recent advances in software vulnerability detection have been driven by Language Model LM-based approaches. However, these models remain vulnerable to adversarial attacks that exploit lexical and syntax perturbations, allowing critical flaws to evade detection. Existing black-box attacks on...

Packet Storm News•added 2025/12/07 12:0 a.m.•15 views

Deep Reinforcement Learning for Phishing Detection with Transformer-Based Semantic Features

Phishing is a cybercrime in which individuals are deceived into revealing personal information, often resulting in financial loss. These attacks commonly occur through fraudulent messages, misleading advertisements, and compromised legitimate websites. This study proposes a Quantile Regression De...

OSV•added 2025/11/11 10:56 p.m.•3 views

MAL-2025-135139 Malicious code in lexical_hawk_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e69077f196ddd4739859dc48daa5fbd18367ec168c9163ed8fad921bddfb6b3f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/11 8:46 p.m.•1 views

EUVD-2025-104231

Malicious code in lexicalsquidz3n npm...

EUVD•added 2025/11/11 7:47 a.m.•1 views

EUVD-2025-74493

Malicious code in lexicalprawnemerald-96 npm...

EUVD•added 2025/11/11 7:44 a.m.•0 views

EUVD-2025-76422

Malicious code in lexicalchickadee-appteadev npm...

EUVD•added 2025/11/11 7:44 a.m.•3 views

EUVD-2025-76421

Malicious code in lexicaldamselfly-smiletea npm...

EUVD•added 2025/11/11 7:31 a.m.•0 views

EUVD-2025-78909

Malicious code in lexicalmosquitoz3n npm...

EUVD•added 2025/11/11 7:31 a.m.•0 views

EUVD-2025-78908

Malicious code in lexicalscallopz3n npm...

OSV•added 2025/11/11 7:31 a.m.•2 views

MAL-2025-105104 Malicious code in lexical_scallop_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c376cb70e23d581bd2f8682fd3cb4524114655189942ef62733231cb8adc9c81 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/11 7:26 a.m.•1 views

EUVD-2025-81387

Malicious code in lexicalzebradumbs npm...

EUVD•added 2025/11/11 7:1 a.m.•2 views

EUVD-2025-71503

Malicious code in lexicalpythonz3n npm...

EUVD•added 2025/11/11 5:18 a.m.•0 views

EUVD-2025-63315

Malicious code in lexicalclownfishz3n npm...

EUVD•added 2025/11/11 5:18 a.m.•0 views

EUVD-2025-63314

Malicious code in lexicalcougarz3n npm...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by