Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

61109 matches found

Circl
Circladded 2026/05/22 10:12 p.m.3 views

CVE-2026-39966

creationtimestamp| type| source ---|---|--- 2026-05-22 22:12:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhxe3r7ma2c...

6.5CVSS5.8AI score0.00256EPSS
Exploits0References1
NVD
NVDadded 2026/05/22 9:16 p.m.13 views

CVE-2026-3294

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full...

8.8CVSS0.00398EPSS
Exploits0References11
ATTACKERKB
ATTACKERKBadded 2026/05/22 8:48 p.m.5 views

CVE-2026-3294

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full...

8.7CVSS5.8AI score0.00398EPSS
Exploits0References12
EUVD
EUVDadded 2026/05/22 8:48 p.m.6 views

EUVD-2026-31502

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full...

8.7CVSS5.8AI score0.00398EPSS
Exploits0References11
Cvelist
Cvelistadded 2026/05/22 8:48 p.m.16 views

CVE-2026-3294 Authentication Logic Vulnerability on Multiple TP-Link Range Extenders

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full...

8.7CVSS0.00398EPSS
Exploits0References11
CVE
CVEadded 2026/05/22 8:48 p.m.47 views

CVE-2026-3294

CVE-2026-3294 concerns an authentication logic vulnerability in multiple TP-Link range extenders. The issue allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation, enabling full administrative c...

8.8CVSS5.8AI score0.00398EPSS
Exploits0References11Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/22 8:48 p.m.7 views

CVE-2026-3294 Authentication Logic Vulnerability on Multiple TP-Link Range Extenders

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full...

8.7CVSS5.8AI score0.00398EPSS
Exploits0References11
NVD
NVDadded 2026/05/22 7:17 p.m.10 views

CVE-2026-39966

TypeBot is a chatbot builder tool. In versions 3.15.2, the getLinkedTypebots API endpoint returns full bot definitions to any authenticated user who references a target bot ID in a Typebot Link block, regardless of workspace ownership, leading to IDOR. The authorization check uses Array.filter wi...

6.5CVSS0.00256EPSS
Exploits0References3
NVD
NVDadded 2026/05/22 6:16 p.m.5 views

CVE-2026-39964

TypeBot is a chatbot builder tool. In versions prior to 3.16.0, the Typebot viewer packages/embeds/js renders anchor tags from rich text bubble content without filtering the javascript: URI scheme. A bot author can set a link URL to javascript:PAYLOAD, which executes in the visitor's browser...

5.4CVSS0.00262EPSS
Exploits0References3
CVE
CVEadded 2026/05/22 5:55 p.m.22 views

CVE-2026-39970

The CVE covers TypeBot (chatbot builder) ≤ version 3.15.2, where the profile picture upload form fails to sanitize SVG/XML uploads and directly renders them. This enables stored XSS via crafted SVGs containing JavaScript, with payload stored on app.typebot.io and accessible via a permanent link, ...

8.5CVSS6AI score0.00356EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/22 5:21 p.m.8 views

CVE-2026-39964

TypeBot is a chatbot builder tool. In versions prior to 3.16.0, the Typebot viewer packages/embeds/js renders anchor tags from rich text bubble content without filtering the javascript: URI scheme. A bot author can set a link URL to javascript:PAYLOAD, which executes in the visitor's browser...

5.4CVSS5.8AI score0.00262EPSS
Exploits0References4Affected Software1
Circl
Circladded 2026/05/22 5:13 p.m.5 views

CVE-2026-7325

creationtimestamp| type| source ---|---|--- 2026-05-22 17:13:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhgn63lvp2q...

7.1CVSS5.8AI score0.00218EPSS
Exploits0References1
Circl
Circladded 2026/05/22 4:57 p.m.5 views

CVE-2026-9246

creationtimestamp| type| source ---|---|--- 2026-05-22 16:57:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhfptu6za2t...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1
Circl
Circladded 2026/05/22 4:54 p.m.6 views

CVE-2026-9248

creationtimestamp| type| source ---|---|--- 2026-05-22 16:54:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhfkht5tm2n...

2.6CVSS5.8AI score0.00129EPSS
Exploits0References1
Circl
Circladded 2026/05/22 4:46 p.m.5 views

CVE-2026-9047

creationtimestamp| type| source ---|---|--- 2026-05-22 16:46:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhf4xkwxt2n 2026-06-06 11:02:52+00:00| seen| https://bsky.app/profile/keiwork35.bsky.social/post/3mnmivyhkac2z...

7.6CVSS5.3AI score0.00291EPSS
Exploits0References2
Circl
Circladded 2026/05/22 4:40 p.m.5 views

CVE-2026-25680

creationtimestamp| type| source ---|---|--- 2026-05-22 16:40:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhes65b3m2q...

6.5CVSS5.8AI score0.0034EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/22 3:24 p.m.6 views

CVE-2026-9245

Improper input validation in the external authentication provider flow in Devolutions Server allows an unauthenticated remote attacker to redirect victims to an attacker-controlled domain via a crafted login link. This issue affects : Devolutions Server 2026.1.6.0 through 2026.1.16.0 Devolutions...

5.8AI score0.00169EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/22 3:24 p.m.6 views

CVE-2026-9245

Improper input validation in the external authentication provider flow in Devolutions Server allows an unauthenticated remote attacker to redirect victims to an attacker-controlled domain via a crafted login link. This issue affects : Devolutions Server 2026.1.6.0 through 2026.1.16.0 Devolutions...

0.00169EPSS
Exploits0References1
Circl
Circladded 2026/05/22 1:28 p.m.3 views

CVE-2026-7636

creationtimestamp| type| source ---|---|--- 2026-05-22 13:28:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmh22tl3u52n...

4.3CVSS5.8AI score0.00243EPSS
Exploits0References1
Circl
Circladded 2026/05/22 1:22 p.m.7 views

CVE-2026-9277

creationtimestamp| type| source ---|---|--- 2026-05-22 13:22:55+00:00| published-proof-of-concept| https://github.com/ljharb/shell-quote/security/advisories/GHSA-w7jw-789q-3m8p 2026-05-22 17:34:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhhsrhmds2o 2026-05-23 05:06:18+00:00...

9.2CVSS5.3AI score0.00552EPSS
Exploits1References7
Rows per page
Query Builder