Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

61128 matches found

RedhatCVE
RedhatCVEadded 2026/05/15 7:57 p.m.8 views

CVE-2026-42590

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be bypassed using ExifTool's group-prefix syntax, enabling arbitrary file rename, move, hardlink, and symlink creation on the server. ExifTool supports group-prefix...

8.2CVSS5.9AI score0.0029EPSS
Exploits1References1
Circl
Circladded 2026/05/15 6:40 p.m.3 views

GHSA-MQ5J-PW29-JCV3

creationtimestamp| type| source ---|---|--- 2026-05-15 18:40:29+00:00| seen| https://gist.github.com/alon710/603dfdf0e01af88d7ae6413c9f3332fe...

5.8AI score
Exploits0References1
EUVD
EUVDadded 2026/05/15 6:24 p.m.5 views

EUVD-2026-30587

Mathesar is a web application that makes working with PostgreSQL databases both simple and powerful. From 0.2.0 to before 0.10.0, collaborators.list, tables.metadata.list, explorations.list, and forms.list accept a databaseid without verifying that the requesting user was a collaborator on that...

5.3CVSS5.8AI score0.00278EPSS
Exploits0References1
Circl
Circladded 2026/05/15 6:1 p.m.5 views

CVE-2026-46508

creationtimestamp| type| source ---|---|--- 2026-05-15 18:01:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlvw2vm7au2p...

8.4CVSS5.8AI score0.00158EPSS
Exploits0References1
OSV
OSVadded 2026/05/15 2:3 p.m.4 views

OESA-2026-2355 evolution-data-server security update

The evolution-data-server package provides a personal information management application that provides integrated mail, calendaring and address book functionality. The evolution-data-server package provides a single database for common, desktop-wide information, such as a user's address book or...

5.6CVSS5.9AI score0.00189EPSS
Exploits0References2
Circl
Circladded 2026/05/15 1:3 p.m.9 views

CVE-2026-37541

creationtimestamp| type| source ---|---|--- 2026-05-15 13:03:31+00:00| seen| https://bsky.app/profile/keiwork35.bsky.social/post/3mlvfespgwk2k 2026-05-20 16:07:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmcbyhnwol2r...

10CVSS5.8AI score0.00678EPSS
Exploits0References2
Circl
Circladded 2026/05/15 12:51 p.m.9 views

CVE-2026-41964

creationtimestamp| type| source ---|---|--- 2026-05-15 12:51:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlveq2tozv2c 2026-05-16 18:00:30+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlyghhkz3j2c...

8.4CVSS5.8AI score0.00075EPSS
Exploits0References2
Circl
Circladded 2026/05/15 12:32 p.m.14 views

CVE-2026-7563

creationtimestamp| type| source ---|---|--- 2026-05-15 12:32:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlvdnd5alz2s...

4.3CVSS5.8AI score0.00265EPSS
Exploits0References1
Circl
Circladded 2026/05/15 11:32 a.m.13 views

CVE-2026-4683

creationtimestamp| type| source ---|---|--- 2026-05-15 11:32:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlvabzkyk72a...

6.5CVSS5.8AI score0.00262EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/05/15 11:23 a.m.15 views

CVE-2026-43335

A flaw was found in the Linux kernel's interconnect driver for Qualcomm SM8450. The issue arises from unconverted dynamic IDs for platform interconnects, leading to a NULL pointer dereference in the icclinknodes function. This vulnerability can be triggered during runtime when a pointer to a...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References4
Circl
Circladded 2026/05/15 11:17 a.m.9 views

CVE-2026-41961

creationtimestamp| type| source ---|---|--- 2026-05-15 11:17:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlv7ir2xip2i...

5.9CVSS5.8AI score0.00078EPSS
Exploits0References1
Circl
Circladded 2026/05/15 8:10 a.m.3 views

GHSA-WF8Q-WVV8-P8JF

creationtimestamp| type| source ---|---|--- 2026-05-15 08:10:29+00:00| seen| https://gist.github.com/alon710/db836de6fdadb3f6233ea8cd7bfaf4c5...

5.8AI score
Exploits0References1
NVD
NVDadded 2026/05/15 7:16 a.m.8 views

CVE-2026-6646

The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'dtdefaultbutton' shortcode in all versions up to, and including, 14.3.2. This is due to insufficient input sanitization and output escaping on the 'title' component of the 'link' shortcode parameter. This makes it...

6.4CVSS0.00206EPSS
Exploits0References8
CVE
CVEadded 2026/05/15 6:45 a.m.11 views

CVE-2026-6646

The CVE concerns The7 Theme for WordPress (versions up to and including 14.3.2). A Stored Cross-Site Scripting vulnerability exists in the dt_default_button shortcode due to insufficient input sanitization and output escaping of the title component within the link shortcode parameter. This allows...

6.4CVSS6AI score0.00206EPSS
Exploits0References8
Cvelist
Cvelistadded 2026/05/15 6:45 a.m.44 views

CVE-2026-6646 The7 <= 14.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode 'link' Parameter

The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'dtdefaultbutton' shortcode in all versions up to, and including, 14.3.2. This is due to insufficient input sanitization and output escaping on the 'title' component of the 'link' shortcode parameter. This makes it...

6.4CVSS0.00206EPSS
Exploits0References8
EUVD
EUVDadded 2026/05/15 6:45 a.m.9 views

EUVD-2026-30509

The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'dtdefaultbutton' shortcode in all versions up to, and including, 14.3.2. This is due to insufficient input sanitization and output escaping on the 'title' component of the 'link' shortcode parameter. This makes it...

6.4CVSS6AI score0.00206EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2026/05/15 6:45 a.m.4 views

CVE-2026-6646

The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'dtdefaultbutton' shortcode in all versions up to, and including, 14.3.2. This is due to insufficient input sanitization and output escaping on the 'title' component of the 'link' shortcode parameter. This makes it...

6.4CVSS6AI score0.00206EPSS
Exploits0References9
Vulnrichment
Vulnrichmentadded 2026/05/15 6:45 a.m.5 views

CVE-2026-6646 The7 <= 14.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode 'link' Parameter

The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'dtdefaultbutton' shortcode in all versions up to, and including, 14.3.2. This is due to insufficient input sanitization and output escaping on the 'title' component of the 'link' shortcode parameter. This makes it...

6.4CVSS6AI score0.00206EPSS
Exploits0References8
Cvelist
Cvelistadded 2026/05/15 2:58 a.m.37 views

CVE-2024-36333

A DLL hijacking vulnerability in the AMD Cleanup Utility could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution...

7CVSS0.00119EPSS
Exploits0References1
Circl
Circladded 2026/05/15 2:5 a.m.5 views

CVE-2026-8612

creationtimestamp| type| source ---|---|--- 2026-05-15 02:05:20+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mluam7kbww2b...

5.3CVSS5.7AI score0.00127EPSS
Exploits0References1
Rows per page
Query Builder