Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

61212 matches found

Circl
Circladded 2026/04/21 10:26 p.m.0 views

CVE-2026-40923

creationtimestamp| type| source ---|---|--- 2026-04-21 22:26:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjzzosxhc62c...

5.4CVSS5.7AI score0.0022EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/21 9:31 p.m.6 views

EUVD-2026-24241

A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted...

6.5CVSS5.3AI score0.00201EPSS
Exploits0References5
OSV
OSVadded 2026/04/21 9:31 p.m.4 views

GHSA-X3F9-VCP2-HGCW Bagisto affected by Server-Side Request Forgery

A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted...

6.3CVSS6.2AI score0.00201EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2026/04/21 9:31 p.m.7 views

Bagisto affected by Server-Side Request Forgery

A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted...

6.5CVSS6.2AI score0.00201EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2026/04/21 8:52 p.m.29 views

CVE-2026-40927 Docmost: XSS in Comments with JavaScript URI

Docmost is open-source collaborative wiki and documentation software. Prior to 0.80.0, when leaving a comment on a page, it is possible to include a JavaScript URI as the link. When a user clicks on the link the JavaScript executes. This vulnerability is fixed in 0.80.0...

5.4CVSS0.00139EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/21 8:52 p.m.2 views

EUVD-2026-24487

Docmost is open-source collaborative wiki and documentation software. Prior to 0.80.0, when leaving a comment on a page, it is possible to include a JavaScript URI as the link. When a user clicks on the link the JavaScript executes. This vulnerability is fixed in 0.80.0...

5.4CVSS5.8AI score0.00139EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/21 8:2 p.m.28 views

CVE-2026-40905 LinkAce: Password Reset Poisoning via X-Forwarded-Host Header Injection Leading to Account Takeover

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, a password reset poisoning vulnerability was identified in the application due to improper trust of user-controlled HTTP headers. The application uses the X-Forwarded-Host header when generating password reset URLs. By...

8.1CVSS0.00288EPSS
Exploits0References1
Circl
Circladded 2026/04/21 8:0 p.m.2 views

CVE-2026-6763

creationtimestamp| type| source ---|---|--- 2026-04-21 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260422 2026-04-22 02:01:23+00:00| seen| https://bsky.app/profile/slackers.it/post/3mk2focmgie2i...

6.5CVSS5.7AI score0.00191EPSS
Exploits0References2
Circl
Circladded 2026/04/21 8:0 p.m.3 views

CVE-2026-6752

creationtimestamp| type| source ---|---|--- 2026-04-21 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260422 2026-04-21 21:25:58+00:00| seen| Telegram/zqh64O-3jGBNpD02e4IDQ2Ua8XH6cA6PRqW3q0FpcVLnRBs 2026-04-22 02:01:20+00:00| seen|...

7.3CVSS4.7AI score0.00275EPSS
Exploits0References2
Circl
Circladded 2026/04/21 8:0 p.m.1 views

CVE-2026-6757

creationtimestamp| type| source ---|---|--- 2026-04-21 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260422 2026-04-22 02:01:22+00:00| seen| https://bsky.app/profile/slackers.it/post/3mk2fobkx3t2w 2026-04-22 12:07:59+00:00| seen|...

6.3CVSS4.7AI score0.00245EPSS
Exploits0References4
Circl
Circladded 2026/04/21 8:0 p.m.2 views

CVE-2026-6769

creationtimestamp| type| source ---|---|--- 2026-04-21 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260422 2026-04-21 23:29:27+00:00| seen| Telegram/da4bvWuFIBZ1xbJCq39UTLrDihlERi1UO8pjihG32T1Z-BM 2026-04-22 02:01:24+00:00| seen|...

8.8CVSS4.7AI score0.00226EPSS
Exploits0References2
Circl
Circladded 2026/04/21 8:0 p.m.0 views

CVE-2026-6748

creationtimestamp| type| source ---|---|--- 2026-04-21 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260422 2026-04-21 21:25:58+00:00| seen| Telegram/zqh64O-3jGBNpD02e4IDQ2Ua8XH6cA6PRqW3q0FpcVLnRBs 2026-04-22 02:01:19+00:00| seen|...

9.8CVSS4.7AI score0.00388EPSS
Exploits0References3
Circl
Circladded 2026/04/21 8:0 p.m.2 views

CVE-2026-6771

creationtimestamp| type| source ---|---|--- 2026-04-21 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260422 2026-04-21 21:26:08+00:00| published-proof-of-concept| Telegram/Sh-VDLwDsigv2TtmIHQb5bM9xL-0-hntwqefkM3TigDwq8o 2026-04-22...

9.8CVSS4.7AI score0.00309EPSS
Exploits0References2
Circl
Circladded 2026/04/21 8:0 p.m.0 views

CVE-2026-6750

creationtimestamp| type| source ---|---|--- 2026-04-21 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260422 2026-04-21 23:29:27+00:00| seen| Telegram/da4bvWuFIBZ1xbJCq39UTLrDihlERi1UO8pjihG32T1Z-BM 2026-04-22 02:01:20+00:00| seen|...

8.8CVSS4.7AI score0.00385EPSS
Exploits0References2
Circl
Circladded 2026/04/21 7:25 p.m.2 views

CVE-2026-40050

creationtimestamp| type| source ---|---|--- 2026-04-21 19:25:24+00:00| seen| Telegram/IV3XUTumqBvhxDGxYKmJv890gnK1hu13PgwZ6nuJXKkSo 2026-04-21 19:25:31+00:00| published-proof-of-concept| Telegram/ul8xPPBt1TpPWUc6F08s489cG5Kpdb6-6jXrljeUyK6zBrY 2026-04-22 10:03:50+00:00| seen|...

9.8CVSS5AI score0.00597EPSS
Exploits0References11
Circl
Circladded 2026/04/21 7:24 p.m.2 views

CVE-2026-6749

creationtimestamp| type| source ---|---|--- 2026-04-21 19:24:58+00:00| seen| Telegram/UoNmOvyrT0xD6ttUxw0GWEmNWGrIstm3XawCByymdxwMbjs 2026-04-21 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260422 2026-04-22 02:01:20+00:00| seen|...

7.5CVSS4.7AI score0.00341EPSS
Exploits0References2
Circl
Circladded 2026/04/21 7:24 p.m.1 views

CVE-2026-6746

creationtimestamp| type| source ---|---|--- 2026-04-21 19:24:58+00:00| seen| Telegram/UoNmOvyrT0xD6ttUxw0GWEmNWGrIstm3XawCByymdxwMbjs 2026-04-21 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260422 2026-04-22 02:01:18+00:00| seen|...

7.5CVSS4.9AI score0.00485EPSS
Exploits0References6
NVD
NVDadded 2026/04/21 7:16 p.m.2 views

CVE-2026-6744

A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted...

6.5CVSS0.00201EPSS
Exploits0References4
Snyk
Snykadded 2026/04/21 6:51 p.m.2 views

UNIX Symbolic Link (Symlink) Following

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink...

10CVSS6.4AI score0.00518EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/21 6:0 p.m.0 views

CVE-2026-6744 Bagisto Downloadable Link copy server-side request forgery

A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted...

6.5CVSS6.1AI score0.00201EPSS
Exploits0References4
Rows per page
Query Builder