Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

61269 matches found

EUVD
EUVDadded 2026/04/10 3:31 p.m.3 views

EUVD-2026-21417

Vikunja: Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade...

6.5CVSS5.8AI score0.00268EPSS
Exploits1References4
Github Security Blog
Github Security Blogadded 2026/04/10 3:31 p.m.10 views

Vikunja: Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade

Title Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade Description Vikunja's link share authentication constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner deletes a link share or...

6.5CVSS5.8AI score0.00268EPSS
Exploits1References6Affected Software1
OSV
OSVadded 2026/04/10 3:31 p.m.2 views

GHSA-96Q5-XM3P-7M84 Vikunja: Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade

Title Link Share JWT tokens remain valid for 72 hours after share deletion or permission downgrade Description Vikunja's link share authentication constructs authorization objects entirely from JWT claims without any server-side database validation. When a project owner deletes a link share or...

6.5CVSS5.8AI score0.00268EPSS
Exploits1References6
Veracode
Veracodeadded 2026/04/10 3:25 p.m.8 views

Host Header Injection

github.com/zitadel/zitadel is vulnerable to Host Header Injection. The vulnerability is due to improper validation of the Forwarded or X-Forwarded-Host headers when generating password reset links, which allows an attacker to manipulate the link to a malicious domain and capture the reset code,...

8.8CVSS5.8AI score0.00308EPSS
Exploits0References3Affected Software1
Circl
Circladded 2026/04/10 3:17 p.m.4 views

CVE-2026-40217

creationtimestamp| type| source ---|---|--- 2026-04-10 15:17:37+00:00| seen| Telegram/BHjpIBo0iRlJvCTjCc1tWATK3ONpTPYFFDHwGYF-bIOT41U 2026-04-10 15:37:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj5nnyqjgd2j 2026-04-11 10:00:21+00:00| seen|...

8.8CVSS5.7AI score0.00724EPSS
Exploits2References4
Circl
Circladded 2026/04/10 2:30 p.m.3 views

CVE-2026-0737

creationtimestamp| type| source ---|---|--- 2026-04-10 14:30:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mj5jw4mexm2o...

6.4CVSS5.7AI score0.0034EPSS
Exploits0References1
Circl
Circladded 2026/04/10 11:2 a.m.1 views

CVE-2026-6038

creationtimestamp| type| source ---|---|--- 2026-04-10 11:02:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj56cvmzdz2q 2026-04-10 11:16:18+00:00| published-proof-of-concept| Telegram/khgEEPiWkGL9WACMPfvZ8dGv1ooPTaC6hfehoeURB75s6dQ...

7.5CVSS7.3AI score0.00259EPSS
Exploits0References1
Circl
Circladded 2026/04/10 10:52 a.m.2 views

CVE-2026-6036

creationtimestamp| type| source ---|---|--- 2026-04-10 10:52:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj55qyb6sb23 2026-04-10 11:16:18+00:00| published-proof-of-concept| Telegram/khgEEPiWkGL9WACMPfvZ8dGv1ooPTaC6hfehoeURB75s6dQ...

7.5CVSS7.3AI score0.00325EPSS
Exploits0References1
Circl
Circladded 2026/04/10 10:47 a.m.2 views

CVE-2026-6034

creationtimestamp| type| source ---|---|--- 2026-04-10 10:47:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj55hzsmqy27...

5.3CVSS5.7AI score0.00337EPSS
Exploits0References1
Circl
Circladded 2026/04/10 10:33 a.m.2 views

CVE-2026-6035

creationtimestamp| type| source ---|---|--- 2026-04-10 10:33:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj54ohahsu23...

5.3CVSS5.7AI score0.00337EPSS
Exploits0References1
Circl
Circladded 2026/04/10 10:11 a.m.1 views

CVE-2026-33455

creationtimestamp| type| source ---|---|--- 2026-04-10 10:11:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj53hfik7l2s...

6.3CVSS5.7AI score0.00175EPSS
Exploits0References1
Circl
Circladded 2026/04/10 10:6 a.m.3 views

CVE-2026-5525

creationtimestamp| type| source ---|---|--- 2026-04-10 10:06:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj535ug5a42j...

7.8CVSS5.7AI score0.00166EPSS
Exploits1References1
Circl
Circladded 2026/04/10 9:32 a.m.2 views

CVE-2026-40259

creationtimestamp| type| source ---|---|--- 2026-04-10 09:32:21+00:00| published-proof-of-concept| https://github.com/siyuan-note/siyuan/security/advisories/GHSA-7m5h-w69j-qggg 2026-04-17 00:56:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjnppgbvvx2d 2026-04-17 01:16:10+00:00...

8.1CVSS5.7AI score0.004EPSS
Exploits1References4
EUVD
EUVDadded 2026/04/10 9:31 a.m.4 views

EUVD-2026-21316

Emocheck insecurely loads Dynamic Link Libraries DLLs. If a crafted DLL file is placed to the same directory, an arbitrary code may be executed with the privilege of the user invoking EmoCheck...

8.4CVSS7.3AI score0.0016EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/04/10 6:57 a.m.3 views

CVE-2026-5900

A policy bypass flaw was found in the Downloads component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=475265304...

4.3CVSS5.7AI score0.00159EPSS
Exploits0References5
Circl
Circladded 2026/04/10 6:31 a.m.8 views

CVE-2026-6006

creationtimestamp| type| source ---|---|--- 2026-04-10 06:31:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj4p6vauzx25...

6.5CVSS5.7AI score0.00196EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/10 6:31 a.m.3 views

EUVD-2026-21309

A vulnerability was detected in D-Link DIR-513 1.10. This vulnerability affects the function formSetRoute of the file /goform/formSetRoute of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack may be performed from remote. The explo...

9CVSS7.6AI score0.0074EPSS
Exploits1References6
EUVD
EUVDadded 2026/04/10 6:31 a.m.2 views

EUVD-2026-21307

A security vulnerability has been detected in D-Link DIR-513 1.10. This affects the function formSetPassword of the file /goform/formSetPassword of the component POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. The attack is possible to be carried out...

9CVSS7.8AI score0.00715EPSS
Exploits1References6
EUVD
EUVDadded 2026/04/10 6:31 a.m.5 views

EUVD-2026-21310

A flaw has been found in D-Link DIR-513 1.10. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup of the component POST Request Handler. This manipulation of the argument webpage causes buffer overflow. It is possible to initiate the attack remotely. The exploit...

9CVSS7.5AI score0.00734EPSS
Exploits1References6
Circl
Circladded 2026/04/10 6:22 a.m.1 views

CVE-2026-6005

creationtimestamp| type| source ---|---|--- 2026-04-10 06:22:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj4ooaskiy2i...

6.5CVSS5.7AI score0.00196EPSS
Exploits0References1
Rows per page
Query Builder