Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

61280 matches found

Circl
Circladded 2026/04/08 10:50 p.m.1 views

CVE-2026-40035

creationtimestamp| type| source ---|---|--- 2026-04-08 22:50:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mizexd466p2t 2026-04-09 01:28:04+00:00| published-proof-of-concept| Telegram/ppPYRB7DfIS8K7XD1dDGxWPkeD0WXLmtAHjzWOZBPf3GFDk 2026-04-09 01:30:30+00:00| seen|...

9.3CVSS4.9AI score0.00557EPSS
Exploits1References7
Circl
Circladded 2026/04/08 10:47 p.m.2 views

CVE-2026-3199

creationtimestamp| type| source ---|---|--- 2026-04-08 22:47:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mizeqrzleb25 2026-04-09 00:00:42+00:00| seen| https://infosec.exchange/users/offseq/statuses/116371806078783632 2026-04-09 00:00:44+00:00| seen|...

9.4CVSS4.8AI score0.00359EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/08 10:16 p.m.17 views

CVE-2026-3438 Nexus Repository 3 - Reflected Cross-Site Scripting (XSS) in ?describe Pages

A reflected cross-site scripting vulnerability exists in Sonatype Nexus Repository versions 3.0.0 through 3.90.2 that allows unauthenticated remote attackers to execute arbitrary JavaScript in a victim's browser through a specially crafted URL. Exploitation requires user interaction...

5.1CVSS0.00465EPSS
Exploits0References2
CVE
CVEadded 2026/04/08 10:16 p.m.23 views

CVE-2026-3438

CVE-2026-3438 affects Sonatype Nexus Repository 3.x (versions 3.0.0 through 3.90.2). It is a reflected cross-site scripting vulnerability that lets unauthenticated remote attackers execute arbitrary JavaScript in a victim’s browser via a specially crafted URL. Exploitation requires user interacti...

5.1CVSS6.1AI score0.00465EPSS
Exploits0References2
Circl
Circladded 2026/04/08 10:6 p.m.1 views

CVE-2026-39362

creationtimestamp| type| source ---|---|--- 2026-04-08 22:06:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mizciim22d2g 2026-04-20 17:20:51+00:00| seen| Telegram/GfeUhnyJYShCjvs7rm1XQAQJnKqowYjnl2h2DVxLAV4-eNA...

7.1CVSS5.3AI score0.00233EPSS
Exploits0References1
Circl
Circladded 2026/04/08 9:57 p.m.2 views

CVE-2026-34724

creationtimestamp| type| source ---|---|--- 2026-04-08 21:57:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mizbxtsm2b22 2026-04-09 01:26:43+00:00| published-proof-of-concept| Telegram/LyxiOFuM6k6JRrVhGkcWrU8R1Vj8dluNTy4xGDA54CBUTMw 2026-04-09 15:00:04+00:00|...

8.7CVSS5.3AI score0.00262EPSS
Exploits0References2
Circl
Circladded 2026/04/08 9:47 p.m.2 views

CVE-2026-35476

creationtimestamp| type| source ---|---|--- 2026-04-08 21:47:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mizbfr3z342o 2026-04-09 01:27:07+00:00| seen| Telegram/CihYo3BrEf6YGxiGwCEATnWAB3StjZgrXU02lSezsa6vAg...

7.2CVSS5.3AI score0.00145EPSS
Exploits0References1
Circl
Circladded 2026/04/08 9:44 p.m.1 views

CVE-2026-35165

creationtimestamp| type| source ---|---|--- 2026-04-08 21:44:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mizbaunxxe22...

6.5CVSS5.3AI score0.00165EPSS
Exploits0References1
Circl
Circladded 2026/04/08 9:41 p.m.1 views

CVE-2026-34837

creationtimestamp| type| source ---|---|--- 2026-04-08 21:41:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mizb4fb2tj2d...

5.3CVSS5.3AI score0.0018EPSS
Exploits0References1
Circl
Circladded 2026/04/08 9:35 p.m.1 views

CVE-2026-34723

creationtimestamp| type| source ---|---|--- 2026-04-08 21:35:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mizaqsxawp2n 2026-04-09 01:26:43+00:00| published-proof-of-concept| Telegram/LyxiOFuM6k6JRrVhGkcWrU8R1Vj8dluNTy4xGDA54CBUTMw...

8.7CVSS5.3AI score0.00443EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/08 9:35 p.m.2 views

CVE-2026-40029

parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK file paths are passed unsanitized into an os.popen shell command, allowing arbitrary command execution via crafted .lnk filenames containing shell metacharacters. An attacker can craft a .lnk filename wi...

8.5CVSS6.2AI score0.00805EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/08 9:35 p.m.17 views

CVE-2026-40029 parseusbs < 1.9 Command Injection via Crafted LNK Filename

parseusbs before 1.9 contains an OS command injection vulnerability in parseUSBs.py where LNK file paths are passed unsanitized into an os.popen shell command, allowing arbitrary command execution via crafted .lnk filenames containing shell metacharacters. An attacker can craft a .lnk filename wi...

8.5CVSS0.00805EPSS
Exploits0References4
EUVD
EUVDadded 2026/04/08 9:33 p.m.5 views

EUVD-2025-209349

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /usbpaswd.asp endpoint...

6.2AI score0.00516EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/08 9:33 p.m.1 views

EUVD-2026-20548

An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary files when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device,...

6.8CVSS6AI score0.00276EPSS
Exploits0References5
EUVD
EUVDadded 2026/04/08 9:33 p.m.3 views

EUVD-2026-20546

An external control of configuration vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary file when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device,...

6.8CVSS6AI score0.00286EPSS
Exploits0References5
EUVD
EUVDadded 2026/04/08 9:33 p.m.7 views

EUVD-2025-209351

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /usergroup.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr...

6.2AI score0.00605EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/08 9:33 p.m.3 views

EUVD-2025-209347

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /urlgroup.asp endpoint...

6.2AI score0.00516EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/08 9:33 p.m.5 views

EUVD-2025-209343

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /urlmember.asp endpoint...

6.2AI score0.00516EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/08 9:33 p.m.4 views

EUVD-2025-209360

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwglbwr.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request in the name, qq, and time parameters...

6.2AI score0.00492EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/08 9:33 p.m.5 views

EUVD-2025-209363

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the httplanport parameter in the /webgl.asp endpoint...

6.2AI score0.00408EPSS
Exploits0References3
Rows per page
Query Builder