CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

58819 matches found

Circl•added 2026/05/22 6:20 a.m.•5 views

CVE-2026-46595

creationtimestamp| type| source ---|---|--- 2026-05-22 06:20:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmgc4lusjl2k...

10CVSS5.8AI score0.00052EPSS

Exploits0References1

Circl•added 2026/05/22 6:16 a.m.•5 views

CVE-2026-46597

creationtimestamp| type| source ---|---|--- 2026-05-22 06:16:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmgbwgulo32c...

7.5CVSS5.8AI score0.00054EPSS

Exploits0References1

Circl•added 2026/05/22 6:15 a.m.•3 views

CVE-2026-46598

creationtimestamp| type| source ---|---|--- 2026-05-22 06:15:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmgbtjxtaj2k...

5.3CVSS5.8AI score0.0005EPSS

Exploits0References1

Circl•added 2026/05/22 6:10 a.m.•4 views

GHSA-JQQ5-8PX3-9M6M

creationtimestamp| type| source ---|---|--- 2026-05-22 06:10:50+00:00| seen| https://gist.github.com/alon710/1dd7eb9b2d2403233c4fe934b5852750...

5.8AI score

Exploits0References1

Circl•added 2026/05/22 5:32 a.m.•4 views

CVE-2026-6391

creationtimestamp| type| source ---|---|--- 2026-05-22 05:32:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mmg7gqbumh2l...

6.1CVSS5.8AI score0.0002EPSS

Exploits0References1

Circl•added 2026/05/22 2:48 a.m.•3 views

CVE-2026-8245

creationtimestamp| type| source ---|---|--- 2026-05-22 02:48:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmfwclbti72p...

6CVSS5.8AI score0.00022EPSS

Exploits0References1

EUVD•added 2026/05/22 12:31 a.m.•7 views

EUVD-2026-31380

Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via external-link page cvName because updateCollectionAliasExternal bypasses being sanitized. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.0 with...

2CVSS5.8AI score0.00022EPSS

Exploits0References2

Positive Technologies•added 2026/05/22 12:0 a.m.•6 views

PT-2026-42791

Improper input validation in the external authentication provider flow in Devolutions Server allows an unauthenticated remote attacker to redirect victims to an attacker-controlled domain via a crafted login link. This issue affects : Devolutions Server 2026.1.6.0 through 2026.1.16.0 Devolutions...

5.8AI score0.00064EPSS

Exploits0References1

Positive Technologies•added 2026/05/22 12:0 a.m.•9 views

PT-2026-42832

Name of the Vulnerable Software and Affected Versions TP-Link range extenders affected versions not specified Description An authentication logic flaw allows an unauthenticated attacker on an adjacent network to reset the administrator password due to insufficient validation of a login parameter...

8.8CVSS5.8AI score0.00049EPSS

Exploits0References15

Tenable Nessus•added 2026/05/22 12:0 a.m.•5 views

Fedora 44 : cockpit (2026-ac9d9c87c8)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ac9d9c87c8 advisory. Automatic update for cockpit-362-1.fc44. Changelog for cockpit Wed May 20 2026 Packit - 362-1 - Bug fixes and translation updates - Fix arbitrary code...

8CVSS7.6AI score0.00275EPSS

Exploits0References2

Positive Technologies•added 2026/05/22 12:0 a.m.•5 views

PT-2026-42752

Name of the Vulnerable Software and Affected Versions Sync-in versions prior to 2.3 Description An issue exists in the URL download feature where the private IP blocklist regex fails to match IPv4-mapped IPv6 addresses, such as ::ffff:127.0.0.1. On dual-stack systems, Node.js may report a socket'...

7.7CVSS5.5AI score

Exploits0References6

Tenable Nessus•added 2026/05/22 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: velocity-tools (UTSA-2026-016718)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016718 advisory. The default error page for VelocityView in Apache Velocity Tools prior to 3.1 reflects back the vm file that was entered as part of the URL. An attacker can set an X...

6.1CVSS6.8AI score0.03207EPSS

Exploits0References4

CNNVD•added 2026/05/22 12:0 a.m.•6 views

BentoML 后置链接漏洞

BentoML is an open-source model service library developed by BentoML. It is used to build high-performance and scalable artificial intelligence applications using Python. Versions of BentoML prior to 1.4.38 contained a post-link vulnerability. This vulnerability stemmed from the fact that the bui...

5.5CVSS5.8AI score0.00003EPSS

Exploits1References4

Circl•added 2026/05/21 11:17 p.m.•3 views

CVE-2026-8414

creationtimestamp| type| source ---|---|--- 2026-05-21 23:17:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmfkjd6ocp2q...

8.8CVSS5.8AI score0.00019EPSS

Exploits0References1

Circl•added 2026/05/21 10:48 p.m.•3 views

CVE-2026-8411

creationtimestamp| type| source ---|---|--- 2026-05-21 22:48:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmfiubuila2q...

8.8CVSS5.8AI score0.00019EPSS

Exploits0References1

NVD•added 2026/05/21 10:16 p.m.•7 views

CVE-2026-8139

5.4CVSS0.00022EPSS

Exploits0References1

Vulnrichment•added 2026/05/21 9:45 p.m.•5 views

CVE-2026-8139 Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via external-link page cvName

2CVSS5.8AI score0.00022EPSS

Exploits0References1

CVE•added 2026/05/21 9:45 p.m.•14 views

CVE-2026-8139

Concrete CMS versions 9.5.0 and earlier are vulnerable to stored XSS on the external-link page cvName due to updateCollectionAliasExternal bypassing sanitization. The issue is triggered by the sanitize bypass in updateCollectionAliasExternal, enabling stored scripts delivered to users. Affected p...

5.4CVSS5.8AI score0.00022EPSS

Exploits0References1Affected Software1