Lucene search
+L

63178 matches found

Circl
Circl
added 3 days ago5 views

CVE-2026-45533

creationtimestamp| type| source ---|---|--- 2026-07-16 00:48:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqpzaxejrl2h...

8.3CVSS6.1AI score0.00313EPSS
Exploits0References1
Circl
Circl
added 3 days ago9 views

CVE-2026-50289

creationtimestamp| type| source ---|---|--- 2026-07-16 00:10:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqpx3jzg5o2p 2026-07-16 00:35:08+00:00| published-proof-of-concept| https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-5xpp-75jx-m839...

8.7CVSS4.8AI score0.02076EPSS
Exploits0References4
Circl
Circl
added 3 days ago7 views

CVE-2026-54466

creationtimestamp| type| source ---|---|--- 2026-07-16 00:08:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqpwxxsieh2w 2026-07-17 23:45:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mquwndmen52g...

9.2CVSS4.8AI score0.00445EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 3 days ago11 views

PT-2026-60569

WireGuard Easy through 15.3.0, fixed in commit 66b292b, contains a cryptographically weak one-time link token generation vulnerability that allows unauthenticated network attackers to recover WireGuard peer credentials by brute-forcing a keyspace of at most 1000 candidate tokens per client ID, as...

9.3CVSS6.1AI score0.00238EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 3 days ago8 views

Linux Distros Unpatched Vulnerability : CVE-2026-50526

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper link resolution before file access 'link following' in .NET allows an authorized attacker to perform tampering locally. CVE-2026-50526 Note that Nessus...

7CVSS5.3AI score0.00159EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 3 days ago6 views

Python Library yt-dlp < 2026.7.4 Command Injection

The detected version of the yt-dlp Python package is prior to 2026.7.4. It is, therefore, affected by a command injection vulnerability. yt-dlp and youtube-dl are command-line audio/video downloaders. Prior to 2026.7.4, the --write-link, --write-url-link, and --write-desktop-link options can writ...

8.8CVSS5.5AI score0.0064EPSS
Exploits0References2
Circl
Circl
added 4 days ago6 views

CVE-2026-40954

creationtimestamp| type| source ---|---|--- 2026-07-15 22:00:34+00:00| seen| https://bsky.app/profile/euvd-bot.bsky.social/post/3mqpptyijcs2m...

3.7CVSS6.1AI score0.00201EPSS
Exploits0References1
Circl
Circl
added 4 days ago6 views

CVE-2026-33443

creationtimestamp| type| source ---|---|--- 2026-07-15 22:00:27+00:00| seen| https://bsky.app/profile/euvd-bot.bsky.social/post/3mqpptrjhnh2e...

7.1CVSS6.1AI score0.00213EPSS
Exploits0References1
Circl
Circl
added 4 days ago8 views

CVE-2026-33445

creationtimestamp| type| source ---|---|--- 2026-07-15 22:00:24+00:00| seen| https://bsky.app/profile/euvd-bot.bsky.social/post/3mqpptodexj2v 2026-07-16 00:08:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqpwzgq2ev2u 2026-07-17 09:37:07+00:00| seen|...

8.7CVSS4.8AI score0.00236EPSS
Exploits0References3
Circl
Circl
added 4 days ago6 views

CVE-2026-52870

creationtimestamp| type| source ---|---|--- 2026-07-15 21:00:25+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqpmifoxio25...

7.6CVSS6.1AI score0.00223EPSS
Exploits0References1
Circl
Circl
added 4 days ago8 views

CVE-2026-40952

creationtimestamp| type| source ---|---|--- 2026-07-15 21:00:14+00:00| seen| https://bsky.app/profile/euvd-bot.bsky.social/post/3mqpmi4bypn2i...

8.5CVSS6.1AI score0.00094EPSS
Exploits0References1
Circl
Circl
added 4 days ago7 views

CVE-2026-12997

creationtimestamp| type| source ---|---|--- 2026-07-15 20:57:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqpmceqwmg2m 2026-07-16 06:01:01+00:00| seen| https://bsky.app/profile/pulse-wp.com/post/3mqqkp3t52c2u...

7.5CVSS6.1AI score0.00619EPSS
Exploits0References2
Circl
Circl
added 4 days ago5 views

CVE-2026-46684

creationtimestamp| type| source ---|---|--- 2026-07-15 20:48:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqplsfbiqb2l 2026-07-16 00:24:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqpxv6enic2a 2026-07-18 04:16:04+00:00| seen|...

9.5CVSS4.8AI score0.00193EPSS
Exploits0References3
Circl
Circl
added 4 days ago5 views

CVE-2026-62350

creationtimestamp| type| source ---|---|--- 2026-07-15 20:40:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqplfhvrnj2i...

7.2CVSS6.1AI score0.0037EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-45738 Argo CD: Stored XSS in application link annotations enables developer-to-admin privilege escalation

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to 3.2.12, 3.3.10, and 3.4.2, Argo CD users with application write access can set link.argocd.argoproj.io/ annotations whose pipe-separated values are rendered by...

7.3CVSS0.00312EPSS
Exploits0References7
CVE
CVE
added 4 days ago15 views

CVE-2026-45738

CVE-2026-45738 : Argo CD contains a Stored XSS in link.argocd.argoproj.io/* annotations that can be rendered as anchor href values in the Summary tab, enabling javascript: execution for a higher-privileged user in the origin session when there is application write access. This is fixed in Argo CD...

7.3CVSS6.2AI score0.00312EPSS
Exploits0References7
OSV
OSV
added 4 days ago3 views

CVE-2026-45738 Argo CD: Stored XSS in application link annotations enables developer-to-admin privilege escalation

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to 3.2.12, 3.3.10, and 3.4.2, Argo CD users with application write access can set link.argocd.argoproj.io/ annotations whose pipe-separated values are rendered by...

7.3CVSS6.2AI score0.00312EPSS
Exploits0References9
Circl
Circl
added 4 days ago5 views

CVE-2026-50552

creationtimestamp| type| source ---|---|--- 2026-07-15 19:31:25+00:00| seen| https://gist.github.com/alon710/0bc2e259381309bd98ca630012fce3cb 2026-07-15 20:35:05+00:00| published-proof-of-concept| https://github.com/koel/koel/security/advisories/GHSA-jr4p-4xjh-fwvw...

6.3CVSS6.1AI score0.0016EPSS
Exploits0References2
CVE
CVE
added 4 days ago13 views

CVE-2026-12997

Summary of CVE-2026-12997 : The Gravity Forms plugin for WordPress is vulnerable to a Directory Traversal flaw in all versions up to and including 2.10.4, exploitable via the gform_uploaded_files parameter. An unauthenticated attacker can read arbitrary server files containing sensitive informati...

7.5CVSS6.2AI score0.00619EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-44760

Dashy is a self-hostable personal dashboard. From 1.9.4 until 3.2.0, the Dashy RSS Widget in src/components/Widgets/RssFeed.vue does not sanitize RSS item link values before rendering feed item titles and Read More links as anchor href attributes, allowing an attacker-controlled feed to provide a...

5.9CVSS6.1AI score0.00229EPSS
Exploits0References2
Rows per page
Query Builder