Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/04/16 10:44 a.m.2 views

SUSE-SU-2026:1399-1 Security update for cups

This update for cups fixes the following issue: - CVE-2026-34990: Local print admin token disclosure using temporary printers bsc1261568...

7.8CVSS5.8AI score0.00005EPSS
Exploits1References3
AlpineLinux
AlpineLinuxadded 2026/04/03 9:14 p.m.2 views

CVE-2026-34990

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local ... token. That...

7.8CVSS6.2AI score0.00005EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/03/31 11:17 a.m.0 views

CVE-2026-32970

OpenClaw before 2026.3.11 contains a credential fallback vulnerability where unavailable local gateway.auth.token and gateway.auth.password SecretRefs are treated as unset, allowing fallback to remote credentials in local mode. Attackers can exploit misconfigured local auth references to cause CL...

2.5CVSS5.9AI score0.0002EPSS
Exploits0References3
Snyk
Snykadded 2026/03/27 5:21 p.m.3 views

Improper Authentication

Overview Affected versions of this package are vulnerable to Improper Authentication due to improper validation of authentication tokens in the incus webui process. An attacker can gain unauthorized access to the user's Incus instances and potentially escalate privileges by interacting with the...

8.8CVSS5.9AI score0.00028EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/02/23 5:32 a.m.4 views

CVE-2026-2974

A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability affects unknown code of the file sharedprefs/aliasvault.xml of the component Backup Handler. The manipulation of the argument accessToken/refreshToken/metadata/keyderivationparams/authmethods leads to...

2.5CVSS4.1AI score0.00012EPSS
Exploits0References9
EUVD
EUVDadded 2025/11/12 4:29 a.m.1 views

EUVD-2025-111143

Malicious code in mini-css-extract-plugin-commitlint-config-angular-local-jwt npm...

6.6AI score
Exploits0
OSV
OSVadded 2023/10/27 7:15 p.m.1 views

CVE-2023-46290

Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain a local Windows OS user token through the FactoryTalk® Services Platform web service and then use the token to log in into FactoryTalk® Services Platform . This vulnerability can only be exploited if...

8.1CVSS5.8AI score
Exploits0References1
OSV
OSVadded 2021/12/20 2:54 p.m.5 views

SUSE-RU-2021:4126-1 Recommended update for samba

This update for samba fixes the following issues: The username map advice from the CVE-2020-25717 advisory note has undesired side effects for the local nt token. Fallback to a SID/UID based mapping if the name based lookup fails bsc1192849...

8.5CVSS7.9AI score0.00517EPSS
Exploits0References3
Rows per page
Query Builder