Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

49 matches found

Positive Technologies
Positive Technologiesadded 2026/02/17 12:0 a.m.5 views

PT-2026-23535

Name of the Vulnerable Software and Affected Versions OpenClaw versions 2026.1.20 through 2026.2.0 moltbot versions 0.1.0 and earlier Description The Browser Relay /cdp WebSocket endpoint did not require authentication, allowing websites to connect via loopback and access sensitive data. Attacker...

8.1CVSS5.7AI score0.00295EPSS
Exploits0References11
NVD
NVDadded 2026/01/08 4:16 p.m.1 views

CVE-2026-22245

Mastodon is a free, open-source social network server based on ActivityPub. By nature, Mastodon performs a lot of outbound requests to user-provided domains. Mastodon, however, has some protection mechanism to disallow requests to local IP addresses unless specified in ALLOWEDPRIVATEADDRESSES to...

7.5CVSS0.00247EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/01/08 3:23 p.m.20 views

CVE-2026-22245 Mastodon has SSRF Protection bypass

Mastodon is a free, open-source social network server based on ActivityPub. By nature, Mastodon performs a lot of outbound requests to user-provided domains. Mastodon, however, has some protection mechanism to disallow requests to local IP addresses unless specified in ALLOWEDPRIVATEADDRESSES to...

7.1CVSS0.00247EPSS
Exploits0References4
EUVD
EUVDadded 2026/01/08 3:23 p.m.1 views

EUVD-2026-1674

Mastodon is a free, open-source social network server based on ActivityPub. By nature, Mastodon performs a lot of outbound requests to user-provided domains. Mastodon, however, has some protection mechanism to disallow requests to local IP addresses unless specified in ALLOWEDPRIVATEADDRESSES to...

7.1CVSS6AI score0.00247EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2025-24848

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00357EPSS
Exploits0References1
CVE
CVEadded 2025/08/14 4:28 p.m.16 views

CVE-2025-20219

CVE-2025-20219 describes an access control bypass vulnerability in Cisco Secure Firewall ASA and FTD software. The issue stems from improper enforcement of loopback interface access control rules, allowing an unauthenticated, remote attacker to send traffic that should be blocked to a loopback in...

5.3CVSS7.4AI score0.00357EPSS
Exploits0References1
OSV
OSVadded 2021/08/26 3:15 p.m.3 views

CVE-2021-32076

Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2. An attacker can access the 'Web Help Desk Getting Started Wizard', especially the admin account creation page, from a non-privileged IP address network range or loopback address by intercepting the HTT...

5.3CVSS5.8AI score0.01134EPSS
Exploits0References2
OSV
OSVadded 2019/05/13 1:29 p.m.1 views

CVE-2018-12301

Unvalidated URL in Download Manager in Seagate NAS OS version 4.3.15.1 allows attackers to access the loopback interface via a Download URL of 127.0.0.1 or localhost...

7.5CVSS5.8AI score0.01408EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2018/10/30 10:4 a.m.4 views

kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial-of-service

A flaw was found in the Linux kernel's handling of loopback devices. An attacker, who has permissions to setup loopback disks, may create a denial of service or other unspecified actions...

7.8CVSS7AI score0.00374EPSS
Exploits0References4
Rows per page
Query Builder