CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

841 matches found

EUVD-2026-37882

UBB.threads is vulnerable to Stored XSS via user posts and user profile fields. The application fails to properly sanitize user input, allowing low privileged attackers to inject arbitrary JavaScript that executes in a victim's browser upon viewing. Because vendor contact attempts were...

5.1CVSS5.3AI score0.00293EPSS

Exploits0References2

Cvelist•added 4 days ago•26 views

CVE-2026-35067

Dell PowerFlex Manager, versions Versions, contains an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access...

5.7CVSS0.00133EPSS

Exploits0References1

NVD•added 4 days ago•5 views

CVE-2026-46959

Vulnerability in the Oracle Subledger Accounting product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Subledge...

7.5CVSS0.00311EPSS

Exploits0References1

NVD•added 4 days ago•4 views

CVE-2026-46961

Vulnerability in the Oracle Project Portfolio Analysis product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

8.8CVSS0.00402EPSS

Exploits0References1

NVD•added 4 days ago•5 views

CVE-2026-46963

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

9.9CVSS0.00402EPSS

Exploits0References1

NVD•added 4 days ago•5 views

CVE-2026-46911

Vulnerability in the JD Edwards EnterpriseOne Project Costing product of Oracle JD Edwards component: Job Costing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via JDENET to compromise JD Edwards EnterpriseOne...

9.6CVSS0.00337EPSS

Exploits0References1

NVD•added 4 days ago•4 views

CVE-2026-35324

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware component: Content Server. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

8.8CVSS0.00402EPSS

Exploits0References1

NVD•added 4 days ago•4 views

CVE-2026-35303

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise WebLogic Server. Successful...

8.8CVSS0.00402EPSS

Exploits0References1

Positive Technologies•added 5 days ago•6 views

PT-2026-50048

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

8.8CVSS5.3AI score0.00402EPSS

Exploits0References2

Positive Technologies•added 5 days ago•8 views

PT-2026-49850

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.8 Description An issue exists in the Shared Folders component of Oracle VM VirtualBox. A low-privileged attacker with logon access to the infrastructure where the software executes can compromise the system...

7.5CVSS5.9AI score0.0012EPSS

Exploits0References3

Positive Technologies•added 5 days ago•8 views

PT-2026-49946

Name of the Vulnerable Software and Affected Versions Oracle WebCenter Portal version 12.2.1.4.0 Oracle WebCenter Portal version 14.1.2.0.0 Description An issue exists in the Security Framework component of the Oracle WebCenter Portal product of Oracle Fusion Middleware. A low privileged attacker...

9.9CVSS5.9AI score0.00402EPSS

Exploits0References4

Positive Technologies•added 5 days ago•10 views

PT-2026-49978

Name of the Vulnerable Software and Affected Versions MySQL Shell Shell for VS Code version 2026.2.0+9.6.1 Description An issue in the Shell for VS Code component of MySQL Shell allows a low-privileged attacker with network access via multiple protocols to compromise the software. Although the fl...

8.5CVSS5.8AI score0.00301EPSS

Exploits0References4

Positive Technologies•added 5 days ago•10 views

PT-2026-49874

8.8CVSS5.3AI score0.00402EPSS

Exploits0References2

Positive Technologies•added 5 days ago•8 views

PT-2026-50058

7.5CVSS5.3AI score0.00311EPSS

Exploits0References2

RedhatCVE•added 2026/06/10 9:4 p.m.•7 views

CVE-2026-48301

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

5.4CVSS5.4AI score0.00224EPSS

Exploits0References1

RedhatCVE•added 2026/06/10 9:3 p.m.•7 views

CVE-2026-47990

5.4CVSS5.4AI score0.00224EPSS

Exploits0References1

RedhatCVE•added 2026/06/10 9:3 p.m.•8 views

CVE-2026-47975

5.4CVSS5.4AI score0.00224EPSS

Exploits0References1

RedhatCVE•added 2026/06/10 9:3 p.m.•7 views

CVE-2026-47956