CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

159 matches found

RedhatCVE•added 2026/02/12 1:4 a.m.•9 views

CVE-2025-70297

A stored cross-site scripting XSS vulnerability in the recipe asset upload and media serving component in Mealie 3.3.1 allows remote authenticated users to inject arbitrary web script or HTML via an uploaded SVG file that is served as image/svg+xml and rendered by a victim s browser...

6.1CVSS5.4AI score0.00183EPSS

Exploits1References1

RedhatCVE•added 2026/02/12 1:4 a.m.•6 views

CVE-2025-70296

A stored HTML injection vulnerability in the Recipe Notes rendering component in Mealie 3.3.1 allows remote authenticated users to inject arbitrary HTML, resulting in user interface redressing within the recipe view...

5.4CVSS5.8AI score0.0023EPSS

Exploits1References1

OSV•added 2026/02/11 7:15 p.m.•5 views

CVE-2025-70296

5.4CVSS5.8AI score0.0023EPSS

Exploits1References3

OSV•added 2026/02/11 7:15 p.m.•4 views

CVE-2025-70297

6.1CVSS5.5AI score0.00183EPSS

Exploits1References2

NVD•added 2026/02/11 7:15 p.m.•7 views

CVE-2025-70297

6.1CVSS0.00183EPSS

Exploits1References2

NVD•added 2026/02/11 7:15 p.m.•6 views

CVE-2025-70296

5.4CVSS0.0023EPSS

Exploits1References3

CNNVD•added 2026/02/11 12:0 a.m.•3 views

Mealie 安全漏洞

Mealie is a self-hosted recipe manager and meal planner developed by Hayden in the United States. Version 3.3.1 of Mealie contains a security vulnerability. This vulnerability stems from the use of storage-oriented cross-site scripting in the recipe asset upload and media service components. It m...

6.1CVSS5.8AI score0.00183EPSS

Exploits1References2

Cvelist•added 2026/02/11 12:0 a.m.•22 views

CVE-2025-70296

0.0023EPSS

Exploits1References3

Cvelist•added 2026/02/11 12:0 a.m.•23 views

CVE-2025-70297

0.00183EPSS

Exploits1References2

Positive Technologies•added 2026/02/11 12:0 a.m.•5 views

PT-2026-7650

5.4AI score0.00183EPSS

Exploits1References3

Positive Technologies•added 2026/02/11 12:0 a.m.•4 views

PT-2026-7638

5.8AI score0.0023EPSS

Exploits1References4

ATTACKERKB•added 2026/02/11 12:0 a.m.•4 views

CVE-2025-70297

5.4AI score0.00183EPSS

Exploits1References3

Vulnrichment•added 2026/02/11 12:0 a.m.•5 views

CVE-2025-70296

5.8AI score0.0023EPSS

Exploits1References3

CVE•added 2026/02/11 12:0 a.m.•13 views

CVE-2025-70296

CVE-2025-70296 is a stored HTML injection in Mealie 3.3.1’s Recipe Notes rendering component. Remote authenticated users can inject arbitrary HTML, causing user interface redressing in the recipe view. Descriptions across multiple sources confirm the vulnerability and affected version; one connec...

5.4CVSS5.8AI score0.0023EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2026/02/11 12:0 a.m.•3 views

CVE-2025-70297

5.4AI score0.00183EPSS

Exploits1References2

ATTACKERKB•added 2026/02/11 12:0 a.m.•3 views

CVE-2025-70296

5.8AI score0.0023EPSS

Exploits1References4

CNNVD•added 2026/02/11 12:0 a.m.•7 views

Mealie 安全漏洞

Mealie is a self-hosted recipe manager and meal planner developed by Hayden from the United States. Version 3.3.1 of Mealie contains a security vulnerability, which stems from a storage-type HTML injection in the Recipe Notes rendering component, potentially leading to user interface spoofing...

5.4CVSS5.8AI score0.0023EPSS

Exploits1References3

CVE•added 2026/02/11 12:0 a.m.•10 views

CVE-2025-70297

Mealie 3.3.1 contains a stored XSS in the recipe asset upload and media serving component. Remote authenticated users can inject arbitrary scripts via an uploaded SVG file served as image/svg+xml and rendered in a victim’s browser. The reports across NVD/Red Hat/OSV indicate the vulnerability aff...

6.1CVSS5.4AI score0.00183EPSS

Exploits1References2Affected Software1