CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1184 matches found

CVE-2026-2325

Mattermost versions 11.5.x = 11.5.1, 10.11.x = 10.11.13, 11.4.x = 11.4.3 fail to limit the size of the request body on the start meeting API endpoint, which allows an authenticated attacker to cause resource exhaustion or denial of service via a crafted oversized HTTP POST request to...

6.5CVSS5.5AI score0.00047EPSS

Exploits0References1

RedhatCVE•added 2 days ago•5 views

CVE-2026-20233

A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. Cisco has addressed this vulnerability in the Webex Meetings service, and no customer action is needed. This vulnerability...

6.1CVSS5.8AI score0.0002EPSS

Exploits0References1

NVD•added 4 days ago•6 views

CVE-2026-20233

6.1CVSS0.0002EPSS

Exploits0References1

EUVD•added 4 days ago•5 views

EUVD-2026-34135

6.1CVSS6AI score0.0002EPSS

Exploits0References1

Vulnrichment•added 4 days ago•6 views

CVE-2026-20233 Cisco Webex Meetings Cross-Site Scripting Vulnerability

6.1CVSS6AI score0.0002EPSS

Exploits0References1

Cvelist•added 4 days ago•33 views

CVE-2026-20233 Cisco Webex Meetings Cross-Site Scripting Vulnerability

6.1CVSS0.0002EPSS

Exploits0References1

CVE•added 4 days ago•15 views

CVE-2026-20233

Cisco Webex Meetings web UI vulnerable to cross-site scripting (XSS) due to insufficient input validation. Exploitation requires a user to follow a malicious link, enabling arbitrary script execution in the target’s browser and potential access to browser-based information. Affected: web-based us...

6.1CVSS6AI score0.0002EPSS

Exploits0References1

ATTACKERKB•added 4 days ago•5 views

CVE-2026-20233

6.1CVSS6AI score0.0002EPSS

Exploits0References2Affected Software1

Cisco•added 4 days ago•6 views

Cisco Webex Meetings Cross-Site Scripting Vulnerability

6.1CVSS6AI score0.0002EPSS

Exploits0References1

Positive Technologies•added 4 days ago•9 views

PT-2026-45988

Name of the Vulnerable Software and Affected Versions Cisco Webex Meetings affected versions not specified Description Insufficient validation of user input in the web-based user interface allows an unauthenticated remote attacker to conduct a cross-site scripting XSS attack. An attacker could...

6.1CVSS6AI score0.0002EPSS

Exploits0References5

Snyk•added 2026/05/18 9:31 a.m.•0 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the start meeting API endpoint when the size of the request body is not limited. An attacker can exhaust system resources or disrupt service availability by sending crafted...

7.1CVSS5.5AI score0.00047EPSS

Exploits0References2

Vulnrichment•added 2026/05/18 6:51 a.m.•4 views

CVE-2026-2325 Improper Input Validation in MS Teams Meetings API Handler

4.3CVSS5.8AI score0.00047EPSS

Exploits0References1

ATTACKERKB•added 2026/05/18 6:51 a.m.•5 views

CVE-2026-2325

4.3CVSS5.8AI score0.00047EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/05/18 6:51 a.m.•28 views

CVE-2026-2325 Improper Input Validation in MS Teams Meetings API Handler

4.3CVSS0.00047EPSS

Exploits0References1

CVE•added 2026/05/18 6:51 a.m.•11 views

CVE-2026-2325

CVE-2026-2325 affects Mattermost versions 11.5.x up to 11.5.1, 10.11.x up to 10.11.13, and 11.4.x up to 11.4.3. The issue is an improper input validation where the start meeting API endpoint (/api/v1/meetings) does not limit the request body size, enabling an authenticated attacker to cause resou...

6.5CVSS5.8AI score0.00047EPSS

Exploits0References1Affected Software1

CNNVD•added 2026/04/20 12:0 a.m.•5 views

OpenProject 安全漏洞

OpenProject is an open-source web-based project management software. Versions of OpenProject prior to 17.3.0 had security vulnerabilities. These vulnerabilities stemmed from the ability of users with manage-agendas permissions to insert agenda items into meetings of arbitrary projects, potentiall...

7.1CVSS5.9AI score0.00033EPSS

Exploits1References1

Cvelist•added 2026/04/15 4:3 p.m.•12 views

CVE-2026-20184 Cisco Webex Meetings Certificate Validation Vulnerability

A vulnerability in the integration of single sign-on SSO with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service. This vulnerability existed because of improper certificate validation. Prior to this vulnerability...

9.8CVSS0.00046EPSS

Exploits0References1

Vulnrichment•added 2026/04/15 4:3 p.m.•1 views

CVE-2026-20184 Cisco Webex Meetings Certificate Validation Vulnerability

9.8CVSS5.9AI score0.00046EPSS

Exploits0References1

CVE•added 2026/04/15 4:3 p.m.•89 views

CVE-2026-20184

CVE-2026-20184 affects Cisco Webex Services via the SSO integration with Control Hub. Root cause: improper certificate validation in the SSO/token handling path. Exploitation could allow an unauthenticated, remote attacker to impersonate any user when connecting to a service endpoint with a craft...

9.8CVSS5.9AI score0.00046EPSS

Exploits0References1

Schneier on Security•added 2026/04/03 11:8 a.m.•3 views

Company that Secretly Records and Publishes Zoom Meetings

WebinarTV searches the internet for public Zoom invites, joins the meetings, secretly records them, and publishes alternate link the recordings. It doesn't use the Zoom record feature, so Zoom can't do anything about it...

5.9AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by