CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Cvelist•added 2025/12/23 10:51 p.m.•23 views

CVE-2025-68669 5ire vulnerable to Remote Code Execution (RCE) via mermaid

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. In versions 0.15.2 and prior, an RCE vulnerability exists in useMarkdown.ts, where the markdown-it-mermaid plugin is initialized with securityLevel: 'loose'. This configuration explicitly permits...

9.6CVSS0.00087EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-6554

Malware in sbrugna...

6.1CVSS6.2AI score0.00143EPSS

Exploits0References3

RedhatCVE•added 2025/05/22 8:14 a.m.•6 views

CVE-2019-15586

A XSS exists in Gitlab CE/EE 12.1.10 in the Mermaid plugin...

6.1CVSS5.9AI score0.00143EPSS

Exploits0References1

Vulnrichment•added 2024/12/01 9:23 p.m.•22 views

CVE-2024-53748 WordPress WP Mermaid plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Terry Lin WP Mermaid allows Stored XSS.This issue affects WP Mermaid: from n/a through 1.0.2...

6.5CVSS6.8AI score0.00156EPSS

Exploits0References1

Cvelist•added 2024/12/01 9:23 p.m.•20 views

CVE-2024-53748 WordPress WP Mermaid plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Terry L. WP Mermaid wp-mermaid allows Stored XSS.This issue affects WP Mermaid: from n/a through = 1.0.2...

6.5CVSS0.00156EPSS

Exploits0References1

Patchstack•added 2024/11/28 12:0 p.m.•4 views

WordPress WP Mermaid plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin WP Mermaid versions = 1.0.2...

6.5CVSS6.1AI score0.00156EPSS

Exploits0Affected Software1

CNVD•added 2020/02/20 12:0 a.m.•2 views

GitLab Mermaid plugin cross-site scripting vulnerability

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A cross-site scripting vulnerability exists in the Mermai...

6.1CVSS6.3AI score0.00143EPSS

Exploits0References1

NVD•added 2020/01/28 3:15 a.m.•14 views

CVE-2019-15586

A XSS exists in Gitlab CE/EE 12.1.10 in the Mermaid plugin...

6.1CVSS5.9AI score0.00143EPSS

Exploits0References2

OSV•added 2020/01/28 3:15 a.m.•15 views

CVE-2019-15586

A XSS exists in Gitlab CE/EE 12.1.10 in the Mermaid plugin...

6.1CVSS5.9AI score

Exploits0References2

UbuntuCve•added 2020/01/28 3:15 a.m.•20 views

CVE-2019-15586

A XSS exists in Gitlab CE/EE 12.1.10 in the Mermaid plugin...

6.1CVSS6.3AI score0.00143EPSS

Exploits0References4

Prion•added 2020/01/28 3:15 a.m.•16 views

Cross site scripting

A XSS exists in Gitlab CE/EE 12.1.10 in the Mermaid plugin...

4.3CVSS5.8AI score0.00143EPSS

Exploits0References2Affected Software1

Debian CVE•added 2020/01/28 2:14 a.m.•24 views

CVE-2019-15586

Removed by vendor...

6.1CVSS6.4AI score0.00143EPSS

Exploits0

CVE•added 2020/01/28 2:14 a.m.•81 views

CVE-2019-15586

CVE-2019-15586 is a cross-site scripting vulnerability in the GitLab Mermaid plugin for GitLab CE/EE, affecting versions prior to 12.1.10. The root cause is insufficient validation of client-side data, enabling an attacker to execute arbitrary client-side scripts within affected instances. Practi...

6.1CVSS5.8AI score0.00143EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by