CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21346 matches found

RedhatCVE•added 2026/06/05 7:24 p.m.•7 views

CVE-2026-44392

Missing authorization vulnerability exists in Movable Type. Under certain conditions, when a user without administrator privileges signs in to the product, unintended update processing may be executed...

5.3CVSS5.4AI score0.00249EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:20 p.m.•8 views

CVE-2026-41454

WeKan before 8.35 contains a missing authorization vulnerability in the Integration REST API endpoints that allows authenticated board members to perform administrative actions without proper privilege verification. Attackers can enumerate integrations including webhook URLs, create new...

8.7CVSS5.5AI score0.00274EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:20 p.m.•6 views

CVE-2026-32658

Dell Automation Platform versions prior to 2.0.0.0, contains a missing authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...

8.8CVSS5.5AI score0.00235EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:19 p.m.•9 views

CVE-2026-5200

The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 10.8.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. Thi...

8.8CVSS5.5AI score0.00336EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:18 p.m.•8 views

CVE-2026-45209

Missing Authorization vulnerability in edwardplainview MyCryptoCheckout allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MyCryptoCheckout: from n/a through 2.161...

7.5CVSS5.4AI score0.00305EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:18 p.m.•5 views

CVE-2026-45438

Missing Authorization vulnerability in WebToffee Smart Coupons for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Smart Coupons for WooCommerce: from n/a before 2.3.0...

7.5CVSS5.4AI score0.00289EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:16 p.m.•4 views

CVE-2026-42377

Missing Authorization vulnerability in Brainstorm Force SureForms Pro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SureForms Pro: from n/a through 2.8.0...

7.3CVSS5.4AI score0.00229EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:16 p.m.•6 views

CVE-2026-42669

Missing Authorization vulnerability in EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects EventPrime: from n/a through 4.3.2.0...

7.5CVSS5.4AI score0.00202EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:16 p.m.•6 views

CVE-2026-42675

Missing Authorization vulnerability in Themefic Hydra Booking allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hydra Booking: from n/a through 1.1.41...

7.3CVSS5.4AI score0.00178EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:16 p.m.•7 views

CVE-2026-42677

Missing Authorization vulnerability in Ben Balter WP Document Revisions allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Document Revisions: from n/a before 4.0.0...

7.5CVSS5.4AI score0.00232EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:16 p.m.•7 views

CVE-2026-42682

Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects wpForo Forum: from n/a through 3.0.6...

9.1CVSS5.4AI score0.00291EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:14 p.m.•8 views

CVE-2026-4326

The Vertex Addons for Elementor plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.6.4. This is due to improper authorization enforcement in the activaterequiredplugins function. Specifically, the currentusercan'installplugins' capability check does...

8.8CVSS5.9AI score0.00578EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:13 p.m.•9 views

CVE-2026-39432

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53...

8.2CVSS5.4AI score0.00244EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:10 p.m.•6 views

CVE-2026-8350

Concrete CMS 9.5.0 and below is vulnerable to missing authorization in the bulkuserassignment.php which can lead to privilege escalation to Administrative Group. Any authenticated user with access to the bulk user assignment dashboard page can add any user email to any group and can remove...

8.8CVSS5.5AI score0.00301EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 6:49 p.m.•6 views

CVE-2024-47268

Missing authorization vulnerability in AddOns functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to obtain sensitive information via unspecified vectors...

4.9CVSS5.5AI score0.0034EPSS

Exploits0References1

NVD•added 2026/06/05 3:16 p.m.•13 views

CVE-2026-6209

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Exploits0

Patchstack•added 2026/06/05 2:25 p.m.•8 views

WordPress Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin <= 6.6.4 - Missing Authorization to Unauthenticated Information Exposure vulnerability

Missing Authorization to Unauthenticated Information Exposure vulnerability discovered by Anirudh Makkar in WordPress Plugin Essential Addons for Elementor versions = 6.6.4...

5.3CVSS5.5AI score0.00322EPSS

Exploits1References1Affected Software1