Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

21316 matches found

ATTACKERKB
ATTACKERKBadded 2026/06/04 2:22 p.m.7 views

CVE-2026-5228

Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WriteUp Mobile App: from 1.3.0 through 04062026...

8.8CVSS5.8AI score0.00245EPSS
Exploits0References2Affected Software1
Patchstack
Patchstackadded 2026/06/04 9:20 a.m.5 views

WordPress SP Project & Document Manager plugin <= 4.71 - Missing Authorization to Unauthenticated Arbitrary File Information Disclosure vulnerability

Missing Authorization to Unauthenticated Arbitrary File Information Disclosure vulnerability discovered by Namdn - Vncsglobal in WordPress Plugin SP Project & Document Manager versions = 4.71...

7.5CVSS5.8AI score0.003EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2026/06/04 5:28 a.m.20 views

CVE-2026-49190

Technical details (affected products, vulnerable component, root cause, exploit information) are not provided in the initial document or connected sources. Monitor for updates from official advisories.

9.4CVSS5.8AI score0.00426EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/06/04 5:28 a.m.39 views

CVE-2026-49190 Missing Per-Instruction Authorization Checks

The system fails to evaluate instructional permissions over multiple internal operation codes opcodes, permitting unauthorized application installations or command executions...

9.4CVSS0.00426EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/04 1:26 a.m.37 views

CVE-2026-10737 SP Project & Document Manager <= 4.71 - Missing Authorization to Unauthenticated Arbitrary File Information Disclosure via view_file() Function

The SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the viewfile function in all versions up to, and including, 4.71. This makes it possible for unauthenticated attackers to read file metadata and obtain download links f...

7.5CVSS0.003EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.12 views

PT-2026-46261

Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WriteUp Mobile App: from 1.3.0 through 04062026...

8.8CVSS5.8AI score0.00245EPSS
Exploits0References2
Snyk
Snykadded 2026/06/03 4:25 p.m.5 views

Use of Cache Containing Sensitive Information

Overview Affected versions of this package are vulnerable to Use of Cache Containing Sensitive Information in the UpdateCacheMiddleware function. An attacker can access sensitive cached data by making unauthenticated requests to endpoints that have previously been accessed with an Authorization...

5.9CVSS5.5AI score0.00277EPSS
Exploits0References2
CVE
CVEadded 2026/06/02 6:30 p.m.8 views

CVE-2026-10616

CVE-2026-10616 affects nextlevelbuilder GoClaw up to 3.11.3. The vulnerability resides in TeamTasksTool.executeComplete (internal/tools/team_tasks_lifecycle.go), where a manipulation can lead to missing authorization. The issue can be exploited remotely and the exploit has been made publicly avai...

5.3CVSS5.5AI score0.00206EPSS
Exploits0References6
NVD
NVDadded 2026/06/02 2:16 p.m.8 views

CVE-2026-49782

Missing Authorization vulnerability in Elementor Elementor Website Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elementor Website Builder: from n/a through 4.1.0...

5.4CVSS0.0015EPSS
Exploits0References1
NVD
NVDadded 2026/06/02 2:16 p.m.11 views

CVE-2026-27351

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS0.0017EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/02 2:3 p.m.37 views

CVE-2026-49782 WordPress Elementor Website Builder plugin <= 4.1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Elementor Elementor Website Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elementor Website Builder: from n/a through 4.1.0...

5.4CVSS0.0015EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/06/02 2:3 p.m.7 views

CVE-2026-49782 WordPress Elementor Website Builder plugin <= 4.1.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Elementor Elementor Website Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elementor Website Builder: from n/a through 4.1.0...

5.4CVSS5.8AI score0.0015EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/02 2:3 p.m.7 views

EUVD-2026-33933

Missing Authorization vulnerability in Elementor Elementor Website Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elementor Website Builder: from n/a through 4.1.0...

5.4CVSS5.8AI score0.0015EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/06/02 2:3 p.m.7 views

CVE-2026-49782

Missing Authorization vulnerability in Elementor Elementor Website Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Elementor Website Builder: from n/a through 4.1.0...

5.4CVSS5.8AI score0.0015EPSS
Exploits0References2
CVE
CVEadded 2026/06/02 2:3 p.m.64 views

CVE-2026-49782

CVE-2026-49782 concerns the WordPress Elementor Website Builder plugin (

5.4CVSS5.8AI score0.0015EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/02 2:1 p.m.35 views

CVE-2026-27351 WordPress Crew HRM plugin <= 1.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS0.0017EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/06/02 2:1 p.m.8 views

CVE-2026-27351

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS5.8AI score0.0017EPSS
Exploits0References2
EUVD
EUVDadded 2026/06/02 2:1 p.m.8 views

EUVD-2026-33931

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS5.8AI score0.0017EPSS
Exploits0References1
CVE
CVEadded 2026/06/02 2:1 p.m.14 views

CVE-2026-27351

CVE-2026-27351 affects the WordPress Crew HRM plugin up to version 1.2.2. Root cause: Missing Authorization through incorrectly configured access control. Impact includes Low integrity, Low availability, and No confidentiality impact per CVSS 3.1 (base score 5.4). Attack vector is Network with Lo...

5.4CVSS5.8AI score0.0017EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/06/02 2:1 p.m.11 views

CVE-2026-27351 WordPress Crew HRM plugin <= 1.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Sekander Badsha Crew HRM allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Crew HRM: from n/a through 1.2.2...

5.4CVSS5.8AI score0.0017EPSS
Exploits0References1
Rows per page
Query Builder