CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21317 matches found

NVD•added 2026/05/27 5:16 p.m.•13 views

CVE-2022-41656

Missing Authorization vulnerability in Bizswoop Account Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Account Manager for WooCommerce: from n/a through 2.1.2...

4.3CVSS0.00218EPSS

Exploits0References1

CVE•added 2026/05/27 3:52 p.m.•11 views

CVE-2026-44316

The CVE describes a nil-pointer dereference in free5GC PCF (POST /npcf-smpolicycontrol/v1/sm-policies) HandleCreateSmPolicyRequest. When a downstream OpenAPI (UDR) lookup returns 404 and the wrapper returns err != nil with a nil response, the code logs the error but does not return, then derefere...

7.5CVSS5.8AI score0.00385EPSS

Exploits1References4Affected Software1

ATTACKERKB•added 2026/05/27 3:41 p.m.•8 views

CVE-2026-44326

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the 3gpp-traffic-influence API without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can create, read, patch, and delete traffic-influence subscriptio...

9.4CVSS5.8AI score0.00287EPSS

Exploits1References4Affected Software1

NVD•added 2026/05/27 3:16 p.m.•13 views

CVE-2026-49051

Missing Authorization vulnerability in Prasad Kirpekar WP Meta and Date Remover allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Meta and Date Remover: from n/a through 2.3.6...

4.3CVSS0.00162EPSS

Exploits0References1

NVD•added 2026/05/27 3:16 p.m.•10 views

CVE-2026-49052

Missing Authorization vulnerability in Wpmet ElementsKit Elementor addons Lite allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ElementsKit Elementor addons Lite: from n/a through 3.9.6...

4.3CVSS0.00152EPSS

Exploits0References1

NVD•added 2026/05/27 3:16 p.m.•11 views

CVE-2026-49053

5.3CVSS0.00187EPSS

Exploits0References1

NVD•added 2026/05/27 3:16 p.m.•11 views

CVE-2026-48973

Missing Authorization vulnerability in Benbodhi SVG Support allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SVG Support: from n/a through 2.5.14...

4.3CVSS0.00152EPSS

Exploits0References1

NVD•added 2026/05/27 3:16 p.m.•12 views

CVE-2026-49045

Missing Authorization vulnerability in WP Media Adminimize allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Adminimize: from n/a through 1.11.11...

4.3CVSS0.00162EPSS

Exploits0References1

NVD•added 2026/05/27 3:16 p.m.•8 views

CVE-2026-31266

Craft CMS 5.9.5 and earlier contains a Missing Authorization vulnerability in the migrate endpoint /actions/app/migrate...

7.3CVSS0.00283EPSS

Exploits3References3

CVE•added 2026/05/27 3:12 p.m.•12 views

CVE-2026-49054

CVE-2026-49054 concerns WordPress plugin The Post Grid (versions up to 7.9.2). The issue is a Missing Authorization / Broken Access Control vulnerability caused by misconfigured access control logic, allowing unauthorized access where restrictions should apply. Public sources in the connected rec...

4.3CVSS5.8AI score0.00162EPSS

Exploits0References1

Vulnrichment•added 2026/05/27 3:12 p.m.•17 views

CVE-2026-49054 WordPress The Post Grid plugin <= 7.9.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Mamunur Rashid The Post Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Post Grid: from n/a through 7.9.2...

4.3CVSS5.8AI score0.00162EPSS

Exploits0References1