Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

21209 matches found

NVD
NVDadded 2026/05/12 6:16 p.m.5 views

CVE-2026-31241

The mem0 1.0.0 server lacks authentication and authorization controls for its memory deletion API endpoint DELETE /memories. The endpoint allows unauthenticated users to delete memory records by specifying arbitrary user identifiers e.g., userid, runid, agentid in the request query parameters. A...

6.5CVSS0.002EPSS
Exploits0References2
NVD
NVDadded 2026/05/12 6:16 p.m.5 views

CVE-2026-26083

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all...

9.8CVSS0.00064EPSS
Exploits0References1
NVD
NVDadded 2026/05/12 5:16 p.m.9 views

CVE-2026-8407

Missing authorization in the PAM module in Devolutions Server allows an authenticated user with a PAM license but no additional permissions to obtain OTP secret keys and recovery codes via crafted requests to PAM API endpoints. This issue affects the following versions : Devolutions Server...

4.3CVSS0.00023EPSS
Exploits0References1
NVD
NVDadded 2026/05/12 5:16 p.m.7 views

CVE-2026-25431

Missing Authorization vulnerability in WPMU DEV Hustle allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hustle: through 7.8.10.1...

5.3CVSS0.00037EPSS
Exploits0References1
CVE
CVEadded 2026/05/12 4:54 p.m.7 views

CVE-2026-26083

CVE-2026-26083 describes a missing authorization vulnerability in Fortinet FortiSandbox products (versions ranging from FortiSandbox 4.4.x/5.0.x to FortiSandbox Cloud 5.0.2–5.0.5 and FortiSandbox PaaS 21.3–23.4, including 22.1–22.2, 5.0.0–5.0.1, and 4.4.5–4.4.8). The issue allows an unauthenticat...

9.8CVSS6AI score0.00064EPSS
Exploits0References1Affected Software3
Cvelist
Cvelistadded 2026/05/12 4:54 p.m.25 views

CVE-2026-26083

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all...

9.8CVSS0.00064EPSS
Exploits0References1
CVE
CVEadded 2026/05/12 4:32 p.m.6 views

CVE-2026-25431

CVE-2026-25431 affects the WordPress Hustle plugin (

5.3CVSS5.8AI score0.00037EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/12 4:32 p.m.6 views

CVE-2026-25431 WordPress Hustle plugin <= 7.8.10.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPMU DEV Hustle allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hustle: through 7.8.10.1...

5.3CVSS5.8AI score0.00037EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/12 4:32 p.m.25 views

CVE-2026-25431 WordPress Hustle plugin <= 7.8.10.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPMU DEV Hustle allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hustle: through 7.8.10.1...

5.3CVSS0.00037EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/12 4:16 p.m.33 views

CVE-2026-8407

Missing authorization in the PAM module in Devolutions Server allows an authenticated user with a PAM license but no additional permissions to obtain OTP secret keys and recovery codes via crafted requests to PAM API endpoints. This issue affects the following versions : Devolutions Server...

0.00023EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/05/12 4:16 p.m.4 views

CVE-2026-8407

Missing authorization in the PAM module in Devolutions Server allows an authenticated user with a PAM license but no additional permissions to obtain OTP secret keys and recovery codes via crafted requests to PAM API endpoints. This issue affects the following versions : Devolutions Server...

5.8AI score0.00023EPSS
Exploits0References1
CVE
CVEadded 2026/05/12 4:16 p.m.14 views

CVE-2026-8407

CVE-2026-8407 affects Devolutions Server where the PAM module’s authorization is missing. An authenticated user with a PAM license but no additional permissions can craft requests to PAM API endpoints to retrieve OTP secret keys and recovery codes. Impacted versions include Devolutions Server 202...

4.3CVSS5.8AI score0.00023EPSS
Exploits0References1Affected Software1
Patchstack
Patchstackadded 2026/05/12 3:43 p.m.6 views

WordPress Broadstreet plugin <= 1.53.1 - Missing Authorization to Authenticated (Subscriber+) Advertiser Creation vulnerability

Missing Authorization to Authenticated Subscriber+ Advertiser Creation vulnerability discovered by greenhats - Student in WordPress Plugin Broadstreet Ads versions = 1.53.1...

4.3CVSS5.8AI score0.00035EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVEadded 2026/05/12 2:21 p.m.4 views

CVE-2026-42642

Missing Authorization vulnerability in StellarWP GiveWP give allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GiveWP: from n/a through = 4.14.5...

5.3CVSS5.8AI score0.0004EPSS
Exploits0References1
Microsoft CVE
Microsoft CVEadded 2026/05/12 2:0 p.m.7 views

Windows Admin Center Elevation of Privilege Vulnerability

Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network...

8.3CVSS5.8AI score0.00065EPSS
Exploits0
EUVD
EUVDadded 2026/05/12 12:32 p.m.6 views

EUVD-2026-29452

Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broadstreet Ads: from n/a through = 1.52.2...

5.4CVSS5.8AI score0.0004EPSS
Exploits0References2
NVD
NVDadded 2026/05/12 11:16 a.m.4 views

CVE-2026-45212

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS0.00052EPSS
Exploits0References1
NVD
NVDadded 2026/05/12 11:16 a.m.8 views

CVE-2026-45210

Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broadstreet Ads: from n/a through = 1.52.2...

5.4CVSS0.0004EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/12 11:2 a.m.3 views

CVE-2026-45212

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS5.8AI score0.00052EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/12 11:2 a.m.6 views

CVE-2026-45210

Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broadstreet Ads: from n/a through = 1.52.2...

5.4CVSS5.8AI score0.0004EPSS
Exploits0References2
Rows per page
Query Builder