Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/06/19 3:54 a.m.8 views

CVE-2026-12046

A flaw was found in pgAdmin 4. Critical functions within the SQL Editor blueprint lacked proper authentication, allowing a remote attacker to bypass security controls. When combined with specific preconditions, such as knowledge of the Flask SECRETKEY and write access to the sessions directory,...

9.5CVSS6.6AI score0.00715EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/05/20 9:0 a.m.8 views

CVE-2026-9064

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

7.5CVSS5.9AI score0.00815EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/05/15 2:12 p.m.8 views

CVE-2026-6691

A flaw was found in the MongoDB C Driver's Cyrus SASL integration. This vulnerability, a heap buffer overflow, occurs due to unsafe string copying during username canonicalization. A remote attacker can exploit this by providing untrusted input in the username of a MongoDB URI with...

8.6CVSS6.4AI score0.00126EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/04/20 1:8 p.m.5 views

CVE-2026-35215

A flaw was found in Firebird. In the sdldesc function, a division by zero vulnerability exists due to improper validation of the length of a decoded SDL descriptor from a slice packet. An unauthenticated attacker can exploit this by sending a specially crafted slice packet, leading to a server...

7.5CVSS5.8AI score0.00466EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2026/04/07 2:13 p.m.5 views

CVE-2026-35029

A flaw was found in LiteLLM, an AI Gateway proxy server. An authenticated user can exploit a missing authorization check on the /config/update endpoint. This allows the user to modify proxy configurations and environment variables, leading to remote code execution by registering custom endpoint...

8.8CVSS6.5AI score0.27194EPSS
Exploits2References4
RedhatCVE
RedhatCVEadded 2026/02/26 3:10 p.m.7 views

CVE-2026-28296

A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed CRLF sequences. These unsanitized sequences allow the attacker to terminate intended FTP commands and...

4.3CVSS6.5AI score0.0036EPSS
Exploits2References3
OSV
OSVadded 2021/10/04 6:15 p.m.2 views

ALPINE-CVE-2021-32675

Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol RESP request, Redis allocates memory according to user-specified values which determine the number of elements in the multi-bulk header and size of each element in the bulk header. ...

7.5CVSS7.1AI score0.1578EPSS
Exploits0References1
Rows per page
Query Builder