Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

143 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:35 p.m.7 views

CVE-2026-5938

Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...

5.5CVSS5.5AI score0.00103EPSS
Exploits0References1
AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.5 views

Astra Linux - уязвимость в chromium

Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.4AI score0.00752EPSS
Exploits0References2
CVE
CVEadded 2026/05/19 9:30 a.m.19 views

CVE-2026-31906

CVE-2026-31906 affects Apache OFBiz up to version 24.09.05 (pre-24.09.06). The issue is an improper neutralization of input during web page generation, i.e., Cross-Site Scripting (XSS). Some sources describe it as a reflected XSS due to improper HTML attribute escaping in layered-modal dialog par...

6.1CVSS5.8AI score0.0044EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2026/04/27 12:16 p.m.4 views

CVE-2026-5938

Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...

5.5CVSS0.00103EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/27 11:0 a.m.2 views

EUVD-2026-25824

Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...

5.5CVSS5.2AI score0.00103EPSS
Exploits0References1
CVE
CVEadded 2026/04/27 11:0 a.m.11 views

CVE-2026-5938

CVE-2026-5938 affects Foxit PDF Editor/Reader. A crafted document action chain can trigger improper control flow, causing modal dialogs to reenter on the main thread and leading to a UI freeze/denial of service. The description indicates an infinite loop-like behavior related to the dialog handli...

5.5CVSS5.2AI score0.00103EPSS
Exploits0References1Affected Software2
ATTACKERKB
ATTACKERKBadded 2026/04/27 11:0 a.m.6 views

CVE-2026-5938

Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...

5.5CVSS5.2AI score0.00103EPSS
Exploits0References2Affected Software2
Cvelist
Cvelistadded 2026/04/27 11:0 a.m.33 views

CVE-2026-5938 Foxit PDF Editor/Reader Infinite Loop Denial-of-Service Vulnerability

Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...

5.5CVSS0.00103EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/27 11:0 a.m.4 views

CVE-2026-5938 Foxit PDF Editor/Reader Infinite Loop Denial-of-Service Vulnerability

Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...

5.5CVSS5.2AI score0.00103EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/27 12:0 a.m.5 views

PT-2026-35400

Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service...

5.5CVSS5.2AI score0.00103EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/04/27 12:0 a.m.2 views

Foxit PDF Editor < 13.2.4 Multiple Vulnerabilities

According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 13.2.4. It is, therefore affected by multiple vulnerabilities: - Document structural anomalies caused inconsistencies between page element relationships an...

7.8CVSS6AI score0.00182EPSS
Exploits0References6
Drupal
Drupaladded 2026/04/15 12:0 a.m.14 views

Drupal core - Critical - Cross-site scripting - SA-CORE-2026-001

Drupal core's jQuery integration for AJAX modal dialog boxes does not sufficiently sanitize certain options, which can lead to a cross-site scripting XSS vulnerability...

6.1CVSS4.9AI score0.00238EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/04/15 12:0 a.m.2 views

PT-2026-33240

Name of the Vulnerable Software and Affected Versions Drupal versions prior to 10.5.9 Drupal versions prior to 10.6.7 Drupal versions prior to 11.2.11 Drupal versions prior to 11.3.7 Description Drupal core's jQuery integration for AJAX modal dialog boxes does not sufficiently sanitize certain...

6.1CVSS5.6AI score0.00238EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/03/26 3:18 p.m.3 views

CVE-2026-32367

Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...

9.1CVSS5.8AI score0.00397EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/13 9:31 p.m.3 views

EUVD-2026-11862

Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...

5.8AI score0.00397EPSS
Exploits0References2
NVD
NVDadded 2026/03/13 7:54 p.m.3 views

CVE-2026-32367

Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...

9.1CVSS0.00397EPSS
Exploits0References1
CVE
CVEadded 2026/03/13 11:42 a.m.4 views

CVE-2026-32367

CVE-2026-32367 concerns the WordPress WordPress Modal Dialog plugin, vulnerable through the component “modal-dialog” up to version 3.5.16. The issue is described as an improper control of code generation, i.e., a Remote Code Inclusion/Execution vulnerability. Public records in the connected sourc...

9.1CVSS5.8AI score0.00397EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/13 11:42 a.m.3 views

CVE-2026-32367 WordPress Modal Dialog plugin <= 3.5.16 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...

9.1CVSS5.8AI score0.00397EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/13 11:42 a.m.26 views

CVE-2026-32367 WordPress Modal Dialog plugin <= 3.5.16 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...

9.1CVSS0.00397EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/13 11:42 a.m.4 views

CVE-2026-32367

Improper Control of Generation of Code 'Code Injection' vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through = 3.5.16...

5.8AI score0.00397EPSS
Exploits0References2
Rows per page
Query Builder