CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2 days ago•14 views

CVE-2026-11436

Mage AI up to version 0.9.79 is affected in the Sign-in Flow. The vulnerability is in the useMutation function within mage_ai/frontend/components/Sessions/SignForm/index.tsx, where manipulating the query.redirect_url argument triggers cross site scripting. Remote exploitation is possible, and the...

5.3CVSS4.1AI score0.00033EPSS

ATTACKERKB•added 2 days ago•4 views

CVE-2026-11436

5.3CVSS4AI score0.00033EPSS

Cvelist•added 2 days ago•30 views

CVE-2026-11436 Mage AI Sign-in Flow index.tsx useMutation cross site scripting

5.3CVSS0.00033EPSS

RedhatCVE•added 3 days ago•4 views

CVE-2026-41185

When Calico is configured with the Azure IPAM plugin, the Calico CNI binary mutates the incoming CNI configuration to attach subnet information before delegating to the IPAM plugin. After mutating, the Azure IPAM helper logs the entire unmarshaled configuration map stdinData at INFO level to...

6.5CVSS5.5AI score0.00032EPSS

Exploits0References1

RedhatCVE•added 3 days ago•5 views

CVE-2026-41327

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default configuration where ACL is not enabled. The attack is a...

9.1CVSS5.4AI score0.00073EPSS

RedhatCVE•added 3 days ago•5 views

CVE-2026-41328

9.1CVSS5.5AI score0.00205EPSS

RedhatCVE•added 3 days ago•6 views

CVE-2026-40520

FreePBX api module version 17.0.8 and prior contain a command injection vulnerability in the initiateGqlAPIProcess function where GraphQL mutation input fields are passed directly to shellexec without sanitization or escaping. An authenticated user with a valid bearer token can send a GraphQL...

8.8CVSS6AI score0.00326EPSS

Exploits0References1

RedhatCVE•added 3 days ago•6 views

CVE-2026-40583

UltraDAG is a minimal DAG-BFT blockchain in Rust. In version 0.1, a non-council attacker can submit a signed SmartOp::Vote transaction that passes signature, nonce, and balance prechecks, but fails authorization only after state mutation has already occurred...

8.8CVSS5.5AI score0.00085EPSS

RedhatCVE•added 3 days ago•7 views

CVE-2026-44005

vm2 is an open source vm/sandbox for Node.js. From 3.9.6 to 3.10.5, vm2's bridge exposes mutable proxies for real host-realm intrinsic prototypes and then forwards sandbox writes into the underlying host objects with otherReflectSet and otherReflectDefineProperty, which lets attacker-controlled...

10CVSS5.8AI score0.00108EPSS

OSV•added 3 days ago•6 views

BIT-AIRFLOW-2026-41084 Apache Airflow: API authorization bypass: bulk TaskInstances allows cross-DAG mutation

A bug in Apache Airflow's bulk Task Instances API PATCH/DELETE /api/v2/dags/dagid/dagRuns/dagrunid/taskInstances evaluated authorization against the dagid resolved from the URL path while operating on the dagid / dagrunid extracted from request-body entity fields. An authenticated UI/API user wit...

7.5CVSS5.5AI score0.0008EPSS

Exploits0References4

NVD•added last week•11 views

CVE-2026-41084

7.5CVSS0.0008EPSS

Exploits0References3

ATTACKERKB•added last week•7 views

CVE-2026-41084

5.8AI score0.0008EPSS

Exploits0References3Affected Software1

Vulnrichment•added last week•7 views

CVE-2026-41084 Apache Airflow: API authorization bypass: bulk TaskInstances allows cross-DAG mutation

5.8AI score0.0008EPSS

Cvelist•added last week•32 views

CVE-2026-41084 Apache Airflow: API authorization bypass: bulk TaskInstances allows cross-DAG mutation

0.0008EPSS

CVE•added last week•10 views

CVE-2026-41084

CVE-2026-41084: Apache Airflow bug in the bulk Task Instances API (PATCH/DELETE /api/v2/dags/{dag_id}/dagRuns/{dag_run_id}/taskInstances) evaluated authorization from the URL dag_id while operating on dag_id/dag_run_id from the request body. An authenticated user with edit permission on one Dag c...

7.5CVSS5.8AI score0.0008EPSS

Exploits0References3Affected Software1

OSSF Malicious Packages•added 2026/06/01 12:0 a.m.•9 views

Malicious code in @redhat-cloud-services/remediations-client (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

5.9AI score

Exploits0References1

Vulnrichment•added 2026/05/29 6:3 p.m.•5 views

CVE-2026-47740 Shopper: Authorization bypass in multiple Livewire admin components

Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Multiple Filament actions on the admin Order detail and Order shipments table were callable by an authenticated low-privilege user without the permission required to mutate orders. The order detail actions cancel, mark paid, mark...

8.1CVSS5.8AI score0.00032EPSS

EUVD•added 2026/05/29 3:11 p.m.•10 views

EUVD-2026-33337

OpenClaw before 2026.5.18 contains a scope bypass vulnerability in the Gateway chat.send route that allows scoped clients to execute privileged commands. Attackers with operator.write scope can deliver commands through inherited external routes to bypass operator.approvals and operator.admin scop...

8.8CVSS5.9AI score0.00049EPSS

Vulnrichment•added 2026/05/29 1:40 p.m.•5 views

CVE-2026-46510 Prototype pollution in form-data-objectizer via bracket-notation form keys

form-data-objectizer converts FormData to object. Prior to 1.0.1, form-data-objectizer walks bracket-notation form keys e.g. namesub into nested objects without filtering proto, constructor, or prototype. A single HTTP form field whose name starts with proto... causes the library to mutate...

8.2CVSS5.8AI score0.00055EPSS