CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3074 matches found

EUVD•added 2026/03/27 9:27 p.m.•2 views

EUVD-2026-16872

Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop, a cross-site scripting vulnerability stored in the note history comparison viewer can escalate to remote code execution in a desktop application. The issue is triggered when an attacker-controlled note header is displayed usi...

8.6CVSS6.4AI score0.00027EPSS

Exploits1References1

Vulnrichment•added 2026/03/27 9:27 p.m.•3 views

CVE-2026-33955 Notesnook vulnerable to RCE via stored XSS in Note History diff viewer

8.6CVSS6.4AI score0.00027EPSS

Exploits1References1

ATTACKERKB•added 2026/03/27 9:27 p.m.•3 views

CVE-2026-33955

8.6CVSS6.4AI score0.00027EPSS

Exploits1References2Affected Software1

NVD•added 2026/03/27 8:16 p.m.•2 views

CVE-2026-4971

A weakness has been identified in SourceCodester Note Taking App up to 1.0. This impacts an unknown function. This manipulation causes cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks...

5.3CVSS0.00021EPSS

Exploits0References5

Vulnrichment•added 2026/03/27 7:15 p.m.•2 views

CVE-2026-4971 SourceCodester Note Taking App cross-site request forgery

5.3CVSS5.5AI score0.00021EPSS

Exploits0References5

Cvelist•added 2026/03/27 7:15 p.m.•29 views

CVE-2026-4971 SourceCodester Note Taking App cross-site request forgery

5.3CVSS0.00021EPSS

Exploits0References5

ATTACKERKB•added 2026/03/27 7:15 p.m.•1 views

CVE-2026-4971

5.3CVSS5.5AI score0.00021EPSS

Exploits0References5Affected Software1

OSV•added 2026/03/27 2:46 p.m.•0 views

MINI-FGGX-64H4-77W3

Bulletin has no description...

6.5CVSS5.8AI score0.00016EPSS

Exploits0

Positive Technologies•added 2026/03/27 12:0 a.m.•2 views

PT-2026-28696

Name of the Vulnerable Software and Affected Versions SourceCodester Note Taking App version 1.0 Description A cross-site request forgery condition exists in SourceCodester Note Taking App. The issue impacts an unknown function and allows for remote exploitation. The exploit has been publicly...

5.3CVSS5.7AI score0.00021EPSS

Exploits0References7

CNNVD•added 2026/03/27 12:0 a.m.•5 views

SourceCodester Note Taking App 安全漏洞

SourceCodester Note Taking App is an open-source note-taking application developed by SourceCodester. Versions of SourceCodester Note Taking App prior to version 1.0 contained security vulnerabilities. These vulnerabilities were caused by incorrect operations and could lead to cross-site request...

5.3CVSS5.7AI score0.00021EPSS

Exploits0References6

CNNVD•added 2026/03/27 12:0 a.m.•2 views

Notesnook 代码注入漏洞

Notesnook is an end-to-end encrypted note application developed by Streetwriters. Versions of Notesnook Web/Desktop prior to 3.3.11 contained a code injection vulnerability. This vulnerability originated from a cross-site scripting vulnerability stored in the note history comparator, which could...

8.6CVSS6.3AI score0.00027EPSS

Exploits1References2

Positive Technologies•added 2026/03/27 12:0 a.m.•2 views

PT-2026-28709

Name of the Vulnerable Software and Affected Versions QDOCS Smart School Management System versions up to 7.2 Description A cross site scripting issue exists in QDOCS Smart School Management System. The issue is located in the Admission Enquiry Module, specifically within the /admin/enquiry file...

5.1CVSS5.2AI score0.00037EPSS

Exploits0References7

Positive Technologies•added 2026/03/27 12:0 a.m.•4 views

PT-2026-28579

Name of the Vulnerable Software and Affected Versions Notesnook versions prior to 3.3.11 Description Notesnook is a note-taking app with a cross-site scripting issue present in the note history comparison viewer on Web/Desktop platforms. This issue can lead to remote code execution in the desktop...

8.6CVSS6.4AI score0.00027EPSS

Exploits1References5

OSV•added 2026/03/26 9:34 p.m.•4 views

GHSA-XHQ5-45PM-2GJR OpenClaw: Nextcloud Talk room allowlist matched colliding room names instead of stable room tokens

Summary Nextcloud Talk room authorization matched on collidable room names instead of the stable room token, allowing policy confusion across similarly named rooms. Affected Packages / Versions - Package: openclaw npm - Affected: = 2026.3.22 - Latest released tag checked: v2026.3.23-2...

4.2CVSS5.9AI score0.00069EPSS

Exploits0References6

RedhatCVE•added 2026/03/26 3:11 p.m.•1 views

CVE-2026-23483

Blinko is an AI-powered card note-taking project. In versions from 1.8.3 and prior, the plugin file server endpoint uses join to concatenate paths but does not verify if the final path is within the plugins directory, leading to path traversal. At time of publication, there are no publicly...

6.9CVSS5.8AI score0.02152EPSS

Exploits0References1

NVD•added 2026/03/26 12:16 a.m.•2 views

CVE-2026-34055

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the legacy patient notes functions in library/pnotes.inc.php perform updates and deletes using WHERE id = ? without verifying that the note belongs to a patient the...

8.1CVSS0.00016EPSS

Exploits0References3

Tenable Nessus•added 2026/03/26 12:0 a.m.•3 views

Fedora 44 : dotnet10.0 (2026-956fc306c4)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-956fc306c4 advisory. This is the March 2026 release of .NET 10. Release Notes: - SDK: https://github.com/dotnet/core/blob/main/release-notes/10.0/10.0.4/10.0.104.md - Runtime:...

5.9AI score

Exploits0References1

ATTACKERKB•added 2026/03/25 11:49 p.m.•5 views

CVE-2026-34055

8.1CVSS5.9AI score0.00027EPSS

Exploits1References4Affected Software1

EUVD•added 2026/03/25 11:49 p.m.•3 views

EUVD-2026-16048

8.1CVSS5.9AI score0.00027EPSS

Exploits1References3

Positive Technologies•added 2026/03/25 12:0 a.m.•3 views

PT-2026-28157