CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/02/28 2:0 p.m.•2 views

CVE-2026-1434

Omega-PSIR is vulnerable to Reflected XSS via the lang parameter. An attacker can craft a malicious URL that, when opened, causes arbitrary JavaScript to execute in the victim’s browser. This issue was fixed in 4.6.7...

EUVD•added 2026/02/27 12:31 p.m.•3 views

Exploits2References1

EUVD-2026-9021

OSV•added 2026/02/27 11:16 a.m.•1 views

Exploits2References3

CVE-2026-1434

6.1CVSS6AI score0.00039EPSS

Vulnrichment•added 2026/02/27 10:32 a.m.•3 views

CVE-2026-1434 Reflected XSS in Omega-PSIR

5.1CVSS6.1AI score0.00039EPSS

CVE•added 2026/02/27 10:32 a.m.•5 views

CVE-2026-1434

Omega-PSIR is affected by a Reflected XSS vulnerability in the lang parameter. An attacker can craft a malicious URL that, when opened by a user, causes arbitrary JavaScript to execute in the victim’s browser. The issue has a fixed version: 4.6.7. The CVSS data indicates Network attack vector, lo...

Exploits2References2Affected Software1

ATTACKERKB•added 2026/02/27 10:32 a.m.•3 views

CVE-2026-1434

Exploits2References3Affected Software1

Cvelist•added 2026/02/27 10:32 a.m.•17 views

CVE-2026-1434 Reflected XSS in Omega-PSIR

5.1CVSS0.00039EPSS

CNNVD•added 2026/02/27 12:0 a.m.•6 views

Omega-PSIR 跨站脚本漏洞

Omega-PSIR is a comprehensive scientific information management system operated by Politechnika Warszawska. Omega-PSIR has a cross-site scripting vulnerability, which stems from the reflective cross-site scripting present in the lang parameter. This vulnerability could allow attackers to execute...

6.1CVSS5.9AI score0.00039EPSS

CVE•added 2026/01/06 12:0 a.m.•7 views

CVE-2025-59379

The Red Hat/CIRCL/NVD entries confirm a flaw in DwyerOmega Isensix Advanced Remote Monitoring System (ARMS) 1.5.7 where Blind SQL Injection via the login page's user parameter can disclose credentials from the underlying SQL database. Affected component: ARMS login input handling; root cause: bli...

7.5CVSS7.1AI score0.00025EPSS

Exploits0References3Affected Software1

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•3 views

Malicious code in omega-fast-xi-node-analyze (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d063debca30b371ad751d91f206fbcace60cac8a3409db0989f84de55d1cdb87 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-179698

Malicious code in cluster-sanitize-resolve-omega-encrypt npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-177048

Malicious code in private-enum-compress-upsilon-omega npm...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•4 views

Malicious code in omega-big-zero-export-java (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6452494d4a91b262c8f8c973f098395e47d3fd525719d07e2c95a4915fae749b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-179321

Malicious code in deploy-thread-scale-omega-enum npm...

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-178447

Malicious code in import-float-omega-user-eta npm...