CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4744 matches found

Nuclei•added 2026/04/03 7:34 a.m.•8 views

EWWW Image Optimizer <= 7.2.0 - Unauthenticated Information Disclosure

The EWWW Image Optimizer plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.2.0 via the debuglog function. This makes it possible for unauthenticated attackers to extract sensitive debug data when debug logging is enabled. id: CVE-2023-406...

7.5CVSS7.1AI score0.46927EPSS

Exploits1References3

RedHat Linux•added 2026/04/02 10:59 a.m.•5 views

mysql: Optimizer unspecified vulnerability (CPU Jan 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows low privileged attacker with network...

6.5CVSS7AI score0.00085EPSS

Exploits0References5

Rockylinux•added 2026/04/02 12:1 a.m.•5 views

mysql:8.4 security update

An update is available for mecab-ipadic, module.mecab-ipadic, module.mysql, module.mecab, mysql, mecab. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list MySQL is ...

6.5CVSS6AI score0.00085EPSS

Exploits0

OSV•added 2026/04/02 12:1 a.m.•7 views

RLSA-2026:6391 Moderate: mysql:8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: Optimizer unspecified vulnerability CPU Jan 2026 CVE-2026-21941 mysql: Optimizer unspecified vulnerability CPU Jan 2026...

6.5CVSS7.1AI score0.00085EPSS

Exploits0References7

Tenable Nessus•added 2026/04/02 12:0 a.m.•12 views

RHEL 8 : mariadb:10.11 (RHSA-2026:6435)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6435 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Deni...

6.8CVSS6.8AI score0.01044EPSS

Exploits0References19

OSV•added 2026/04/02 12:0 a.m.•3 views

ALSA-2026:6435 Moderate: mariadb:10.11 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: mysql: High Privilege Denial of Service Vulnerability in MySQL Server CVE-2025-21490 mariadb: MariaDB Server Crash Due to Empty Backtrace Log CVE-2023-52969 mariadb: MariaDB Server...

6.8CVSS5.8AI score0.01044EPSS

Exploits0References16

AlmaLinux•added 2026/04/02 12:0 a.m.•9 views

Moderate: mariadb:10.11 security update

6.8CVSS5.9AI score0.01044EPSS

Exploits0References16

RedHat Linux•added 2026/04/01 3:43 p.m.•1 views

mysql: Optimizer unspecified vulnerability (CPU Jan 2026)

4.9CVSS7AI score0.00063EPSS

Exploits0References6

RedHat Linux•added 2026/04/01 3:43 p.m.•3 views

mysql: Optimizer unspecified vulnerability (CPU Jan 2026)

6.5CVSS7AI score0.00085EPSS

Exploits0References5

RedHat Linux•added 2026/04/01 3:43 p.m.•1 views

mysql: Optimizer unspecified vulnerability (CPU Jan 2026)

4.9CVSS7AI score0.00063EPSS

Exploits0References5

OSV•added 2026/04/01 12:0 a.m.•5 views

ALSA-2026:6391 Moderate: mysql:8.4 security update

6.5CVSS5.8AI score0.00085EPSS

Exploits0References14

AlmaLinux•added 2026/04/01 12:0 a.m.•8 views

Moderate: mysql:8.4 security update

6.5CVSS5.9AI score0.00085EPSS

Exploits0References14

Tenable Nessus•added 2026/04/01 12:0 a.m.•5 views

MiracleLinux 9 : mysql:8.4 (AXSA:2026-378:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-378:01 advisory. mysql: Optimizer unspecified vulnerability CPU Jan 2026 CVE-2026-21941 mysql: Optimizer unspecified vulnerability CPU Jan 2026 CVE-2026-21948 mysql:...

6.5CVSS7.1AI score0.00085EPSS

Exploits0References7

VulnCheck KEV•added 2026/03/31 12:0 a.m.•10 views

VulnCheck KEV: CVE-2023-40600

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0...

7.5CVSS7.8AI score0.46927EPSS

In wildExploits1References2

Patchstack•added 2026/03/27 11:16 a.m.•3 views

WordPress ShortPixel Image Optimizer plugin <= 6.4.3 - Authenticated (Author+) Stored Cross-Site Scripting via Attachment Title vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Attachment Title vulnerability discovered by daroo in WordPress Plugin ShortPixel Image Optimizer versions = 6.4.3...

5.4CVSS5.9AI score0.00049EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2026/03/27 4:59 a.m.•4 views

CVE-2026-4335

The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the attachment posttitle in all versions up to, and including, 6.4.3. This is due to insufficient output escaping in the getEditorPopup function and its corresponding media-popup.php template...

5.4CVSS6AI score0.00049EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 3:5 p.m.•1 views

CVE-2026-31891

Cockpit is a headless content management system. Any Cockpit CMS instance running version 2.13.4 or earlier with API access enabled is potentially affected by a a SQL Injection vulnerability in the MongoLite Aggregation Optimizer. Any deployment where the /api/content/aggregate/model endpoint is...

7.7CVSS5.9AI score0.00013EPSS

Exploits0References1