CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

203 matches found

OSV•added 2026/05/20 7:31 p.m.•3 views

MAL-2026-4448 Malicious code in @tailwind-core/oxide-linux-x64-gnu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a107a0746f2f5159d661e4d332eac53f871b9d22f80caf5863bdd713e252ae00 The package name '@tailwind-core/oxide-linux-x64-gnu' impersonates the legitimate Tailwind CSS v4 oxide engine package...

5.9AI score

Exploits0References1

Snyk•added 2026/02/03 10:55 p.m.•4 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the sorting parameter. An attacker can execute arbitrary code and insert malicious database content by manipulating crafted URLs. Remediation Upgrade oxid-esales/oxideshop-ce to version 6.3.4 or higher. References -...

8.8CVSS6.3AI score0.00025EPSS

Exploits0References2

GithubExploit•added 2026/02/01 2:29 p.m.•125 views

oxide-sql

No d...

5.9AI score

Exploits0

RedhatCVE•added 2026/01/09 12:37 p.m.•6 views

CVE-2023-50913

Oxide control plane software before 5 allows SSRF...

9.1CVSS7AI score0.00319EPSS

Exploits0References1

RedhatCVE•added 2025/12/10 12:28 a.m.•2 views

CVE-2025-66432

In Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration date...

5CVSS6.9AI score0.00034EPSS

Exploits0References1

EUVD•added 2025/11/30 6:30 a.m.•2 views

EUVD-2025-199923

In Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration date...

5CVSS6.4AI score0.00034EPSS

Exploits0References4

NVD•added 2025/11/30 5:16 a.m.•4 views

CVE-2025-66432

In Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration date...

5CVSS0.00034EPSS

Exploits0References3

OSV•added 2025/11/30 5:16 a.m.•1 views

CVE-2025-66432

In Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration date...

5CVSS6.8AI score

Exploits0References3

Vulnrichment•added 2025/11/30 12:0 a.m.•2 views

CVE-2025-66432

In Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration date...

5CVSS6.5AI score0.00034EPSS

Exploits0References3

CVE•added 2025/11/30 12:0 a.m.•5 views

CVE-2025-66432

In Oxide Control Plane versions 15–17 before 17.1, API tokens can be renewed past their expiration date. This is the core issue; no exploitation details are provided in the documents. The remediation/patch version is not explicitly stated in the supplied materials.

5CVSS6.5AI score0.00034EPSS

Exploits0References3

Cvelist•added 2025/11/30 12:0 a.m.•3 views

CVE-2025-66432

In Oxide control plane 15 through 17 before 17.1, API tokens can be renewed past their expiration date...

5CVSS0.00034EPSS

Exploits0References3

CNNVD•added 2025/11/30 12:0 a.m.•2 views

Oxide Control Plane 安全漏洞

Oxide Control Plane is an open source console software from Oxide Computer Company. A security vulnerability exists in Oxide Control Plane versions 15 through 17 and prior to 17.1, which stems from the possibility that API tokens may continue to be used after expiration...

5CVSS6.7AI score0.00034EPSS

Exploits0References4