CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2 days ago•31 views

CVE-2026-10530 Pie Register < 3.8.4.10 - Unauthenticated Email Verification Bypass via Predictable Token

0.00129EPSS

EUVD•added 2 days ago•8 views

EUVD-2026-38210

5.3CVSS5.9AI score0.00129EPSS

CVE•added 2 days ago•13 views

CVE-2026-10530

The CVE-2026-10530 entry concerns the WordPress Pie Register plugin prior to 3.8.4.10, where account verification tokens are generated with insufficient randomness. This allows an unauthenticated attacker to predict a valid token and activate a user account without access to the associated email ...

5.3CVSS5.9AI score0.00129EPSS

ATTACKERKB•added 2 days ago•4 views

CVE-2026-10530

5.9AI score0.00129EPSS

Nuclei•added 2 days ago•61 views

WordPress Pie Register <= 3.7.1.4 - Authentication Bypass

An authentication bypass vulnerability exists in the WordPress Pie Register plugin ≤ 3.7.1.4 that allows unauthenticated attackers to impersonate arbitrary users by submitting a crafted POST request to the login endpoint. By setting socialsite=true and manipulating the useridsocialsite parameter,...

10CVSS8.1AI score0.09903EPSS

Exploits7References3

Nuclei•added 2 days ago•31 views

WordPress Pie Register <3.7.0.1 - Cross-Site Scripting

WordPress Pie Register plugin before 3.7.0.1 is susceptible to cross-site scripting. The plugin does not sanitize the invitaioncode GET parameter when outputting it in the Activation Code page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the...

6.1CVSS5.8AI score0.01602EPSS

Exploits2References3

Nuclei•added 2 days ago•35 views

WordPress Pie-Register <2.0.19 - Cross-Site Scripting

WordPress Pie Register before 2.0.19 contains a reflected cross-site scripting vulnerability in pie-register/pie-register.php which allows remote attackers to inject arbitrary web script or HTML via the invitaioncode parameter in a pie-register page to the default URL. id: CVE-2015-7377 info: nam...

4.3CVSS6AI score0.04405EPSS

Exploits3References5

Nuclei•added 2 days ago•43 views

WordPress Pie Register <3.8.2.3 - Open Redirect

WordPress Pie Register plugin before 3.8.2.3 contains an open redirect vulnerability. The plugin does not properly validate the redirection URL when logging in and login out. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute...

5.4CVSS6.4AI score0.24263EPSS

Exploits2References2

AstraLinux•added 5 days ago•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/sched: fqpie: prevent dismantle issue For some reason, the fqpieDestroy function did not copy the working code from pieDestroy and other related functions, resulting in a persistent bug. Before calling...

5.5CVSS5.9AI score0.00236EPSS

Exploits0References2

FreeBSD Advisory•added 2026/06/09 12:0 a.m.•9 views

FreeBSD-SA-26:32.elf

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:32.elf Security Advisory The FreeBSD Project Topic: ASLR bypass for setuid executables via procctl2 Category: core Module: kernel Announced: 2026-06-09...

RedhatCVE•added 2026/06/05 7:17 p.m.•5 views

CVE-2026-6643

A stack-based buffer overflow vulnerability was found in the VPN Clients on the ADM. The issue stems from the use of unbounded sscanf and passing user-controlled data directly to printf. Due to the lack of PIE and Stack Canary protections, an authenticated remote attacker can exploit these to...

9.9CVSS6.5AI score0.00468EPSS

Exploits1References1

Tenable Nessus•added 2026/06/04 12:0 a.m.•14 views

Fedora 44 : pie (2026-e5d5fc359d)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e5d5fc359d advisory. Version 1.4.5 This release contains vulnerability fixes for the following security advisories: - GHSA-h842-vjwg-pxxx - Sudo-elevated arbitrary file deletion...

6.4AI score

Tenable Nessus•added 2026/06/04 12:0 a.m.•10 views

Fedora 43 : pie (2026-b2fe14ec86)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b2fe14ec86 advisory. Version 1.4.5 This release contains vulnerability fixes for the following security advisories: - GHSA-h842-vjwg-pxxx - Sudo-elevated arbitrary file deletion...

6.4AI score

Tenable Nessus•added 2026/05/25 12:0 a.m.•14 views

Fedora 43 : pie (2026-b7427db462)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b7427db462 advisory. Version 1.4.4 Dependencies - Update Composer to 2.9.8 ---- Version 1.4.3 - add output check for dnf permission denied thanks to @asgrim and @hackel - don't...

Fedora•added 2026/05/23 12:58 a.m.•10 views

[SECURITY] Fedora 44 Update: pie-1.4.4-1.fc44

PIE PHP Installer for Extensions. PIE can install an extension to any installed PHP version. A list of extensions that support PIE can be found on https://packagist.org/extensions. Documentation: /usr/share/doc/pie/docs/usage.md...

OSSF Malicious Packages•added 2026/05/19 3:44 p.m.•6 views

Malicious code in @piewasm/pie-web-npm-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c0784e4ad568cf85bee3ae36dde67ba090887b3f18f501a518cb24911fb7be29 The OpenSSF Package Analysis project identified '@piewasm/pie-web-npm-package' @ 99.9.1 npm as malicious. It is considered malicious because: -...

OSV•added 2026/05/19 3:44 p.m.•6 views

MAL-2026-4172 Malicious code in @piewasm/pie-web-npm-package (npm)