Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

NVD
NVDadded 2026/03/10 5:40 p.m.2 views

CVE-2026-30913

Flarum is open-source forum software. When the flarum/nicknames extension is enabled, a registered user can set their nickname to a string that email clients interpret as a hyperlink. The nickname is inserted verbatim into plain-text notification emails, and recipients may be misled into visiting...

4.6CVSS0.00165EPSS
Exploits0References3
EUVD
EUVDadded 2026/03/10 12:56 a.m.4 views

EUVD-2026-10423

flarum/nicknames extension has display name injection in notification emails autolink & markdown...

4.6CVSS5.8AI score0.00165EPSS
Exploits0References4
EUVD
EUVDadded 2026/03/10 12:56 a.m.3 views

EUVD-2026-10422

flarum/nicknames extension has display name injection in notification emails autolink & markdown...

4.6CVSS5.8AI score0.00165EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/09 10:42 p.m.3 views

CVE-2026-30913

Flarum is open-source forum software. When the flarum/nicknames extension is enabled, a registered user can set their nickname to a string that email clients interpret as a hyperlink. The nickname is inserted verbatim into plain-text notification emails, and recipients may be misled into visiting...

4.6CVSS5.8AI score0.00165EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2026/03/09 12:0 a.m.4 views

PT-2026-24146

Name of the Vulnerable Software and Affected Versions Flarum affected versions not specified Description The Flarum forum software, when used with the flarum/nicknames extension, allows a registered user to set a nickname that email clients may interpret as a hyperlink. This nickname is directly...

4.6CVSS5.8AI score0.00165EPSS
Exploits0References7
OSV
OSVadded 2020/12/28 8:15 p.m.1 views

DEBIAN-CVE-2020-35730

An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference element that is mishandled by linkrefaddindex in rcubestringreplacer.php...

6.1CVSS7.5AI score0.32365EPSS
Exploits1References1
The Hacker News
The Hacker Newsadded 2017/02/05 6:52 a.m.15 views

Anonymous Hacker took down over 10,000 Dark Web Sites; Leaked User Database

Dark Web is right now going through a very rough time. Just two days ago, a hacker group affiliated with Anonymous broke into the servers of Freedom Hosting II and took down more than 10,000 Tor-based .onion dark websites with an alarming announcement to its visitors, which said: "Hello, Freedom...

6.9AI score
Exploits0
ICS
ICSadded 2013/04/26 12:0 p.m.12 views

Osama Bin Laden-Themed Phishing

Summary The intent of this advisory is to provide general guidance to public and private sector organizations and individuals on potential targeted phishing attacks often referred to as “spear phishing” with respect to the Osama Bin Laden related media reporting, and to offer some suggested metho...

6.9AI score
Exploits0References18
Rows per page
Query Builder