Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9074 matches found

AstraLinux
AstraLinuxadded 5 days ago3 views

Astra Linux – Vulnerability in liblivemedia

In liveMedia/FramedSource.cpp within Live555, up to version 1.08, an assertion failure can occur, leading to an application exit through multiple SETUP and PLAY commands...

5.5CVSS6.1AI score0.00865EPSS
Exploits1References2
Android Security Bulletins
Android Security Bulletinsadded 2026/06/16 12:0 a.m.7 views

Android 17 Security Release NotesStay organized with collectionsSave and categorize content based on your preferences.

This Android Security Release Notes contains details of security vulnerabilities affecting Android devices which are addressed as part of Android 17. Android 17 devices with a security patch level of 2026-07-01 or later are protected against these issues Android 17, as released on AOSP, will have...

10CVSS6.2AI score0.00353EPSS
Exploits0
NVD
NVDadded 2026/06/11 11:16 p.m.12 views

CVE-2026-42846

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly...

9.8CVSS0.00603EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/06/11 10:49 p.m.8 views

CVE-2026-42846 ClipBucket: Remote Play URL Command Injection

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly...

9.8CVSS5.5AI score0.00603EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/11 10:49 p.m.26 views

CVE-2026-42846 ClipBucket: Remote Play URL Command Injection

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly...

9.8CVSS0.00603EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/11 10:49 p.m.73 views

EUVD-2026-36367

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly...

9.8CVSS5.7AI score0.00603EPSS
Exploits0References1
CVE
CVEadded 2026/06/11 10:49 p.m.21 views

CVE-2026-42846

CVE-2026-42846 affects ClipBucket v5 prior to 5.5.3 (pre-release #140) where the Remote Play feature concatenates a user-provided URL into shell commands without escaping. This allows an authenticated user to trigger arbitrary command execution via shell metacharacters in the URL. The issue has b...

9.8CVSS5.7AI score0.00603EPSS
Exploits0References1
Snyk
Snykadded 2026/06/11 1:54 p.m.5 views

Malicious Package

Overview @vtmn-play/react is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/06/11 12:0 a.m.9 views

PT-2026-48790

Name of the Vulnerable Software and Affected Versions ClipBucket versions prior to 5.5.3 Description The Remote Play feature in ClipBucket v5 allows authenticated users to import external URLs as video sources. The application concatenates these URLs directly into shell commands without proper...

9.8CVSS5.8AI score0.00603EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/06/10 9:1 p.m.6 views

CVE-2026-45635

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.0052EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/10 9:1 p.m.6 views

CVE-2026-45599

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.0052EPSS
Exploits0References1
NVD
NVDadded 2026/06/09 5:17 p.m.11 views

CVE-2026-45635

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS0.0052EPSS
Exploits0References1
NVD
NVDadded 2026/06/09 5:17 p.m.10 views

CVE-2026-45599

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS0.0052EPSS
Exploits0References1
CVE
CVEadded 2026/06/09 5:5 p.m.34 views

CVE-2026-45635

CVE-2026-45635 affects Windows UPnP Device Host through a use-after-free in upnp.dll, enabling remote code execution over the network. The issue is tied to the Universal Plug and Play component, with impact described as remote, unauthenticated code execution; CVSSv3.1 base score 8.1 (HIGH). Affec...

8.1CVSS5.7AI score0.0052EPSS
Exploits0References1Affected Software13
EUVD
EUVDadded 2026/06/09 5:5 p.m.9 views

EUVD-2026-35563

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.0052EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/06/09 5:5 p.m.4 views

CVE-2026-45635 Windows UPnP Device Host Remote Code Execution Vulnerability

...

8.1CVSS5.4AI score0.0052EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/09 5:5 p.m.7 views

EUVD-2026-35556

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.0052EPSS
Exploits0References1
CVE
CVEadded 2026/06/09 5:5 p.m.18 views

CVE-2026-45599

The CVE-2026-45599 entry describes a use-after-free in Windows’ Universal Plug and Play component (upnp.dll) that enables a remote attacker to execute code over the network via the UPnP Device Host. The vulnerability is rated CVSSv3.1: 8.1 (HIGH) with Network attack vector, no privileges required...

8.1CVSS5.7AI score0.0052EPSS
Exploits0References1Affected Software13
Cvelist
Cvelistadded 2026/06/09 5:5 p.m.30 views

CVE-2026-45599 Windows UPnP Device Host Remote Code Execution Vulnerability

...

8.1CVSS0.0052EPSS
Exploits0References1
Microsoft CVE
Microsoft CVEadded 2026/06/09 2:0 p.m.7 views

Windows UPnP Device Host Remote Code Execution Vulnerability

Use after free in Universal Plug and Play upnp.dll allows an unauthorized attacker to execute code over a network...

8.1CVSS5.7AI score0.0052EPSS
Exploits0
Rows per page
Query Builder