Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CNNVD
CNNVDadded 2025/12/22 12:0 a.m.3 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. A security vulnerability in Mattermost versions 11.1.0 and prior to 11.1.x, 11.0.5 and prior to 11.0.x, 10.12.3 and prior to 10.12.x, and 10.11.7 and prior to 10.11.x, which stems from the Jira plugin'...

8.3CVSS6.5AI score0.00227EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/12 4:29 a.m.2 views

Malicious code in mini-css-extract-plugin-proxima-forever-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb980ed42d4d4218e2eb35162ae3361262e60abcf57f5e770ace6c3a0f9479e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
wpexploit
wpexploitadded 2022/07/18 12:0 a.m.164 views

mTouch Quiz <= 3.1.3 - Admin+ Stored Cross Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setup Put the following payload in any of the delimiter...

4.8CVSS0.5AI score0.00493EPSS
Exploits2
Rows per page
Query Builder