Lucene search
K

10322 matches found

Cvelist
Cvelist
added 2026/06/12 6:0 a.m.29 views

CVE-2026-9271 KeepInMind - Dashboard Notes < 0.8.4.2 - Contributor+ Stored XSS

Vulnerability Title...

0.0014EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/11 12:59 p.m.8 views

WordPress WP Maps plugin < 4.9.3 - Subscriber+ Local File Inclusion vulnerability

Subscriber+ Local File Inclusion vulnerability discovered by Mustafa Ahmed in WordPress Plugin WP Maps versions 4.9.3...

7.5CVSS5.4AI score0.00383EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/06/11 12:6 p.m.9 views

WordPress WP Photo Album Plus plugin < 9.1.11.001 - Unauthenticated SQL Injection via 'wppa-supersearch' Parameter vulnerability

Unauthenticated SQL Injection via 'wppa-supersearch' Parameter vulnerability discovered by Daniel Púa - devploit in WordPress Plugin WP Photo Album Plus versions 9.1.11.001...

8.6CVSS5.7AI score0.00472EPSS
Exploits1References1Affected Software1
Packet Storm News
Packet Storm News
added 2026/06/11 12:0 a.m.7 views

Joern 4.0.556

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.10 views

Ubuntu 20.04 LTS : Linux kernel (AWS FIPS) vulnerabilities (USN-7392-4)

"The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7392-4 advisory. Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cau...

7.8CVSS7.7AI score0.03558EPSS
Exploits1References153
OSV
OSV
added 2026/06/10 11:45 a.m.6 views

ROOT-APP-NPM-CVE-2024-21534 CVE-2024-21534 in @rootio/jsonpath-plus - Patched by Root

Root has patched CVE-2024-21534 in the @rootio/jsonpath-plus package for Root:npm. Multiple fixed versions available...

9.8CVSS7.4AI score0.09076EPSS
Exploits4
OSV
OSV
added 2026/06/10 11:45 a.m.8 views

ROOT-APP-NPM-CVE-2025-1302 CVE-2025-1302 in @rootio/jsonpath-plus - Patched by Root

Root has patched CVE-2025-1302 in the @rootio/jsonpath-plus package for Root:npm. Multiple fixed versions available...

9.8CVSS5.4AI score0.10701EPSS
Exploits5
GithubExploit
GithubExploit
added 2026/06/09 5:37 p.m.84 views

Exploit for CVE-2026-52885

TOCTOU: HMAC Checks Disk, Executes from Memory Notepad++ v8...

5.9AI score0.00129EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2026/06/09 3:57 a.m.9 views

CVE-2026-41006 Spring HATEOAS Collection+JSON/UBER deserializers do not honor Jackson configuration

Spring HATEOAS's internal PropertyUtils.createObjectFromProperties method, used by the Collection+JSON and UBER media type deserializers, performs bean property binding via reflection without consulting Jackson access-control annotations. Affected versions: Spring HATEOAS 1.5.0 through 1.5.6; 2.3...

7.5CVSS5.4AI score0.00276EPSS
Exploits0References1
Redos
Redos
added 2026/06/09 12:0 a.m.8 views

ROS-20260609-73-0014

The vulnerability of the ngxhttprewritemodule module in NGINX Plus and NGINX Open Source web servers is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.2CVSS6.3AI score0.61469EPSS
Exploits40
vulnersOsv
vulnersOsv
added 2026/06/08 11:2 p.m.5 views

ai.chronon:service_2.11 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:service_2.12 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +2498 more potentially affected by CVE-2026-46340 via io.netty:netty-transport-sctp (>=4.0.0.Beta1 <=4.1.134.Final)

io.netty:netty-transport-sctp MAVEN version =4.0.0.Beta1, =0.0.86, =0.0.86, =0.0.86, =3.30.1.1, =3.10.0.5, =0.2.3.5, =0.0.1, =2.0.24, =1.1.9, =0.0.1, =0.0.9 and more Source cves: CVE-2026-46340 Source advisory: OSV:GHSA-5XRH-QMMQ-W6CH...

7.5CVSS5.7AI score0.00371EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47371

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.12-1.1 Description An issue exists in the hfsplus file system where the hfsplus fill super function calls hfs find init to initialize a search structure, which acquires tree-tree lock. If a subsequent call to...

9.8CVSS5.2AI score0.00457EPSS
Exploits1References76
RedhatCVE
RedhatCVE
added 2026/06/06 12:43 p.m.13 views

CVE-2026-21035

Improper input validation in Samsung Plus TV prior to version 1.0.28.6 allows remote attackers to access sensitive information...

7.5CVSS5.5AI score0.00298EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.10 views

CVE-2026-34527

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, SbieIniServer::HashPassword converts a SHA-1 digest to hexadecimal incorrectly. The high nibble of each byte is shifted right by 8 instead of 4, which always produces zero for an 8-bit...

5.3CVSS5.3AI score0.00091EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.7 views

CVE-2026-6379

The WP Photo Album Plus WordPress plugin before 9.1.11.001 does not properly sanitize and escape a parameter before using it in a SQL query, allowing unauthenticated users to perform SQL injection attacks...

8.6CVSS5.6AI score0.00472EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.13 views

CVE-2025-14773

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8CVSS5.4AI score0.00181EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.8 views

CVE-2025-14772

Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8.8CVSS5.4AI score0.00292EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.9 views

CVE-2025-14771

Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

9.9CVSS5.4AI score0.00347EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.11 views

CVE-2025-14774

Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

7.4CVSS5.4AI score0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:39 p.m.17 views

CVE-2026-7426

Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by sending a crafted Router Advertisement with a prefix length value exceeding the maximum valid...

8.1CVSS6AI score0.00246EPSS
Exploits0References1
Rows per page
Query Builder