CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/03/18 10:13 p.m.•1 views

CVE-2026-32735 Unpacking Arbitrary Mustache Template Files via `maven-dependency-plugin`

CVE•added 2026/03/18 10:13 p.m.•5 views

CVE-2026-32735

The CVE concerns the project openapi-to-java-records-mustache-templates and its parent POM. Between versions 5.1.1 and 5.5.1, the parent POM (used to centralize plugin configurations) uses maven-dependency-plugin to unpack arbitrary .mustache files from the same-version artifact. Although the par...

EUVD•added 2026/03/18 10:13 p.m.•1 views

EUVD-2026-12979

ATTACKERKB•added 2026/03/18 10:13 p.m.•2 views

CVE-2026-32735

Exploits0References5Affected Software1

OSV•added 2026/03/18 10:13 p.m.•2 views

CVE-2026-32735 Unpacking Arbitrary Mustache Template Files via `maven-dependency-plugin`

2.3CVSS5.9AI score0.00128EPSS

Exploits0References6

Positive Technologies•added 2026/03/18 12:0 a.m.•1 views

PT-2026-26163

2.3CVSS5.9AI score0.00128EPSS

Exploits0References6

GithubExploit•added 2025/12/17 7:35 a.m.•304 views

Exploit for CVE-2025-66516

⚠️ READ DISCLAIMER BEFORE USE ⚠️ Educat...

10CVSS8.3AI score0.01579EPSS

Exploits5

EUVD•added 2025/11/12 7:18 p.m.•1 views

EUVD-2025-135293

Malicious code in tray-pzp-pom npm...

6.6AI score

Exploits0

OSSF Malicious Packages•added 2025/11/12 7:18 p.m.•1 views

Malicious code in tray-pzp-pom (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb3d753dfaab1f7cd55a51a5033f44d4199abc2c5be30266454b7849c230fcaa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

Exploits0

EUVD•added 2025/11/12 7:18 p.m.•0 views

EUVD-2025-135292

Malicious code in tray-pzp-pom npm...

6.6AI score

Exploits0

RedhatCVE•added 2025/09/04 12:28 a.m.•1 views

CVE-2025-57140

rsbi-pom 4.7 is vulnerable to SQL Injection in the /bi/service/model/DatasetService path...

9.8CVSS8.1AI score0.00089EPSS

Exploits1References1

OSV•added 2025/09/02 12:15 p.m.•0 views

CVE-2025-57140

rsbi-pom 4.7 is vulnerable to SQL Injection in the /bi/service/model/DatasetService path...

9.8CVSS5.8AI score0.00089EPSS

NVD•added 2025/09/02 12:15 p.m.•1 views

CVE-2025-57140

rsbi-pom 4.7 is vulnerable to SQL Injection in the /bi/service/model/DatasetService path...

9.8CVSS0.00089EPSS

CVE•added 2025/09/02 12:0 a.m.•10 views

CVE-2025-57140

CVE-2025-57140 affects rsbi-pom 4.7 with a SQL Injection vulnerability in the API endpoint path /bi/service/model/DatasetService . The CVSS 3.1 vector indicates a CRITICAL severity (9.8) with a NETWORK attack vector, no user interaction, and no privileges required, resulting in high impact to con...

9.8CVSS7.5AI score0.00089EPSS

Exploits1References2Affected Software1

CNNVD•added 2025/09/02 12:0 a.m.•1 views

rsbi-pom 安全漏洞

rsbi-pom rsbi BI is a business intelligence system for the individual developers of rsbi BI. A security vulnerability exists in rsbi-pom version 4.7, which originates from the /bi/service/model/DatasetService path that is susceptible to SQL injection attacks...

9.8CVSS7.7AI score0.00089EPSS

Exploits1References4

Cvelist•added 2025/09/02 12:0 a.m.•4 views

CVE-2025-57140

rsbi-pom 4.7 is vulnerable to SQL Injection in the /bi/service/model/DatasetService path...

0.00089EPSS

Positive Technologies•added 2025/09/02 12:0 a.m.•2 views

PT-2025-35561

Name of the Vulnerable Software and Affected Versions: rsbi-pom version 4.7 Description: rsbi-pom version 4.7 is vulnerable to SQL Injection via the /bi/service/model/DatasetService API endpoint. Recommendations: At the moment, there is no information about a newer version that contains a fix for...

9.8CVSS7.2AI score0.00089EPSS

Exploits1References7

Vulnrichment•added 2025/09/02 12:0 a.m.•1 views

CVE-2025-57140

rsbi-pom 4.7 is vulnerable to SQL Injection in the /bi/service/model/DatasetService path...

7.5AI score0.00089EPSS