Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6151 matches found

Positive Technologies
Positive Technologiesadded 2026/04/15 12:0 a.m.2 views

PT-2026-33021

The Katalogportal PDF Sync plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.0.0. The katalogportal popup shortcode function is registered as an AJAX handler via wp ajax katalogportal shortcodePrinter but lacks any capability check current user can ...

5.3CVSS5.7AI score0.00045EPSS
Exploits0References7
Circl
Circladded 2026/04/14 11:22 p.m.4 views

CVE-2026-34619

creationtimestamp| type| source ---|---|--- 2026-04-14 23:22:03+00:00| seen| Telegram/7o25spvsi10qoVsYDQCR4BvQZf2Pb0MXjY1dtOy-qDOy7tc 2026-04-15 12:00:10+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjjtuloymz2w 2026-04-15 13:55:20+00:00| seen|...

7.7CVSS6.1AI score0.0008EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/14 9:12 p.m.18 views

CVE-2026-34161 Chamilo LMS: Stored XSS via Malicious File Upload in Social Post Attachments Leads to Arbitrary JavaScript Execution

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, a Stored Cross-Site Scripting XSS vulnerability exists in the social post attachment upload functionality, where an authenticated user can upload a malicious HTML file containing JavaScript via the...

5.1CVSS0.00012EPSS
Exploits0References4
Circl
Circladded 2026/04/14 8:10 p.m.2 views

CVE-2026-27289

creationtimestamp| type| source ---|---|--- 2026-04-14 20:10:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mji6rygv4l23 2026-04-14 20:19:42+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mji7cuopwy2a 2026-04-14 21:25:30+00:00| published-proof-of-concept|...

7.8CVSS4.9AI score0.00029EPSS
Exploits0References3
Circl
Circladded 2026/04/14 4:46 p.m.2 views

CVE-2026-38527

creationtimestamp| type| source ---|---|--- 2026-04-14 16:46:53+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjhtgdu6nh2u 2026-04-14 17:07:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjhulnqatj2z...

8.5CVSS5.7AI score0.00036EPSS
Exploits1References2
Circl
Circladded 2026/04/14 4:46 p.m.15 views

CVE-2026-38526

creationtimestamp| type| source ---|---|--- 2026-04-14 16:46:45+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjhtg4gn2c2h 2026-04-14 17:03:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjhudxtjxx2r 2026-04-16 17:23:41+00:00| seen|...

9.9CVSS4.9AI score0.00024EPSS
Exploits2References4
Circl
Circladded 2026/04/14 4:34 p.m.4 views

CVE-2026-39813

creationtimestamp| type| source ---|---|--- 2026-04-14 16:34:21+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjhspwbtnj2m 2026-04-14 17:12:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjhuum6ow52o 2026-04-14 17:28:30+00:00| seen|...

9.8CVSS5.8AI score0.00121EPSS
Exploits1References18
Circl
Circladded 2026/04/14 3:49 p.m.2 views

CVE-2026-33101

creationtimestamp| type| source ---|---|--- 2026-04-14 15:49:19+00:00| seen| https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review 2026-04-14 19:17:15+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mji3t735w42m 2026-04-14 20:16:29+00:00| seen|...

7.8CVSS5.3AI score0.00057EPSS
Exploits0References4
Patchstack
Patchstackadded 2026/04/14 3:39 a.m.2 views

WordPress Smart Post Show - Post Grid, Post Carousel & Slider, and List Category Posts plugin <= 3.0.12 - Authenticated (Administrator+) PHP Object Injection vulnerability

WordPress Smart Post Show - Post Grid, Post Carousel & Slider, and List Category Posts plugin = 3.0.12 - Authenticated Administrator+ PHP Object Injection vulnerability discovered by Vilaysone CHANTHAVONG 0xJ0cKkY - Cyberus Technologies in WordPress Plugin Post Grid, Post Carousel, & List Categor...

7.2CVSS5.8AI score0.00047EPSS
Exploits0References1Affected Software1
Circl
Circladded 2026/04/14 3:4 a.m.1 views

CVE-2026-27668

creationtimestamp| type| source ---|---|--- 2026-04-14 03:04:52+00:00| seen| https://www.acn.gov.it/portale/w/aggiornamenti-per-prodotti-siemens-20 2026-04-14 09:51:15+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjh475wwx724 2026-04-14 09:51:36+00:00| seen|...

8.8CVSS4.8AI score0.0005EPSS
Exploits0References6
Circl
Circladded 2026/04/14 3:4 a.m.1 views

CVE-2026-25654

creationtimestamp| type| source ---|---|--- 2026-04-14 03:04:52+00:00| seen| https://www.acn.gov.it/portale/w/aggiornamenti-per-prodotti-siemens-20 2026-04-14 09:51:07+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjh46vwdxg2s 2026-04-14 10:16:11+00:00| seen|...

8.8CVSS8.1AI score0.00058EPSS
Exploits0References5
Circl
Circladded 2026/04/14 1:0 a.m.0 views

CVE-2026-27681

creationtimestamp| type| source ---|---|--- 2026-04-14 01:00:04+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjg6jaq2s42h 2026-04-14 01:15:38+00:00| published-proof-of-concept| Telegram/j1YKUKFGBq5wmef4QEbA7k-TdRl9f0BaDNzVfGs6U0ZXPS4 2026-04-14 01:30:30+00:00| seen|...

9.9CVSS5.8AI score0.00061EPSS
Exploits0References11
RedhatCVE
RedhatCVEadded 2026/04/13 7:24 p.m.2 views

CVE-2026-5169

The Inquiry Form to Posts or Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Form Header' field in versions up to and including 1.0. This is due to insufficient input sanitization when saving via updateoption and lack of output escaping when displaying the stored...

4.4CVSS5.9AI score0.00014EPSS
Exploits0References1
Circl
Circladded 2026/04/13 2:50 p.m.1 views

CVE-2026-34476

creationtimestamp| type| source ---|---|--- 2026-04-13 14:50:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjf4hp7cww2g 2026-04-13 14:53:22+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mjf4mhlkkj2e 2026-04-13 16:13:44+00:00| seen|...

7.1CVSS5.3AI score0.00079EPSS
Exploits0References3
Circl
Circladded 2026/04/13 2:45 p.m.0 views

CVE-2026-5085

creationtimestamp| type| source ---|---|--- 2026-04-13 14:45:45+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mjf46t6yhk2c 2026-04-13 15:37:02+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjf72jlhzx25 2026-04-13 18:01:28+00:00|...

9.1CVSS5.3AI score0.00045EPSS
Exploits0References2
Patchstack
Patchstackadded 2026/04/13 9:3 a.m.2 views

WordPress ActivityPub Routing plugin < 8.0.2 - Unauthenticated Drafts/Scheduled/Pending Posts Disclosure vulnerability

Unauthenticated Drafts/Scheduled/Pending Posts Disclosure vulnerability discovered by ryuk kos0ng in WordPress Plugin ActivityPub versions 8.0.2...

7.5CVSS5.8AI score0.00023EPSS
Exploits0References1Affected Software1
Circl
Circladded 2026/04/13 12:0 a.m.0 views

CVE-2026-6132

creationtimestamp| type| source ---|---|--- 2026-04-13 00:00:25+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mjdkpq6uf32b 2026-04-13 00:00:29+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjdkpu4olb24 2026-04-13 00:00:34+00:00| seen|...

10CVSS8.7AI score0.00316EPSS
Exploits0References5
Circl
Circladded 2026/04/13 12:0 a.m.1 views

CVE-2026-6131

creationtimestamp| type| source ---|---|--- 2026-04-13 00:00:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjdkpmjjco2e 2026-04-13 01:16:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjdowxpvmr2z 2026-04-13 01:17:28+00:00| published-proof-of-concept|...

10CVSS8.7AI score0.01221EPSS
Exploits0References3
Circl
Circladded 2026/04/12 4:16 p.m.1 views

CVE-2026-6139

creationtimestamp| type| source ---|---|--- 2026-04-12 16:16:35+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-6139 2026-04-13 02:00:08+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjdrfrurel2h 2026-04-13 02:48:11+00:00| seen|...

10CVSS8.7AI score0.01221EPSS
Exploits0References5
Circl
Circladded 2026/04/12 9:43 a.m.1 views

CVE-2026-6123

creationtimestamp| type| source ---|---|--- 2026-04-12 09:43:23+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mjc2tb5aus22 2026-04-12 10:23:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjc52jcvgk2g 2026-04-12 11:15:38+00:00| published-proof-of-concept|...

9CVSS7.3AI score0.00096EPSS
Exploits0References3
Rows per page
Query Builder