CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 6 days ago•9 views

CVE-2026-35447

5.3CVSS5.9AI score0.00042EPSS

CVE•added 6 days ago•9 views

CVE-2026-40314

NamelessMC (Minecraft server website software) 2.2.4 is affected by an authorization issue where core/classes/Misc/ProfilePostReactionContext.php only verifies the wall post exists and fails to enforce blocked/private-profile visibility, while modules/Core/queries/reactions.php permits unauthenti...

ATTACKERKB•added 6 days ago•6 views

CVE-2026-40314

NamelessMC is website software for Minecraft servers. In version 2.2.4,core/classes/Misc/ProfilePostReactionContext.php only verifies that the wall post exists and does not enforce blocked/private-profile visibility. modules/Core/queries/reactions.php allows unauthenticated GET requests for...

Cvelist•added 6 days ago•31 views

CVE-2026-40314 NamelessMC: Reactions on private or blocking profile posts can be read and modified without proper authorization

6.9CVSS0.00041EPSS

EUVD•added 6 days ago•7 views

EUVD-2026-33976

Vulnrichment•added 6 days ago•6 views

CVE-2026-40314 NamelessMC: Reactions on private or blocking profile posts can be read and modified without proper authorization

Cvelist•added 6 days ago•37 views

CVE-2026-33398 Authenticated users can read hidden forum posts through `/forum/get_quotes`

NamelessMC is website software for Minecraft servers. In version 2.2.4, modules/Forum/pages/forum/getquotes.php only checks whether the caller is logged in, then reads a post by attacker-controlled post ID and returns its content. The backend helper in modules/Forum/classes/Forum.php does not...

7.1CVSS0.00038EPSS

CVE•added 6 days ago•6 views

CVE-2026-33398

NamelessMC 2.2.4 is affected by an insecure access control in modules/Forum/pages/forum/get_quotes.php, which only checks that a caller is logged in and reads a post by an attacker-controlled post ID. The backend helper in modules/Forum/classes/Forum.php does not enforce forum or topic ACLs, allo...

7.1CVSS5.8AI score0.00038EPSS

Positive Technologies•added 6 days ago•11 views

PT-2026-45801

5.3CVSS5.9AI score0.00042EPSS

Positive Technologies•added 6 days ago•6 views

PT-2026-45803

NamelessMC is website software for Minecraft servers. In version 2.2.4, core/classes/Misc/ProfilePostReactionContext.php only verifies that the wall post exists and does not enforce blocked/private-profile visibility. This means that authenticated low-privileged users can add reactions to private...

5.3CVSS5.8AI score0.00038EPSS

Circl•added 2026/06/01 4:54 a.m.•8 views

CVE-2026-48188

creationtimestamp| type| source ---|---|--- 2026-06-01 04:54:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn7byrnowf2z 2026-06-01 05:00:11+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mn7cctz75a2r 2026-06-01 05:04:49+00:00| seen|...

9.1CVSS5.8AI score0.00079EPSS

Exploits1References5

Circl•added 2026/05/31 1:23 p.m.•5 views

CVE-2026-10179

creationtimestamp| type| source ---|---|--- 2026-05-31 13:23:54+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mn5nyomfww2f 2026-05-31 13:28:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn5obdkwxa2m 2026-05-31 17:02:28+00:00| seen|...

9CVSS7.3AI score0.00048EPSS

Exploits0References3

Circl•added 2026/05/31 4:57 a.m.•11 views

CVE-2026-10164

creationtimestamp| type| source ---|---|--- 2026-05-31 04:57:02+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn4rocjfim2q 2026-05-31 05:00:37+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mn4ruozarc2r 2026-05-31 06:00:28+00:00| seen|...

9CVSS5.8AI score0.00046EPSS

Exploits0References4

Circl•added 2026/05/30 5:1 p.m.•8 views

CVE-2026-10125

creationtimestamp| type| source ---|---|--- 2026-05-30 17:01:35+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mn3joxxx5e2m 2026-05-30 17:43:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn3m2li2nr2n...

9CVSS5.8AI score0.00046EPSS

Circl•added 2026/05/30 5:1 p.m.•8 views

CVE-2026-10124

creationtimestamp| type| source ---|---|--- 2026-05-30 17:01:27+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mn3joqscdv2p 2026-05-30 17:24:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn3kxusz622n...

9CVSS5.8AI score0.00046EPSS

Circl•added 2026/05/30 3:39 p.m.•10 views

CVE-2026-10119

creationtimestamp| type| source ---|---|--- 2026-05-30 15:39:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn3f3qxydx2k 2026-05-30 16:01:09+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mn3gcwbhio2r 2026-05-30 16:01:10+00:00| seen|...

9CVSS7.3AI score0.00046EPSS

Exploits0References5

Circl•added 2026/05/29 7:0 p.m.•7 views

CVE-2026-47125

creationtimestamp| type| source ---|---|--- 2026-05-29 19:00:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmz7v62jq52a 2026-05-29 20:16:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmze567paf2r...

8.8CVSS5.7AI score0.00044EPSS

Circl•added 2026/05/29 3:1 p.m.•6 views

CVE-2026-44698

creationtimestamp| type| source ---|---|--- 2026-05-29 15:01:38+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmysjlmepp2v 2026-05-29 16:18:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmywtjjgs62e...

8.3CVSS5.8AI score0.0002EPSS

Circl•added 2026/05/29 3:1 p.m.•8 views

CVE-2026-45615

creationtimestamp| type| source ---|---|--- 2026-05-29 15:01:31+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmysjevepa2m 2026-05-29 16:13:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmywkkihvl2x...

8.2CVSS5.8AI score0.00071EPSS