Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6188 matches found

CVE
CVEadded 2026/01/22 4:51 p.m.11 views

CVE-2025-52762

CVE-2025-52762 is a reflected XSS vulnerability in the WordPress plugin family flexo-posts-manager (flexostudio flexo-posts-manager) affecting versions through 1.0001. The issue arises from improper neutralization of input during web page generation, enabling attacker-supplied data to be reflecte...

7.1CVSS5.4AI score0.00263EPSS
Exploits0References1
Circl
Circladded 2026/01/22 4:23 p.m.3 views

CVE-2025-36588

creationtimestamp| type| source ---|---|--- 2026-01-22 16:23:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mczlu6si6n2x 2026-01-22 16:23:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mczlushklu2m 2026-01-22 20:27:42+00:00| seen|...

8.8CVSS4.8AI score0.00593EPSS
Exploits0References3
Circl
Circladded 2026/01/22 4:22 p.m.1 views

CVE-2026-24009

creationtimestamp| type| source ---|---|--- 2026-01-22 16:22:54+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mczltxgrze2h 2026-01-22 16:23:15+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mczlulagaw23 2026-01-22 20:32:42+00:00| seen|...

9.8CVSS8.9AI score0.01376EPSS
Exploits1References6
Circl
Circladded 2026/01/22 4:2 p.m.2 views

CVE-2025-66960

creationtimestamp| type| source ---|---|--- 2026-01-22 16:02:27+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mczkpfr7xc2a 2026-01-22 16:02:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mczkqenvk225...

7.5CVSS5AI score0.00362EPSS
Exploits1References2
Circl
Circladded 2026/01/22 4:2 p.m.3 views

CVE-2025-66959

creationtimestamp| type| source ---|---|--- 2026-01-22 16:02:21+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mczkp76uic2r 2026-01-22 16:02:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mczkq56pmt2g...

7.5CVSS5AI score0.00362EPSS
Exploits1References2
Circl
Circladded 2026/01/22 5:7 a.m.3 views

CVE-2026-24006

creationtimestamp| type| source ---|---|--- 2026-01-22 05:07:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcyg426q4t2h 2026-01-22 05:09:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcyg7jdntp23 2026-01-24 21:22:29+00:00| seen|...

7.5CVSS5AI score0.00403EPSS
Exploits0References5
Circl
Circladded 2026/01/22 4:3 a.m.1 views

CVE-2026-23967

creationtimestamp| type| source ---|---|--- 2026-01-22 04:03:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcycjlc4522h 2026-01-22 04:03:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcyckhdi7u2g 2026-01-22 04:04:54+00:00| seen|...

7.5CVSS5.7AI score0.0019EPSS
Exploits0References7
Circl
Circladded 2026/01/22 4:3 a.m.4 views

CVE-2026-23966

creationtimestamp| type| source ---|---|--- 2026-01-22 04:03:15+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcycjemu6x2h 2026-01-22 04:03:44+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcyckaez5c2o 2026-01-22 04:04:16+00:00| seen|...

9.1CVSS5.7AI score0.00209EPSS
Exploits0References5
Circl
Circladded 2026/01/22 4:3 a.m.4 views

CVE-2026-24010

creationtimestamp| type| source ---|---|--- 2026-01-22 04:03:07+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcycj5itac23 2026-01-22 04:03:36+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcycjypyhr2x 2026-01-22 04:04:39+00:00| seen|...

8.8CVSS7.3AI score0.0042EPSS
Exploits1References4
NVD
NVDadded 2026/01/22 2:15 a.m.5 views

CVE-2026-23961

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...

5.3CVSS0.00402EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/01/22 1:51 a.m.7 views

CVE-2026-23962

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon versions before v4.3.18, v4.4.12, and v4.5.5 do not have a limit on the maximum number of poll options for remote posts, allowing attackers to create polls with a very large amount of options, greatly increasing...

7.5CVSS5.6AI score0.00487EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2026/01/22 1:51 a.m.24 views

CVE-2026-23962 Mastodon vulnerable to Denial of Service from a single post (client/server)

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon versions before v4.3.18, v4.4.12, and v4.5.5 do not have a limit on the maximum number of poll options for remote posts, allowing attackers to create polls with a very large amount of options, greatly increasing...

7.5CVSS0.00487EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/01/22 1:47 a.m.4 views

CVE-2026-23961

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...

5.3CVSS5.4AI score0.00402EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2026/01/22 1:47 a.m.21 views

CVE-2026-23961 Mastodon may allow a remote suspension bypass

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...

5.3CVSS0.00402EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/01/22 1:47 a.m.2 views

CVE-2026-23961 Mastodon may allow a remote suspension bypass

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...

5.3CVSS5.6AI score0.00402EPSS
Exploits0References4
CVE
CVEadded 2026/01/22 1:47 a.m.12 views

CVE-2026-23961

Summary of CVE-2026-23961 (Mastodon): A logic flaw in how suspended remote users are handled allows old posts from those users to appear in timelines, and under some circumstances, newly created posts from suspended users can be processed and surfaced. Affected releases span multiple lines: v4.5....

5.3CVSS5.6AI score0.00402EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2026/01/22 1:47 a.m.2 views

CVE-2026-23961 Mastodon may allow a remote suspension bypass

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon allows server administrators to suspend remote users to prevent interactions. However, some logic errors allow already-known posts from such suspended users to appear in timelines if boosted. Furthermore, under...

5.3CVSS5.7AI score0.00402EPSS
Exploits0References6
Circl
Circladded 2026/01/22 12:0 a.m.4 views

CVE-2026-23737

creationtimestamp| type| source ---|---|--- 2026-01-22 00:00:09+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcxuwndae222 2026-01-22 01:38:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcy2gsutwl2m 2026-05-14 18:10:29+00:00| seen|...

7.5CVSS5.7AI score0.00519EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/01/22 12:0 a.m.4 views

PT-2026-4194

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 TableOn posts-table-filterable allows Reflected XSS.This issue affects TableOn: from n/a through = 1.0.4.2...

5.4AI score0.00175EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/01/22 12:0 a.m.5 views

WordPress plugin flexo-posts-manager has cross-site scripting vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.1CVSS5.7AI score0.00263EPSS
Exploits0References1
Rows per page
Query Builder