CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6191 matches found

Circl•added 2025/12/03 4:25 p.m.•9 views

CVE-2025-66478

creationtimestamp| type| source ---|---|--- 2025-12-03 16:25:30+00:00| seen| https://bsky.app/profile/weld.bsky.social/post/3m73uolv7hs2r 2025-12-03 16:25:31+00:00| seen| https://bsky.app/profile/weld.bsky.social/post/3m73uolvfdc2r 2025-12-03 16:25:31+00:00| seen|...

7AI score

Exploits111References217

Circl•added 2025/12/03 3:45 p.m.•8 views

CVE-2025-55182

creationtimestamp| type| source ---|---|--- 2025-12-03 15:45:15+00:00| seen| https://bsky.app/profile/react.dev/post/3m73sgkikuc2h 2025-12-03 15:55:55+00:00| seen| https://mstdn.social/users/jschauma/statuses/115656448649390437 2025-12-03 15:56:22+00:00| seen|...

10CVSS7AI score0.99562EPSS

In wildExploits367References1217

Circl•added 2025/12/03 8:49 a.m.•5 views

CVE-2025-11839

creationtimestamp| type| source ---|---|--- 2025-12-03 08:49:36+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m7337fhsto2g 2025-12-03 08:49:37+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m7337gevib2b...

5.5CVSS5.8AI score0.00251EPSS

Exploits1References2

Circl•added 2025/12/02 11:3 a.m.•4 views

CVE-2025-48631

creationtimestamp| type| source ---|---|--- 2025-12-02 11:03:43+00:00| seen| https://bsky.app/profile/securityrss.bsky.social/post/3m6ysabxve527 2025-12-02 11:23:04+00:00| seen| https://bsky.app/profile/basefortify.bsky.social/post/3m6ytc4pph22v 2025-12-02 11:23:05+00:00| seen|...

6.5CVSS5.8AI score0.00465EPSS

Exploits0References17

CNNVD•added 2025/12/02 12:0 a.m.•4 views

WordPress plugin Export All Posts 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is ...

6.5CVSS6.3AI score0.00133EPSS

Exploits0References2

Positive Technologies•added 2025/12/02 12:0 a.m.•3 views

PT-2025-48641

The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.19. This is due to missing or incorrect nonce validation on the parseData function. This makes it possible for unauthenticated attackers...

6.5CVSS5.2AI score0.00133EPSS

Exploits0References3

Google Chrome Security Advisories•added 2025/12/02 12:0 a.m.•9 views

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 143 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 143.0.7499.40 Linux 143.0.7499.40/41 Windows/Mac contains a number of fixes and improvements -- a list of changes is availab...

8.8CVSS6.5AI score0.00386EPSS

Exploits0Affected Software1

Circl•added 2025/12/01 4:37 p.m.•5 views

CVE-2024-51999

creationtimestamp| type| source ---|---|--- 2025-12-01 16:37:07+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3m6wufigsy22l 2025-12-01 16:38:20+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3m6wuhn4oz22l 2025-12-02 10:50:09+00:00| seen|...

5.7AI score0.00014EPSS

Exploits0References6

Circl•added 2025/12/01 3:16 p.m.•4 views

CVE-2025-12106

creationtimestamp| type| source ---|---|--- 2025-12-01 15:16:35+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115644969440260097 2025-12-01 15:19:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6wq2dk75f2n 2025-12-02 12:33:12+00:00| seen|...

9.1CVSS5.5AI score0.00529EPSS

Exploits0References4

Circl•added 2025/11/28 10:3 a.m.•3 views

CVE-2025-13771

creationtimestamp| type| source ---|---|--- 2025-11-28 10:03:00+00:00| seen| https://infosec.exchange/users/offseq/statuses/115626749410261118 2025-11-28 10:03:02+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m6omy3254v26 2025-11-28 11:04:14+00:00| seen|...

7.1CVSS5.8AI score0.00388EPSS

Exploits0References3

Packet Storm News•added 2025/11/28 12:0 a.m.•4 views

Identification of Malicious Posts on the Dark Web Using Supervised Machine Learning

Given the constant growth and increasing sophistication of cyberattacks, cybersecurity can no longer rely solely on traditional defense techniques and tools. Proactive detection of cyber threats has become essential to help security teams identify potential risks and implement effective mitigatio...

6.6AI score

Exploits0

RedhatCVE•added 2025/11/26 7:58 a.m.•16 views

CVE-2025-12525

The Locker Content plugin for WordPress is vulnerable to Sensitive Information Exposure in version 1.0.0 via the 'lockercosubmitpost' AJAX endpoint. This makes it possible for unauthenticated attackers to extract content from posts that has been protected by the plugin...

5.3CVSS6.4AI score0.00247EPSS

Exploits0References1

OSV•added 2025/11/26 4:39 a.m.•1 views

MAL-2025-191470 Malicious code in org.mvnpm:posthog-node (Maven)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security ea90a5928d7667bed4fa9f6effbbe6c8d3ad6521ca51ca2b01551bc02373a7d2 This package was compromised by the Sha1-Hulud: The Second Coming NPM worm. The malicious payload steals tokens and credentials and...

6.8AI score

Exploits0References3

Circl•added 2025/11/26 4:16 a.m.•5 views

CVE-2025-66262

creationtimestamp| type| source ---|---|--- 2025-11-26 04:16:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6iyonclsl2q 2025-11-26 05:02:33+00:00| seen| https://infosec.exchange/users/offseq/statuses/115614243355234711 2025-11-26 05:02:34+00:00| seen|...

9.8CVSS5.7AI score0.01199EPSS

Exploits1References4

Circl•added 2025/11/25 9:0 p.m.•8 views

CVE-2025-13597

creationtimestamp| type| source ---|---|--- 2025-11-25 21:00:05+00:00| published-proof-of-concept| Telegram/JmOfzmPuwFaGVUe1ryxZaualiroKxV8Ljh6xRZNwM5xTm4 2025-11-26 00:02:46+00:00| seen| https://infosec.exchange/users/offseq/statuses/115613064530964196 2025-11-26 00:02:47+00:00| seen|...

9.8CVSS4.8AI score0.00823EPSS

Exploits3References3

Cvelist•added 2025/11/25 7:28 a.m.•5 views

CVE-2025-13404 atec Duplicate Page & Post <= 1.2.20 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication and Data Exposure

The atec Duplicate Page & Post plugin for WordPress is vulnerable to unauthorized post duplication due to missing authorization validation on the duplicatepost function in all versions up to, and including, 1.2.20. This makes it possible for authenticated attackers, with Contributor-level access...

5.3CVSS0.00217EPSS

Exploits0References3

EUVD•added 2025/11/25 7:28 a.m.•1 views

EUVD-2025-199572

5.3CVSS5.2AI score0.00217EPSS

Exploits0References4

Cvelist•added 2025/11/25 4:37 a.m.•5 views

CVE-2025-13558 Blog2Social <= 8.7.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Trashing

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'deleteUserCcDraftPost' function in all versions up to, and including, 8.7.0. This makes it possible for authenticated attackers, wi...

5.4CVSS0.00217EPSS

Exploits0References4

Circl•added 2025/11/25 1:35 a.m.•3 views

CVE-2025-54347

creationtimestamp| type| source ---|---|--- 2025-11-25 01:35:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6g7algqeb2j 2025-11-25 01:45:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6g7r7juww2n 2025-11-25 04:33:13+00:00| seen|...

9.9CVSS5.7AI score0.00616EPSS

Exploits0References4

Positive Technologies•added 2025/11/25 12:0 a.m.•2 views

PT-2025-47983

5.4CVSS5.2AI score0.00217EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by