CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6191 matches found

Circl•added 2025/10/14 4:3 p.m.•9 views

CVE-2025-24990

creationtimestamp| type| source ---|---|--- 2025-10-14 16:03:45+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0310 2025-10-14 16:38:44+00:00| seen| https://www.thezdi.com/blog/2025/10/14/the-october-2025-security-update-review 2025-10-14 17:36:18+00:00| seen|...

7.8CVSS7.4AI score0.05793EPSS

Exploits0References36

Patchstack•added 2025/10/14 2:39 p.m.•5 views

WordPress Revive Old Posts plugin <= 9.3.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Revive Old Posts versions = 9.3.3...

8.8CVSS7AI score0.00197EPSS

Exploits0Affected Software1

Securelist•added 2025/10/14 10:0 a.m.•4 views

Signal in the noise: what hashtags reveal about hacktivism in 2025

What do hacktivist campaigns look like in 2025? To answer this question, we analyzed more than 11,000 posts produced by over 120 hacktivist groups circulating across both the surface web and the dark web, with a particular focus on groups targeting MENA countries. The primary goal of our research...

6.8AI score

Exploits0

NVD•added 2025/10/13 9:15 p.m.•3 views

CVE-2025-62176

Mastodon is a free, open-source social network server based on ActivityPub. In Mastodon before 4.4.6, 4.3.14, and 4.2.27, the streaming server accepts serving events for public timelines to clients using any valid authentication token, even if those tokens lack the read:statuses scope. This allow...

4.3CVSS0.00254EPSS

Exploits0References2

Circl•added 2025/10/13 12:13 p.m.•1 views

CERTFR-2025-ACT-043

creationtimestamp| type| source ---|---|--- 2025-10-13 12:13:08+00:00| seen| https://bsky.app/profile/cert-fr.bsky.social/post/3m336sfepqs2y 2025-10-13 12:13:12+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/115366794855854060 2025-10-13 12:33:02+00:00| seen|...

5.8AI score

Exploits0References3

CNNVD•added 2025/10/13 12:0 a.m.•2 views

Mastodon 安全漏洞

Mastodon is an open source social networking server based on ActivityPub by Mastodon Open Source. A security vulnerability exists in Mastodon versions prior to 4.4.6, prior to 4.3.14, and prior to 4.2.27, which stems from an event where the stream server accepts service for a public timeline usin...

4.3CVSS6.6AI score0.00254EPSS

Exploits0References3

Circl•added 2025/10/08 10:17 a.m.•1 views

CVE-2025-38477

creationtimestamp| type| source ---|---|--- 2025-10-08 10:17:48+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m2ofzjtqog25 2025-10-08 10:17:50+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m2ofzmd6ll2o 2025-10-08 10:26:45+00:00| seen|...

4.7CVSS6.9AI score0.00111EPSS

Exploits0References8

Vulnrichment•added 2025/10/07 12:20 p.m.•2 views

CVE-2025-40649 Múltiples vulnerabilidades en Negotiator de BBMRI-ERIC

Stored Cross-Site Scripting XSS in Biobanking and Biomolecular Resources Negotiator v3.15.2 - European Research Infrastructure BBMRI-ERIC, consisting of a stored XSS due to a lack of proper validation of user input by sending a POST request using parameter text in '/api/v3/negotiations//posts'...

5.1CVSS4.7AI score0.00326EPSS

Exploits0References1

CVE•added 2025/10/07 12:20 p.m.•10 views

CVE-2025-40649

Stored XSS in BBMRI-ERIC Negotiator v3.15.2 due to insufficient validation of user-supplied data in the text parameter of POST /api/v3/negotiations//posts. A remote attacker could craft input to exfiltrate or steal the cookie session details of an authenticated user. The issue is concrete in the ...

5.1CVSS4.7AI score0.00326EPSS

Exploits0References1