Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

58 matches found

SUSE CVE
SUSE CVEadded 2026/06/09 2:21 a.m.6 views

SUSE CVE-2026-46280

In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...

5.5CVSS5.3AI score0.00125EPSS
Exploits0References3
OSV
OSVadded 2026/06/08 5:16 p.m.2 views

UBUNTU-CVE-2026-46280

In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...

7.8CVSS5.3AI score0.00125EPSS
Exploits0References8
EUVD
EUVDadded 2026/06/08 3:41 p.m.7 views

EUVD-2026-35145

In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...

5.4AI score0.00125EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/06/08 3:41 p.m.4 views

CVE-2026-46280

In the Linux kernel, the following vulnerability has been resolved: lib: testhmm: evict device pages on file close to avoid use-after-free Patch series "Minor hmmtest fixes and cleanups". Two bugfixes a cleanup for the HMM kernel selftests. These were mostly reported by Zenghui Yu with special...

5.4AI score0.00125EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVEadded 2026/06/07 8:59 a.m.17 views

CVE-2026-9008

The Page-list plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.2. This is due to the pagelistunqprfxextshortcode function the pagelistext / pagelistext shortcode accepting attacker-controlled poststatus, posttype, and showmetakey attributes and...

4.3CVSS5.4AI score0.0023EPSS
Exploits0References1
NVD
NVDadded 2026/06/06 2:16 a.m.8 views

CVE-2026-9008

The Page-list plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.2. This is due to the pagelistunqprfxextshortcode function the pagelistext / pagelistext shortcode accepting attacker-controlled poststatus, posttype, and showmetakey attributes and...

4.3CVSS0.0023EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/06 1:26 a.m.33 views

CVE-2026-9008 Page-list <= 6.2 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Disclosure via Shortcode Attributes

The Page-list plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.2. This is due to the pagelistunqprfxextshortcode function the pagelistext / pagelistext shortcode accepting attacker-controlled poststatus, posttype, and showmetakey attributes and...

4.3CVSS0.0023EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/06/06 1:26 a.m.4 views

CVE-2026-9008

The Page-list plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.2. This is due to the pagelistunqprfxextshortcode function the pagelistext / pagelistext shortcode accepting attacker-controlled poststatus, posttype, and showmetakey attributes and...

4.3CVSS5.4AI score0.0023EPSS
Exploits0References7
EUVD
EUVDadded 2026/06/06 1:26 a.m.8 views

EUVD-2026-34939

The Page-list plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.2. This is due to the pagelistunqprfxextshortcode function the pagelistext / pagelistext shortcode accepting attacker-controlled poststatus, posttype, and showmetakey attributes and...

4.3CVSS5.4AI score0.0023EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/06 1:26 a.m.7 views

CVE-2026-9008 Page-list <= 6.2 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Disclosure via Shortcode Attributes

The Page-list plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.2. This is due to the pagelistunqprfxextshortcode function the pagelistext / pagelistext shortcode accepting attacker-controlled poststatus, posttype, and showmetakey attributes and...

4.3CVSS5.4AI score0.0023EPSS
Exploits0References6
CVE
CVEadded 2026/06/06 1:26 a.m.13 views

CVE-2026-9008

CVE-2026-9008 affects the Page-list WordPress plugin (versions up to 6.2). The pagelist_unqprfx_ext_shortcode() function for the [pagelist_ext]/[pagelistext] shortcodes accepts attacker-controlled post_status, post_type, and show_meta_key attributes and passes them into get_pages() and get_post_m...

4.3CVSS5.4AI score0.0023EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/06/06 12:0 a.m.13 views

PT-2026-47124

Name of the Vulnerable Software and Affected Versions Page-list plugin for WordPress versions prior to 6.3 Description Missing authorization occurs in the pagelist unqprfx ext shortcode function, specifically within the 'pagelist ext' and 'pagelistext' shortcodes. The function accepts...

4.3CVSS5.4AI score0.0023EPSS
Exploits0References8
RedhatCVE
RedhatCVEadded 2026/06/05 7:24 p.m.7 views

CVE-2026-8240

Concrete CMS 9.5.0 and below is vulnerable to unauthenticated page metadata disclosure across every page with a configured summary template, revealing the existence of private, draft, and restricted pages while leaking title, path, description, and author information. The Concrete CMS security te...

6.3CVSS5.5AI score0.00195EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/22 12:31 a.m.9 views

EUVD-2026-31358

Concrete CMS 9.5.0 and below is vulnerable to unauthenticated page metadata disclosure across every page with a configured summary template, revealing the existence of private, draft, and restricted pages while leaking title, path, description, and author information. The Concrete CMS security te...

6.3CVSS5.8AI score0.00195EPSS
Exploits0References2
NVD
NVDadded 2026/05/21 10:16 p.m.13 views

CVE-2026-8240

Concrete CMS 9.5.0 and below is vulnerable to unauthenticated page metadata disclosure across every page with a configured summary template, revealing the existence of private, draft, and restricted pages while leaking title, path, description, and author information. The Concrete CMS security te...

6.3CVSS0.00195EPSS
Exploits0References1
CVE
CVEadded 2026/05/21 9:11 p.m.12 views

CVE-2026-8240

Technical details for CVE-2026-8240 are not publicly provided in the supplied documents. No specific affected components, versions, or fixes are listed. Monitor for updates from Concrete CMS and CVE/NVD sources.

6.3CVSS5.8AI score0.00195EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/21 9:11 p.m.4 views

CVE-2026-8240 Concrete CMS 9.5.0 and below is vulnerable to unauthenticated page metadata disclosure in Backend\SummaryTemplate

Concrete CMS 9.5.0 and below is vulnerable to unauthenticated page metadata disclosure across every page with a configured summary template, revealing the existence of private, draft, and restricted pages while leaking title, path, description, and author information. The Concrete CMS security te...

6.3CVSS5.8AI score0.00195EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/05/21 12:0 a.m.7 views

PT-2026-42562

Name of the Vulnerable Software and Affected Versions Concrete CMS versions prior to 9.5.1 Description Unauthenticated users can access page metadata on any page that has a configured summary template. This allows for the disclosure of private, draft, and restricted pages, leaking information suc...

6.3CVSS5.8AI score0.00195EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/05/21 12:0 a.m.7 views

Concrete CMS 访问控制错误漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS 9.5.0 and earlier contained a access control vulnerability caused by unvalidated page metadata exposure. This vulnerability could lead to the disclosure of titles, paths, descriptions, and...

6.3CVSS5.8AI score0.00195EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/04/22 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013823)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013823 advisory. In the Linux kernel, the following vulnerability has been resolved: ubifs: ubifsreleasepage: Remove ubifsassert0 to valid this process There are two states for ubifs...

5.5CVSS5.4AI score0.00141EPSS
Exploits0References4
Rows per page
Query Builder