CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

96 matches found

CVE-2026-9950

Insufficient validation of untrusted input in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00036EPSS

Exploits0References2

Positive Technologies•added 2026/04/29 12:0 a.m.•5 views

PT-2026-36112

Name of the Vulnerable Software and Affected Versions pygeoapi versions 0.23.0 through 0.23.2 Description OGC API process execution requests can utilize the subscriber object to make requests to internal HTTP services. This allows for unauthorized interaction with internal network resources...

8.6CVSS5.9AI score0.00021EPSS

Exploits0References8

NVD•added 2026/03/31 6:16 p.m.•0 views

CVE-2026-30283

An arbitrary file overwrite vulnerability in PEAKSEL D.O.O. NIS Animal Sounds and Ringtones v1.3.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

9.8CVSS0.00145EPSS

Exploits0References4

NVD•added 2026/02/27 5:18 a.m.•3 views

CVE-2026-1442

Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker or anyone paying attention, the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models...

7.8CVSS0.0001EPSS

Exploits1References4

CVE•added 2026/02/27 4:28 a.m.•6 views

CVE-2026-1442

CVE-2026-1442 describes a vulnerability in Unitree firmware update protection where the algorithm used to protect firmware updates is itself encrypted with key material accessible to an attacker. This could allow an unauthorized user to alter firmware updates and have them trusted by Unitree prod...

7.8CVSS5.4AI score0.0001EPSS

Exploits1References4Affected Software1

CNNVD•added 2026/02/05 12:0 a.m.•3 views

Webpack 代码问题漏洞

Webpack is a module bundler developed by Webpack contributors. Its primary purpose is to bundle JavaScript files for use in browsers. However, it can also convert, bundle, or package almost any resource or asset. Versions of Webpack from 5.49.0 to 5.104.1 contained code vulnerabilities. These...

3.7CVSS5.9AI score0.00011EPSS

Exploits1References1