CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2878 matches found

CVE-2026-11453

creationtimestamp| type| source ---|---|--- 2026-06-07 04:30:26+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mnodh6oluy2a 2026-06-07 04:30:27+00:00| seen| https://infosec.exchange/users/offseq/statuses/116706942877312373...

6.5CVSS5.3AI score0.00028EPSS

Exploits0References2

RedhatCVE•added 2 days ago•9 views

CVE-2026-48907

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS5.5AI score0.00111EPSS

Exploits0References1

Circl•added 2 days ago•9 views

CVE-2026-9290

creationtimestamp| type| source ---|---|--- 2026-06-06 01:00:08+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnlha7sokz2g 2026-06-06 01:23:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnlikqk23d2r 2026-06-06 06:00:11+00:00| seen|...

7.5CVSS5.3AI score0.00447EPSS

Exploits0References3

Circl•added 3 days ago•6 views

CVE-2026-11416

creationtimestamp| type| source ---|---|--- 2026-06-05 22:59:57+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnlajcy3g72l 2026-06-05 22:59:58+00:00| seen| https://bsky.app/profile/potato.software/post/3mnlajecvof2j 2026-06-05 23:30:45+00:00| seen|...

8.1CVSS5.3AI score0.00056EPSS

Exploits0References4

RedhatCVE•added 3 days ago•6 views

CVE-2026-36748

RockRMS v16.13 and before v.17.7.0 is vulnerable to Cross Site Scripting XSS via Social Media links in user profile...

9CVSS5.5AI score0.00041EPSS

Exploits0References1

EUVD•added 3 days ago•7 views

EUVD-2026-34911

An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...

5.8CVSS5.2AI score0.00037EPSS

Exploits0References1

CVE•added 3 days ago•10 views

CVE-2026-25624

CVE-2026-25624 is an administrative cross-site scripting vulnerability in the web UI dashboard layout of Arista Edge Threat Management NGFW. The issue involves unvalidated user-supplied variables echoed back to administrative profiles, enabling XSS when an attacker has administrative UI access. A...

5.8CVSS5.2AI score0.00037EPSS

Exploits0References1

Cvelist•added 3 days ago•22 views

CVE-2026-25624 Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting

5.8CVSS0.00037EPSS

Exploits0References1

RedhatCVE•added 3 days ago•5 views

CVE-2026-20219

A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has addressed this vulnerability in Cisco Slido and no customer action is needed. This vulnerability existed...

5.4CVSS5.6AI score0.00044EPSS

Exploits0References1

RedhatCVE•added 3 days ago•5 views

CVE-2026-4608

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to blind SQL Injection via the 'rid' parameter in all versions up to, and including, 5.9.8.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQ...

6.5CVSS5.7AI score0.00033EPSS

Exploits0References1

RedhatCVE•added 3 days ago•5 views

CVE-2026-40314

NamelessMC is website software for Minecraft servers. In version 2.2.4,core/classes/Misc/ProfilePostReactionContext.php only verifies that the wall post exists and does not enforce blocked/private-profile visibility. modules/Core/queries/reactions.php allows unauthenticated GET requests for...

6.9CVSS5.5AI score0.00041EPSS

Exploits0References1

RedhatCVE•added 3 days ago•7 views

CVE-2026-40629

When SSL profiles are configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing new client connections. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS5.5AI score0.00098EPSS

Exploits0References1

RedhatCVE•added 3 days ago•4 views

CVE-2024-58343

Vision Helpdesk before 5.7.0 patched in 5.6.10 allows attackers to read user profiles via modified serialized cookie data to visclientid...

4.3CVSS5.5AI score0.00032EPSS

Exploits0References1

Circl•added 3 days ago•5 views

CVE-2026-49777

creationtimestamp| type| source ---|---|--- 2026-06-05 10:00:43+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnjuxxgeko2l 2026-06-05 10:00:43+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnjuxxgeko2l 2026-06-05 11:25:00+00:00| seen|...

10CVSS5.3AI score0.00063EPSS

Exploits0References2

CVE•added 3 days ago•27 views

CVE-2026-48907

The CVE pertains to the Joomla JCE (joomlacontenteditor) extension. Affected component: JCE editor extension for Joomla. Vulnerability: unauthenticated creation of new editor profiles enabling PHP code upload and remote code execution. Root cause: improper authorization/validation in the editor p...

10CVSS5.6AI score0.00111EPSS

Exploits0References1

ATTACKERKB•added 3 days ago•6 views

CVE-2026-48907

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS5.6AI score0.00111EPSS

Exploits0References2Affected Software1

Cvelist•added 3 days ago•34 views

CVE-2026-48907 Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS0.00111EPSS

Exploits0References1

Circl•added 3 days ago•5 views

CVE-2026-11147

creationtimestamp| type| source ---|---|--- 2026-06-05 07:01:20+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnjkx645qb2r 2026-06-05 13:24:15+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen|...

8.8CVSS5.3AI score0.00071EPSS

Exploits0References4

Circl•added 3 days ago•4 views

CVE-2026-11164

creationtimestamp| type| source ---|---|--- 2026-06-05 07:01:04+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnjkwp766r2n 2026-06-05 13:24:18+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen|...

8.8CVSS5.3AI score0.0008EPSS

Exploits0References4

Circl•added 3 days ago•4 views

CVE-2026-11262

creationtimestamp| type| source ---|---|--- 2026-06-05 04:29:34+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116695615039571880 2026-06-05 05:00:28+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnje72exif26 2026-06-05 13:24:36+00:00| seen|...

8.8CVSS5.3AI score0.0008EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by