Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2026/04/09 7:43 p.m.7 views

CVE-2026-40089

Sonicverse (Self-hosted Docker Compose stack) contains an SSRF in the dashboard API client (apps/dashboard/lib/api.ts). User-controlled URLs are passed from the dashboard to a server-side HTTP client without sufficient validation, allowing an authenticated operator to trigger arbitrary HTTP reque...

9.9CVSS6AI score0.00055EPSS
Exploits0References1Affected Software1
Circl
Circladded 2026/02/23 1:0 p.m.4 views

CVE-2026-27728

creationtimestamp| type| source ---|---|--- 2026-02-23 13:00:06+00:00| published-proof-of-concept| https://github.com/OneUptime/oneuptime/security/advisories/GHSA-jmhp-5558-qxh5 2026-02-25 17:40:09+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfp7zft2r22h 2026-02-25...

9.9CVSS5.7AI score0.00396EPSS
Exploits1References6
Circl
Circladded 2025/11/11 7:19 a.m.5 views

CVE-2025-4645

creationtimestamp| type| source ---|---|--- 2025-11-11 07:19:33+00:00| seen| https://bsky.app/profile/potato.software/post/3m5dlw3ivic2h 2025-11-11 07:30:26+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5dmj7iym762 2025-11-11 10:03:23+00:00| seen|...

6.7CVSS5.7AI score0.00033EPSS
Exploits0References3
Circl
Circladded 2025/11/10 12:11 p.m.9 views

CVE-2025-41001

creationtimestamp| type| source ---|---|--- 2025-11-10 12:11:09+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5blpcso4cw2 2025-11-10 13:33:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5bqe7tluc2s...

5.4CVSS5.8AI score0.00035EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2024/10/16 6:29 a.m.4 views

pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...

8.8CVSS8.1AI score0.09875EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2024/09/17 1:7 p.m.2 views

pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

A flaw was found in the packageindex module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to co...

8.8CVSS8.1AI score0.09875EPSS
Exploits0References6
RubySec
RubySecadded 2024/03/12 12:0 a.m.12 views

Cross-site Scripting (XSS) possible with maliciously formed HTML attribute names and values in Phlex

There is a potential cross-site scripting XSS vulnerability that can be exploited via maliciously crafted user data. This was due to improper case-sensitivity in the code that was meant to prevent these attacks. Impact If you render an tag with an href attribute set to a user-provided link, that...

7.1CVSS5.8AI score0.01541EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder