CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedhatCVE•added 2026/06/09 8:59 p.m.•8 views

CVE-2026-25855

OpenBullet2 through version 0.3.2 contains a remote code execution vulnerability that allows authenticated users to execute arbitrary commands by uploading script files .bat.ps1.sh through the FileProxySource proxy loading feature. Attackers can upload malicious script files as proxy sources,...

8.8CVSS6.7AI score0.0057EPSS

Exploits0References1

RedhatCVE•added 2026/06/09 8:59 p.m.•9 views

CVE-2026-39908

OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server. When the job starts, the application...

7.1CVSS5.5AI score0.00314EPSS

Exploits0References1

NVD•added 2026/06/08 5:16 p.m.•9 views

CVE-2026-39908

7.1CVSS0.00314EPSS

Exploits0References2

EUVD•added 2026/06/08 4:49 p.m.•10 views

EUVD-2026-35134

8.8CVSS6.7AI score0.0057EPSS

Exploits0References2

Cvelist•added 2026/06/08 4:49 p.m.•39 views

CVE-2026-25855 OpenBullet2 0.3.2 Authenticated RCE via FileProxySource Script Upload

8.8CVSS0.0057EPSS

Exploits0References2

ATTACKERKB•added 2026/06/08 4:49 p.m.•6 views

CVE-2026-25855

8.8CVSS6.7AI score0.0057EPSS

Exploits0References3Affected Software1

CVE•added 2026/06/08 4:47 p.m.•21 views

CVE-2026-39908

OpenBullet2 ≤ v0.3.2 on Windows suffers a credential disclosure via a UNC-path proxy source. When a job loads proxies from an attacker-controlled UNC path, an SMB authentication occurs and reveals the NTLMv2 hash of the process user, enabling relay or offline cracking. Affected component is the p...

7.1CVSS5.6AI score0.00314EPSS

Exploits0References2