CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm News•added 2026/04/10 12:0 a.m.•1 views

Like a Hammer, It Can Build, It Can Break: Large Language Model Uses, Perceptions, and Adoption in Cybersecurity Operations on Reddit

Large language models LLMs have recently emerged as promising tools for augmenting Security Operations Center SOC workflows, with vendors increasingly marketing autonomous AI solutions for SOCs. However, there remains a limited empirical understanding of how such tools are used, perceived, and...

5.9AI score

Malwarebytes•added 2026/03/31 7:40 p.m.•2 views

Asking AI for personal advice is a bad idea, Stanford study shows

Stanford computer scientists just proved what therapists already suspected: AI chatbots will agree with almost anything you say to keep you happy. The researchers caught these systems validating dangerous decisions just to maintain user engagement. That's a worrying development, especially given...

5.9AI score

HackRead•added 2026/03/17 10:49 a.m.•1 views

New Vidar 2.0 Infostealer Spreads via Fake Game Cheats on GitHub, Reddit

The new infostealer campaign spreads Vidar 2.0 via fake game cheats on GitHub and Reddit, stealing crypto, login tokens, and files while targeting young gamers ignoring security warnings...

5.8AI score

The Hacker News•added 2026/03/05 1:44 p.m.•4 views

ThreatsDay Bulletin: DDR5 Bot Scalping, Samsung TV Tracking, Reddit Privacy Fine & More

Some weeks in cybersecurity feel routine. This one doesn’t. Several new developments surfaced over the past few days, showing how quickly the threat landscape keeps shifting. Researchers uncovered fresh activity, security teams shared new findings, and a few unexpected moves from major tech...

5.9AI score

RedhatCVE•added 2026/02/26 4:15 a.m.•4 views

CVE-2026-27627

Karakeep is a elf-hostable bookmark-everything app. In version 0.30.0, when the Reddit metascraper plugin returns readableContentHtml, the HTML parsing subprocess uses it directly without running it through DOMPurify. Every other content source in the crawler goes through Readability + DOMPurify,...

NVD•added 2026/02/25 4:16 a.m.•2 views

Exploits1References1

CVE-2026-27627

8.2CVSS0.00056EPSS

CVE•added 2026/02/25 3:48 a.m.•5 views

CVE-2026-27627

Summary: CVE-2026-27627 affects Karakeep’s Reddit metascraper path. In version 0.30.0, the HTML returned as readableContentHtml by the Reddit plugin is consumed directly by the HTML parsing subprocess without DOMPurify sanitization, while other content sources go through Readability + DOMPurify. ...

Exploits1References3Affected Software1

ATTACKERKB•added 2026/02/25 3:48 a.m.•3 views

CVE-2026-27627

8.2CVSS5.2AI score0.00056EPSS

Exploits1References4

Vulnrichment•added 2026/02/25 3:48 a.m.•3 views

CVE-2026-27627 Karakeep's Reddit plugin content bypasses DOMPurify sanitization, enabling stored XSS

OSV•added 2026/02/25 3:48 a.m.•4 views

CVE-2026-27627 Karakeep's Reddit plugin content bypasses DOMPurify sanitization, enabling stored XSS

8.2CVSS5.4AI score0.00056EPSS

Exploits1References5

EUVD•added 2026/02/25 3:48 a.m.•4 views

EUVD-2026-8614

Cvelist•added 2026/02/25 3:48 a.m.•19 views

CVE-2026-27627 Karakeep's Reddit plugin content bypasses DOMPurify sanitization, enabling stored XSS

8.2CVSS0.00056EPSS

Positive Technologies•added 2026/02/25 12:0 a.m.•4 views

PT-2026-21852

Name of the Vulnerable Software and Affected Versions Karakeep version 0.30.0 Description Karakeep is an elf-hostable bookmark-everything app. Version 0.30.0 does not properly sanitize HTML content received from the Reddit metascraper plugin. Specifically, when the plugin returns...

8.2CVSS5.9AI score0.00056EPSS

Exploits1References13

CNNVD•added 2026/02/25 12:0 a.m.•5 views

karakeep 跨站脚本漏洞

Karakeep is an open-source bookmarking app developed by Karakeep App. Version 0.30.0 of Karakeep contains a cross-site scripting vulnerability. This vulnerability arises from the Reddit meta-fetching plugin not using DOMPurify to clean HTML content, allowing malicious HTML to be executed in users...

8.2CVSS5.6AI score0.00056EPSS

Malwarebytes•added 2026/02/24 3:48 p.m.•5 views

Reddit, porn sites fined by UK regulators over children’s safety and privacy

The UK’s online safety and privacy regulators are targeting companies that violate new age verification laws at both ends : Porn sites that did not keep children out, and mainstream platforms that profited from children coming in. On February 23, media regulator Ofcom fined porn operators that...

5.7AI score

Fedora•added 2026/02/11 1:0 a.m.•3 views

[SECURITY] Fedora 42 Update: rust-redlib-0.35.1-10.fc42

Redlib is alternative private front-end to Reddit, with its origins in Libreddit. Redlib hopes to provide an easier way to browse Reddit, without the ads, trackers, and bloat...

7.5CVSS5.5AI score0.0004EPSS

Exploits1

Fedora•added 2026/02/10 1:34 a.m.•3 views

[SECURITY] Fedora 43 Update: rust-redlib-0.35.1-10.fc43

Redlib is alternative private front-end to Reddit, with its origins in Libreddit. Redlib hopes to provide an easier way to browse Reddit, without the ads, trackers, and bloat...

7.5CVSS5.5AI score0.0004EPSS

Exploits1

Schneier on Security•added 2025/12/19 10:6 p.m.•2 views

Friday Squid Blogging: Petting a Squid

Video from Reddit shows what could go wrong when you try to pet a--looks like a Humboldt--squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

6.9AI score