Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

109142 matches found

NVD
NVDadded 2026/05/30 1:16 p.m.12 views

CVE-2026-46242

In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix epremove struct eventpoll / struct file UAF epremove via epremovefile cleared file-fep under file-flock but then kept using @file inside the critical section isfileepoll, hlistdelrcu through the head, spinunlock. A...

7.8CVSS0.00013EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/05/30 12:13 p.m.40 views

CVE-2026-46242 eventpoll: fix ep_remove struct eventpoll / struct file UAF

In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix epremove struct eventpoll / struct file UAF epremove via epremovefile cleared file-fep under file-flock but then kept using @file inside the critical section isfileepoll, hlistdelrcu through the head, spinunlock. A...

7.8CVSS0.00013EPSS
Exploits0References3
CVE
CVEadded 2026/05/30 12:13 p.m.62 views

CVE-2026-46242

Summary (CVE-2026-46242) : The Linux kernel contains a fix for a UAF in eventpoll related to ep_remove. The bug arose when ep_remove_file() cleared file->f_ep under file->f_lock but continued using @file inside the critical section, allowing a concurrent path to reach freed memory via f_op-...

7.8CVSS5.8AI score0.00013EPSS
Exploits0References3Affected Software1
EUVD
EUVDadded 2026/05/30 12:13 p.m.8 views

EUVD-2026-33459

In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix epremove struct eventpoll / struct file UAF epremove via epremovefile cleared file-fep under file-flock but then kept using @file inside the critical section isfileepoll, hlistdelrcu through the head, spinunlock. A...

5.8AI score0.00013EPSS
Exploits0References3
GithubExploit
GithubExploitadded 2026/05/30 10:15 a.m.74 views

CVE-2026-JBrowse-Injection

CVE-2026-XXXXX: JBrowse Configuration Injection via URL Parame...

5.8AI score
Exploits0
GithubExploit
GithubExploitadded 2026/05/30 10:3 a.m.80 views

Exploit for Improper Input Validation in Drupal

LAB 9-CVE-2018-7600 I. SYSTEM ANALYSIS Identify...

9.8CVSS7.5AI score0.94489EPSS
Exploits46
GithubExploit
GithubExploitadded 2026/05/30 9:47 a.m.68 views

CVE-2026-Bowtie2-OOB

CVE-2026-XXXXX: Bowtie2 Out-of-Bounds Read via Crafted BAM...

5.9AI score
Exploits0
GithubExploit
GithubExploitadded 2026/05/30 9:28 a.m.58 views

CVE-2026-BWA-RCE

CVE-2026-XXXXX: BWA Command Injection RCE Overview | Fi...

6AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/05/30 8:13 a.m.11 views

CVE-2026-41897

Mantis Bug Tracker MantisBT is an open source issue tracker. From 1.0.0 to 2.28.1, lack of validation of filtertarget parameter on returndynamicfilters.php normally used as an AJAX in View Issues Page allows an attacker to inject arbitrary HTML if the target is a TEXTAREA custom field. This...

5.3CVSS5.9AI score0.00049EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2026/05/30 4:51 a.m.79 views

Exploit for SQL Injection in Litellm

CVE-2026-42208 — LiteLLM Pre-Authentication SQL Injection A l...

9.8CVSS6.1AI score0.6259EPSS
Exploits5
Nuclei
Nucleiadded 17 hours ago41 views

Lotus Domino R5 and R6 WebMail - Information Disclosure

Lotus Domino R5 and R6 WebMail with 'Generate HTML for all fields' enabled which is by default allows remote attackers to read the HTML source to obtain sensitive information including the password hash in the HTTPPassword field, the password change date in the HTTPPasswordChangeDate field, and t...

5CVSS5.5AI score0.08605EPSS
Exploits11References5
Nuclei
Nucleiadded 17 hours ago20 views

Dreambox WebControl 2.0.0 - Cross-Site Scripting

Dream Multimedia Dreambox devices via their WebControl component are vulnerable to reflected cross-site scripting, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI. id: CVE-2017-15287 info: name: Dreambox WebControl 2.0.0 - Cross-Site Scripting author:...

6.1CVSS6.1AI score0.01056EPSS
Exploits5References4
Nuclei
Nucleiadded 17 hours ago16 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD 4.11.01 is vulnerable to cross-site scripting via the segments/add.php Segment Name field. id: CVE-2018-1000856 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.11.01 is vulnerable to cross-site scripting via the...

4.8CVSS5.2AI score0.0104EPSS
Exploits1References3
Nuclei
Nucleiadded 17 hours ago21 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD 4.11.01 contains a cross-site scripting vulnerability via assets/add/account-owner.php Owner name field. id: CVE-2018-19749 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.11.01 contains a cross-site scripting...

4.8CVSS5.7AI score0.00236EPSS
Exploits6References5
Nuclei
Nucleiadded 17 hours ago19 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD 4.11.01 contains a cross-site scripting vulnerability via assets/add/dns.php Profile Name or notes field. id: CVE-2018-19914 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.11.01 contains a cross-site scripting...

4.8CVSS5.7AI score0.00255EPSS
Exploits5References5
Nuclei
Nucleiadded 17 hours ago30 views

DomainMOD <=4.11.01 - Cross-Site Scripting

DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the assets/edit/host.php Web Host Name or Web Host URL field. id: CVE-2018-19915 info: name: DomainMOD =4.11.02 to mitigate this vulnerability. reference: - https://github.com/domainmod/domainmod/issues/87 -...

4.8CVSS5.7AI score0.00284EPSS
Exploits5References5
Nuclei
Nucleiadded 17 hours ago24 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD 4.11.01 contains a cross-site scripting vulnerability via /admin/ssl-fields/add.php Display Name, Description & Notes field parameters. id: CVE-2018-19751 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.11.01 contains...

4.8CVSS5.7AI score0.00236EPSS
Exploits6References4
Nuclei
Nucleiadded 17 hours ago15 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the /assets/add/ssl-provider-account.php Username field. id: CVE-2018-20010 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD through version 4.11.01 is...

4.8CVSS5.7AI score0.00455EPSS
Exploits5References4
Nuclei
Nucleiadded 17 hours ago25 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD through 4.11.01 contains a cross-site scripting vulnerability via the assets/add/registrar.php notes field for Registrar. id: CVE-2018-19752 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD through 4.11.01 contains a...

4.8CVSS5.7AI score0.00236EPSS
Exploits6References4
Nuclei
Nucleiadded 17 hours ago77 views

Carel pCOWeb <B1.2.4 - Cross-Site Scripting

Carel pCOWeb prior to B1.2.4 is vulnerable to stored cross-site scripting, as demonstrated by the config/pwsnmp.html "System contact" field. id: CVE-2019-11370 info: name: Carel pCOWeb B1.2.4 - Cross-Site Scripting author: arafatansari severity: medium description: | Carel pCOWeb prior to B1.2.4 ...

5.4CVSS5.8AI score0.06057EPSS
Exploits1References4
Rows per page
Query Builder