Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/04/08 2:49 a.m.1 views

MGASA-2026-0090 Updated python-pygments packages fix security vulnerability

A security flaw in Pygments function AdlLexer in archetype.py stems from a regular expression having an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles. CVE-2026-4539...

4.8CVSS5.7AI score0.00007EPSS
Exploits0References3
EUVD
EUVDadded 2026/03/31 3:31 p.m.1 views

EUVD-2026-17423

Ridvay Code's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations...

6.3AI score0.00657EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/03/30 12:0 a.m.2 views

CVE-2026-30305

Syntx's command auto-approval module contains a critical OS command injection vulnerability that renders its whitelist security mechanism completely ineffective. The system relies on fragile regular expressions to parse command structures; while it attempts to intercept dangerous operations, it...

6.3AI score0.0049EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/01/23 6:19 a.m.3 views

CVE-2026-24037

Horilla is a free and open source Human Resource Management System HRMS. In version 1.4.0, the hasxss function attempts to block XSS by matching input against a set of regex patterns. However, the regexes are incomplete and context-agnostic, making them easy to bypass. Attackers are able to...

5.4CVSS5.3AI score0.00018EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2025/08/25 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2016-9857

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin. XSS is possible because of a weakness in a regular expression used in some JavaScript processing. All 4.6.x versions prio...

6.1CVSS6.6AI score0.00258EPSS
Exploits0References2
CNNVD
CNNVDadded 2025/07/07 12:0 a.m.3 views

Hugging Face Transformers 安全漏洞

Hugging Face Transformers is Hugging Face's open source advanced natural language processing for Jax, PyTorch and TensorFlow. A security vulnerability exists in Hugging Face Transformers version 4.49.0, which stems from insufficient regular expression complexity in the SETTINGRE variable in...

7.5CVSS5.3AI score0.00318EPSS
Exploits1References3
Github Security Blog
Github Security Blogadded 2025/02/24 8:49 p.m.12 views

Better Auth allows bypassing the trustedOrigins Protection which leads to ATO

Summary A bypass was discovered in the trustedOrigins validation logic—affecting both absolute URL entries and wildcard domain patterns. This flaw allows an attacker to construct a malicious callbackURL that passes origin checks and triggers an open redirect. Because redirect endpoints include...

6.9AI score
Exploits0References4Affected Software1
Rows per page
Query Builder