CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

99 matches found

CVE•added 2026/06/11 6:28 p.m.•9 views

CVE-2026-47171

CVE-2026-47171 affects Quest Bot (Discord bot). The issue: before v1.0.3, a normal user can create a reminder whose message includes @everyone or @here; when triggered, the bot re-sends the message without suppressing mass mentions, enabling mass pinging if the bot has permission. Root cause: rem...

8.8CVSS5.4AI score0.00324EPSS

Exploits0References2

Cvelist•added 2026/06/11 6:28 p.m.•21 views

CVE-2026-47171 Quest Bot: Reminder messages allow stored mass mentions through `@everyone` and `@here`

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, a normal user can create a reminder whose message contains @everyone or @here. When the reminder triggers, the bot sends the stored message back into the channel without suppressing...

8.8CVSS0.00324EPSS

Exploits0References2

Positive Technologies•added 2026/06/11 12:0 a.m.•7 views

PT-2026-48710

8.8CVSS5.4AI score0.00324EPSS

Exploits0References3

The Hacker News•added 2026/05/28 3:26 p.m.•19 views

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server EMS deployments to deliver a credential-stealing malware family dubbed EKZ Infostealer. "The campaign abused trusted endpoint management infrastructure to deliver malware...

9.8CVSS6.2AI score0.88505EPSS

Exploits8

RedhatCVE•added 2026/03/26 3:9 p.m.•4 views

CVE-2026-33304

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.2, an authorization bypass in the dated reminders log allows any authenticated non-admin user to view reminder messages belonging to other users, including associated patient...

6.5CVSS5.9AI score0.00312EPSS

Exploits1References1

NVD•added 2026/03/19 9:17 p.m.•4 views

CVE-2026-33304

6.5CVSS0.00312EPSS

Exploits1References2

Cvelist•added 2026/03/19 8:27 p.m.•21 views

CVE-2026-33304 OpenEMR has Authorization Bypass in Dated Reminders Log

6.5CVSS0.00312EPSS

Exploits1References2

EUVD•added 2026/03/19 8:27 p.m.•7 views

EUVD-2026-13225

6.5CVSS5.9AI score0.00312EPSS

Exploits1References2

Vulnrichment•added 2026/03/19 8:27 p.m.•2 views

CVE-2026-33304 OpenEMR has Authorization Bypass in Dated Reminders Log

6.5CVSS5.9AI score0.00312EPSS

Exploits1References2

CVE•added 2026/03/19 8:27 p.m.•13 views

CVE-2026-33304

OpenEMR prior to 8.0.0.2 suffers an authorization bypass in the dated reminders log. Any authenticated non-admin user can view reminder messages belonging to other users, including patient names and free-text content, by crafting a GET request with arbitrary user IDs in the sentTo[] or sentBy[] p...

6.5CVSS5.9AI score0.00312EPSS

Exploits1References2Affected Software1

OSV•added 2026/03/19 8:27 p.m.•3 views

CVE-2026-33304 OpenEMR has Authorization Bypass in Dated Reminders Log

6.5CVSS6AI score0.00312EPSS

Exploits1References4

Positive Technologies•added 2026/03/19 12:0 a.m.•4 views

PT-2026-26346

6.5CVSS5.9AI score0.00312EPSS

Exploits1References6

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2016-2865

Malware in sbrugna...

6.5CVSS7.7AI score0.01216EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2017-7980

Malware in sbrugna...

4.3CVSS4.9AI score0.01626EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-17175