CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2964 matches found

Netsweeper 4.0.3 - Cross-Site Scripting

A cross-site scripting vulnerability in webadmin/policy/grouptableajax.php/ in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO. id: CVE-2014-9608 info: name: Netsweeper 4.0.3 - Cross-Site Scriptin...

6.1CVSS6.4AI score0.25742EPSS

Exploits1References4

EUVD•added yesterday•4 views

EUVD-2026-34048

A vulnerability was determined in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The impacted element is the function executeblendercode of the file /src/blendermcp/server.py. This manipulation of the argument code causes code injection. The attack is possible to be carried...

6.5CVSS5.9AI score0.00042EPSS

Exploits0References7

NVD•added 2 days ago•7 views

CVE-2026-10688

6.5CVSS0.00042EPSS

Exploits0References6

ATTACKERKB•added 2 days ago•3 views

CVE-2026-10688

6.5CVSS5.9AI score0.00042EPSS

Exploits0References6

Cvelist•added 2 days ago•19 views

CVE-2026-10688 ahujasid blender-mcp server.py execute_blender_code code injection

6.5CVSS0.00042EPSS

Exploits0References6

Vulnrichment•added 2 days ago•3 views

CVE-2026-10688 ahujasid blender-mcp server.py execute_blender_code code injection

6.5CVSS5.9AI score0.00042EPSS

Exploits0References6

NVD•added 4 days ago•7 views

CVE-2026-10175

A security flaw has been discovered in Aider-AI Aider 0.86.3. Affected by this vulnerability is the function editorcoder.run of the file auth.py of the component Architect Mode. Performing a manipulation results in code injection. Remote exploitation of the attack is possible. The exploit has bee...

6.5CVSS0.00052EPSS

Exploits0References6

EUVD•added 4 days ago•9 views

EUVD-2026-33495

6.5CVSS6.4AI score0.00052EPSS

Exploits0References6

Cvelist•added 4 days ago•30 views

CVE-2026-10175 Aider-AI Aider Architect Mode auth.py editor_coder.run code injection

6.5CVSS0.00052EPSS

Exploits0References6

ATTACKERKB•added 4 days ago•9 views

CVE-2026-10175

6.5CVSS5.6AI score0.00052EPSS

Exploits0References6Affected Software1

Positive Technologies•added 4 days ago•5 views

PT-2026-45184

A security flaw has been discovered in Aider-AI Aider 0.86.3. Affected by this vulnerability is the function editor coder.run of the file auth.py of the component Architect Mode. Performing a manipulation results in code injection. Remote exploitation of the attack is possible. The exploit has be...

6.5CVSS6.4AI score0.00052EPSS

Exploits0References7

CNNVD•added 5 days ago•3 views

CicadasCMS 代码注入漏洞

CicadasCMS is a content management framework developed by the Chinese individual developer westboy, based on SpringBoot, Mybatis, SpringSecurity, and Vue. CicadasCMS has a code injection vulnerability. This vulnerability stems from the Search method in the...

5.3CVSS5.7AI score0.00033EPSS

Exploits0References6

Nuclei•added 2026/05/28 5:39 a.m.•30 views

Citrix ADC and Citrix NetScaler Gateway - Remote Code Injection

Citrix ADC and NetScaler Gateway are susceptible to remote code injection. An attacker can potentially execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. Affected versions are before 13.0-58.30,...

6.5CVSS7.1AI score0.81139EPSS

Exploits0References5

RedhatCVE•added 2026/05/27 8:14 p.m.•4 views

CVE-2026-9568

A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is the function getGatewayDockerComposeFile of the file /api/v1/provision of the component YAML Handler. This manipulation causes code injection. It is possible to initiate the attack remotely. The attack'...

5.1CVSS5.2AI score0.00041EPSS

Exploits0References1

CVE•added 2026/05/26 6:0 p.m.•4 views

CVE-2026-9568

ThingsBoard (up to 4.3.1.1) contains a vulnerability in the YAML Handler’s /api/v1/provision path. The getGatewayDockerComposeFile function can be manipulated to achieve code injection, with remote feasibility and high attack complexity per the provided metrics. No remediation or exploit details ...

5.1CVSS5.2AI score0.00041EPSS

Exploits0References5

ATTACKERKB•added 2026/05/26 6:0 p.m.•5 views

CVE-2026-9568

5.1CVSS5.2AI score0.00041EPSS

Exploits0References6

ATTACKERKB•added 2026/05/25 6:30 a.m.•5 views

CVE-2026-9434

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setWiFiWpsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument wscDisabled leads to os command injection. The attack may be...

10CVSS7AI score0.01254EPSS

Exploits0References5Affected Software1

ATTACKERKB•added 2026/05/24 3:45 a.m.•7 views

CVE-2026-9353

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.23. Impacted is an unknown function of the file agent/skillsguard.py of the component Skills Guard Multi-Word Prompt Handler. The manipulation of the argument THREATPATTERNS leads to injection. Remote exploitatio...

7.5CVSS6.6AI score0.00057EPSS

Exploits0References4Affected Software1

NVD•added 2026/05/23 2:16 p.m.•10 views

CVE-2026-9302

A vulnerability was determined in 546669204 vps-inventory-monitoring up to 98c00b370668c96ae75e91c15548d9ea113652d9. This issue affects the function eval of the file app/index/command/VpsTest.php of the component VpsTest Console. Executing a manipulation of the argument vf can lead to code...

6.5CVSS0.00058EPSS

Exploits0References6

EUVD•added 2026/05/23 1:15 p.m.•8 views

EUVD-2026-31537

6.5CVSS6.3AI score0.00058EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by