CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/04/19 12:0 a.m.•6 views

SuperAGI 安全漏洞

SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI 0.0.14 and earlier contain security vulnerabilities. These vulnerabilities stem from operations on the file...

5.5CVSS6.1AI score0.003EPSS

CNNVD•added 2026/04/17 12:0 a.m.•6 views

QiHui JBTC CMS 安全漏洞

QiHui JBTC CMS is an open-source content management system developed by QiHui. Version 5.0.3.6 of QiHui JBTC CMS contains a security vulnerability. This vulnerability stems from an unknown function in the component Code Endpoint, which improperly handles parameters with the path parameter in the...

5.3CVSS5.7AI score0.00365EPSS

CNNVD•added 2026/04/17 12:0 a.m.•5 views

sms 安全漏洞

SMS is a student performance management system developed by QUERYMINE. SMS has a security vulnerability, which stems from unknown code in the admin/editcourse.php file of the GET Request Parameter Handler component. This code allows for SQL injection attacks on parameter IDs, potentially leading ...

6.5CVSS6.8AI score0.00196EPSS

Exploits0References2

NVD•added 2026/04/14 9:16 a.m.•2 views

CVE-2025-40745

A vulnerability has been identified in Siemens Software Center All versions V3.5.8.2, Simcenter 3D All versions V2506.6000, Simcenter Femap All versions V2506.0002, Simcenter STAR-CCM+ All versions V2602, Solid Edge SE2025 All versions V225.0 Update 13, Solid Edge SE2026 All versions V226.0 Updat...

6.3CVSS0.00137EPSS

CNNVD•added 2026/04/12 12:0 a.m.•2 views

MetaGPT 安全漏洞

MetaGPT is a multi-agent framework developed by MetaGPT Inc. Versions of MetaGPT 0.8.1 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the evaluateCode function in the Mineflayer HTTP API component’s file metagpt/environment/minecraft/mineflayer/index.js, which...

8.8CVSS5.8AI score0.00224EPSS

Exploits1References6

CNNVD•added 2026/04/12 12:0 a.m.•2 views

MetaGPT 代码注入漏洞

MetaGPT is a multi-agent framework developed by MetaGPT Inc. Versions of MetaGPT 0.8.1 and earlier contained a code injection vulnerability. This vulnerability stemmed from the generatethoughts function in the Tree-of-Thought Solver component’s metagpt/strategy/tot.py file, which could lead to...

9.8CVSS7.2AI score0.00409EPSS

Exploits1References6

CNNVD•added 2026/04/12 12:0 a.m.•3 views

CowAgent 访问控制错误漏洞

CowAgent is an intelligent assistant and scalable agent framework developed by zhayujie’s individual developer. Versions of CowAgent 2.0.4 and earlier contained a security vulnerability related to access control. This vulnerability stemmed from the absence of authentication in the Agent Mode...

7.5CVSS7.2AI score0.00391EPSS

CNNVD•added 2026/04/09 12:0 a.m.•2 views

D-Link DIR-645 安全漏洞

The D-Link DIR-645 is a wireless router produced by D-Link Corporation. Versions 1.01, 1.02, and 1.03 of the D-Link DIR-645 contain security vulnerabilities. These vulnerabilities stem from a stack-based buffer overflow vulnerability in the function hedwigcgimain located in the /cgi-bin/hedwig.cg...

9CVSS7.7AI score0.005EPSS

CNNVD•added 2026/04/09 12:0 a.m.•3 views

Tenda AC15 安全漏洞

The Tenda AC15 is a wireless router produced by the Chinese company Tenda. Version 15.03.05.18 of the Tenda AC15 contains a security vulnerability. This vulnerability arises from incorrect operations with parameters oldPwd/newPwd/cfmPwd in the function websGetVar within the...

9CVSS7.6AI score0.00627EPSS

Exploits1References5

8.8CVSS6.7AI score0.00425EPSS

stb 缓冲区错误漏洞

STB is a publicly available library for C/C++ developed by Sean Barrett. Versions of STB prior to 1.22 contained a buffer error vulnerability. This vulnerability stemmed from an out-of-bounds write operation in the startdecoder function found in the file stbvorbis.c, which could lead to remote...

Exploits1References4

CNNVD•added 2026/04/02 12:0 a.m.•4 views

Vanna 访问控制错误漏洞

Vanna is a personalized AI SQL proxy from Vanna Corporation. Versions of vanna 2.0.2 and earlier contained an access control vulnerability. This vulnerability stemmed from the absence of authentication in the Chat API Endpoint component, which could lead to remote attacks...

7.5CVSS7.2AI score0.00414EPSS

Exploits0References4

5.3CVSS5.9AI score0.00162EPSS

Vanna 安全漏洞

Vanna is a personalized AI SQL proxy from Vanna Corporation. Versions of vanna 2.0.2 and earlier contained security vulnerabilities. These vulnerabilities were caused by overly lax cross-domain policies implemented in the FastAPI/Flask Server component, which could lead to remote attacks...

Exploits0References4

9.8CVSS7.3AI score0.00727EPSS

Cesanta Mongoose 安全漏洞

Cesanta Mongoose is a set of embedded server libraries developed by the Irish company Cesanta. It includes functions for TCP and HTTP clients and servers, as well as WenSocket clients and servers. Versions of Cesanta Mongoose 7.20 and earlier contained security vulnerabilities. These...

Exploits1References6

CNNVD•added 2026/04/02 12:0 a.m.•4 views

Cesanta Mongoose 安全漏洞

8.1CVSS6.4AI score0.00716EPSS

CNNVD•added 2026/04/02 12:0 a.m.•4 views

SourceCodester Best Courier Management System 访问控制错误漏洞

SourceCodester Best Courier Management System is an open-source courier management system developed by SourceCodester. Version 1.0 of the SourceCodester Best Courier Management System contains a vulnerability related to access control. This vulnerability stems from improper access control in the...

6.9CVSS6.6AI score0.00314EPSS

Exploits0References4

8.1CVSS6.2AI score0.00622EPSS

Cesanta Mongoose 安全漏洞