Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

41168 matches found

Cvelist
Cvelistadded 2026/04/03 7:45 p.m.18 views

CVE-2026-5484 BookStackApp BookStack Chapter Export ExportFormatter.php chapterToMarkdown access control

A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the file app/Exports/ExportFormatter.php of the component Chapter Export Handler. Executing a manipulation of the argument pages can lead to improper access controls. It is possible...

6.9CVSS0.00322EPSS
Exploits0References8
CVE
CVEadded 2026/04/03 7:45 p.m.8 views

CVE-2026-5484

Summary (CVE-2026-5484) : BookStackApp BookStack (up to 26.03) contains a vulnerability in the function chapterToMarkdown within app/Exports/ExportFormatter.php of the Chapter Export Handler . Manipulating the argument pages can bypass access controls, enabling a remote attack. The exploit is pub...

6.9CVSS5.7AI score0.00322EPSS
Exploits0References8
RedhatCVE
RedhatCVEadded 2026/04/03 5:0 p.m.3 views

CVE-2026-5354

A flaw has been found in Trendnet TEW-657BRM 1.00.1. Affected by this vulnerability is the function vpnconnect of the file /setup.cgi. Executing a manipulation of the argument policyname can lead to os command injection. The attack can be executed remotely. The exploit has been published and may ...

8.8CVSS6.4AI score0.04778EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/04/03 5:0 p.m.6 views

CVE-2026-5344

A security vulnerability has been detected in Textpattern up to 4.9.1. Affected by this vulnerability is the function mtuploadImage of the file rpc/TXPRPCServer.php of the component XML-RPC Handler. The manipulation of the argument file.name leads to path traversal. Remote exploitation of the...

6.5CVSS6.2AI score0.00332EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/03 5:0 p.m.5 views

CVE-2026-5328

A weakness has been identified in shsuishang modulithshop up to 829bac71f507e84684c782b9b062b8bf3b5585d6. The impacted element is the function listItem of the file src/main/java/com/suisung/shopsuite/pt/service/impl/ProductIndexServiceImpl.java of the component ProductItemDao Interface. Executing...

6.5CVSS6.4AI score0.00204EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/03 5:0 p.m.3 views

CVE-2026-5338

A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function actionsetsystemsettings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The...

7.2CVSS5.7AI score0.04353EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/04/03 4:59 p.m.5 views

CVE-2026-5334

A weakness has been identified in itsourcecode Online Enrollment System 1.0. Impacted is an unknown function of the file /enrollment/index.php?view=edit=3 of the component Parameter Handler. This manipulation of the argument deptid causes sql injection. The attack is possible to be carried out...

9.8CVSS6.8AI score0.00371EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/04/03 4:59 p.m.3 views

CVE-2026-5346

A vulnerability was determined in huimeicloud hmeditor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attac...

7.5CVSS6.7AI score0.00278EPSS
Exploits0References1
NVD
NVDadded 2026/04/03 4:16 p.m.5 views

CVE-2026-5470

A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6cc288bb897b35cf2/ca613b736ab787bc926932f59cddc69457185a83. This issue affects the function extractContent of the file src/services/content-extractor.service.ts of the component Model Context Protoc...

6.5CVSS0.00206EPSS
Exploits0References4
EUVD
EUVDadded 2026/04/03 3:30 p.m.2 views

EUVD-2026-18655

A security flaw has been discovered in Casdoor 2.356.0. This affects the function dangerouslySetInnerHTML. Performing a manipulation of the argument formCss/formCssMobile/formSideHtml results in cross site scripting. The attack can be initiated remotely. The exploit has been released to the publi...

5.1CVSS4.4AI score0.00188EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2026/04/03 3:30 p.m.8 views

Casdoor vulnerable to Stored XSS via Application formCss / formSideHtml

A security flaw has been discovered in Casdoor 2.356.0. This affects the function dangerouslySetInnerHTML. Performing a manipulation of the argument formCss/formCssMobile/formSideHtml results in cross site scripting. The attack can be initiated remotely. The exploit has been released to the publi...

5.4CVSS4.4AI score0.00188EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/04/03 3:30 p.m.3 views

CVE-2026-5470

A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6cc288bb897b35cf2/ca613b736ab787bc926932f59cddc69457185a83. This issue affects the function extractContent of the file src/services/content-extractor.service.ts of the component Model Context Protoc...

6.5CVSS5.5AI score0.00206EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/04/03 3:30 p.m.2 views

CVE-2026-5470 mixelpixx Google-Research-MCP Model Context Protocol content-extractor.service.ts extractContent server-side request forgery

A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6cc288bb897b35cf2/ca613b736ab787bc926932f59cddc69457185a83. This issue affects the function extractContent of the file src/services/content-extractor.service.ts of the component Model Context Protoc...

6.5CVSS6.2AI score0.00206EPSS
Exploits0References4
NVD
NVDadded 2026/04/03 3:16 p.m.5 views

CVE-2026-5469

A weakness has been identified in Casdoor 2.356.0. This vulnerability affects unknown code of the component Webhook URL Handler. Executing a manipulation can lead to server-side request forgery. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not...

7.2CVSS0.00301EPSS
Exploits0References3
OSV
OSVadded 2026/04/03 3:16 p.m.4 views

UBUNTU-CVE-2026-26477

An issue in Dokuwiki v.2025-05-14b "Librarian" 56.2 allows a remote attacker to cause a denial of service via the mediauploadxhr function in the media.php file...

7.5CVSS5.8AI score0.00452EPSS
Exploits1References3
Cvelist
Cvelistadded 2026/04/03 2:30 p.m.16 views

CVE-2026-5469 Casdoor Webhook URL server-side request forgery

A weakness has been identified in Casdoor 2.356.0. This vulnerability affects unknown code of the component Webhook URL Handler. Executing a manipulation can lead to server-side request forgery. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not...

5.8CVSS0.00301EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/03 2:30 p.m.2 views

CVE-2026-5469 Casdoor Webhook URL server-side request forgery

A weakness has been identified in Casdoor 2.356.0. This vulnerability affects unknown code of the component Webhook URL Handler. Executing a manipulation can lead to server-side request forgery. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not...

5.8CVSS5.6AI score0.00301EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/03 1:30 p.m.23 views

CVE-2026-5468 Casdoor dangerouslySetInnerHTML cross site scripting

A security flaw has been discovered in Casdoor 2.356.0. This affects the function dangerouslySetInnerHTML. Performing a manipulation of the argument formCss/formCssMobile/formSideHtml results in cross site scripting. The attack can be initiated remotely. The exploit has been released to the publi...

5.1CVSS0.00188EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/03 12:31 p.m.2 views

EUVD-2026-18629

A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functionality of the component OAuth Authorization Request Handler. Such manipulation of the argument redirecturi leads to open redirect. It is possible to launch the attack remotely. The exploit is publicly...

5.3CVSS5.5AI score0.00324EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2026/04/03 12:31 p.m.6 views

Casdoor vulnerable to Open Redirect

A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functionality of the component OAuth Authorization Request Handler. Such manipulation of the argument redirecturi leads to open redirect. It is possible to launch the attack remotely. The exploit is publicly...

6.1CVSS5.5AI score0.00324EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder