Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

41171 matches found

Cvelist
Cvelistadded 2026/04/03 2:30 p.m.16 views

CVE-2026-5469 Casdoor Webhook URL server-side request forgery

A weakness has been identified in Casdoor 2.356.0. This vulnerability affects unknown code of the component Webhook URL Handler. Executing a manipulation can lead to server-side request forgery. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not...

5.8CVSS0.00301EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/03 2:30 p.m.2 views

CVE-2026-5469 Casdoor Webhook URL server-side request forgery

A weakness has been identified in Casdoor 2.356.0. This vulnerability affects unknown code of the component Webhook URL Handler. Executing a manipulation can lead to server-side request forgery. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not...

5.8CVSS5.6AI score0.00301EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/03 1:30 p.m.23 views

CVE-2026-5468 Casdoor dangerouslySetInnerHTML cross site scripting

A security flaw has been discovered in Casdoor 2.356.0. This affects the function dangerouslySetInnerHTML. Performing a manipulation of the argument formCss/formCssMobile/formSideHtml results in cross site scripting. The attack can be initiated remotely. The exploit has been released to the publi...

5.1CVSS0.00188EPSS
Exploits0References3
OSV
OSVadded 2026/04/03 12:31 p.m.2 views

GHSA-MJ24-PQX2-6788 Casdoor vulnerable to Open Redirect

A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functionality of the component OAuth Authorization Request Handler. Such manipulation of the argument redirecturi leads to open redirect. It is possible to launch the attack remotely. The exploit is publicly...

5.3CVSS5.5AI score0.00324EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2026/04/03 12:31 p.m.6 views

Casdoor vulnerable to Open Redirect

A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functionality of the component OAuth Authorization Request Handler. Such manipulation of the argument redirecturi leads to open redirect. It is possible to launch the attack remotely. The exploit is publicly...

6.1CVSS5.5AI score0.00324EPSS
Exploits0References5Affected Software1
EUVD
EUVDadded 2026/04/03 12:31 p.m.3 views

EUVD-2026-18629

A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functionality of the component OAuth Authorization Request Handler. Such manipulation of the argument redirecturi leads to open redirect. It is possible to launch the attack remotely. The exploit is publicly...

5.3CVSS5.5AI score0.00324EPSS
Exploits0References4
NVD
NVDadded 2026/04/03 12:16 p.m.2 views

CVE-2026-5467

A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functionality of the component OAuth Authorization Request Handler. Such manipulation of the argument redirecturi leads to open redirect. It is possible to launch the attack remotely. The exploit is publicly...

6.1CVSS0.00324EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/03 11:45 a.m.2 views

CVE-2026-5467 Casdoor OAuth Authorization Request redirect

A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functionality of the component OAuth Authorization Request Handler. Such manipulation of the argument redirecturi leads to open redirect. It is possible to launch the attack remotely. The exploit is publicly...

5.3CVSS5.5AI score0.00324EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/04/03 11:45 a.m.18 views

CVE-2026-5467 Casdoor OAuth Authorization Request redirect

A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functionality of the component OAuth Authorization Request Handler. Such manipulation of the argument redirecturi leads to open redirect. It is possible to launch the attack remotely. The exploit is publicly...

5.3CVSS0.00324EPSS
Exploits0References3
RedhatCVE
RedhatCVEadded 2026/04/03 10:58 a.m.5 views

CVE-2026-5326

A vulnerability was identified in SourceCodester Leave Application System 1.0. Impacted is an unknown function of the file /index.php?page=manageuser of the component User Information Handler. Such manipulation of the argument ID leads to authorization bypass. The attack can be executed remotely...

6.9CVSS5.6AI score0.00404EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/03 10:58 a.m.5 views

CVE-2026-5322

A vulnerability has been found in AlejandroArciniegas mcp-data-vis bc597e391f184d2187062fd567599a3cb72adf51/de5a51525a69822290eaee569a1ab447b490746d. This affects the function Request of the file src/servers/database/server.js of the component MCP Handler. The manipulation leads to sql injection...

7.5CVSS5.6AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/03 5:8 a.m.5 views

CVE-2026-5319

A security vulnerability has been detected in itsourcecode Payroll Management System up to 1.0. Affected is an unknown function of the file /navbar.php. Such manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclos...

5.3CVSS4.2AI score0.00337EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/03 5:8 a.m.8 views

CVE-2026-5320

A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is an unknown functionality of the file /api/vanna/v2/ of the component Chat API Endpoint. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is n...

7.5CVSS6.8AI score0.00414EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/03 5:8 a.m.5 views

CVE-2026-5321

A flaw has been found in vanna-ai vanna up to 2.0.2. Affected by this issue is some unknown functionality of the component FastAPI/Flask Server. Executing a manipulation can lead to permissive cross-domain policy with untrusted domains. The attack can be launched remotely. The exploit has been...

5.3CVSS5.5AI score0.00162EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/04/03 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-5318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the...

5.3CVSS5.3AI score0.00629EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2026/04/03 12:0 a.m.2 views

PT-2026-30029

Name of the Vulnerable Software and Affected Versions Casdoor version 2.356.0 Description A flaw exists in the OAuth Authorization Request Handler component that allows for open redirect attacks. Manipulation of the redirect uri argument can be exploited remotely. The exploit is publicly availabl...

6.1CVSS5.7AI score0.00324EPSS
Exploits0References10
Positive Technologies
Positive Technologiesadded 2026/04/03 12:0 a.m.11 views

PT-2026-30189

A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6cc288bb897b35cf2/ca613b736ab787bc926932f59cddc69457185a83. This issue affects the function extractContent of the file src/services/content-extractor.service.ts of the component Model Context Protoc...

6.5CVSS5.5AI score0.00206EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2026/04/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-5342

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in LibRaw up to 0.22.0. This affects the function LibRaw::nikonloadpaddedpackedraw of the file src/decoders/decoderslibraw.cpp of the...

6.9CVSS5.6AI score0.00735EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2026/04/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-5316

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to...

6.5CVSS5.4AI score0.00439EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2026/04/03 12:0 a.m.6 views

PT-2026-30049

Name of the Vulnerable Software and Affected Versions Casdoor version 2.356.0 Description A weakness exists in the Webhook URL Handler component that could allow for server-side request forgery SSRF. This can be triggered remotely by manipulating the system. The vendor was contacted but did not...

7.2CVSS5.7AI score0.00301EPSS
Exploits0References9
Rows per page
Query Builder