CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/06/10 4:17 p.m.•7 views

CVE-2026-53693

A stored cross-site scripting vulnerability existed in MISP BSimVis tag rendering code. Several client-side rendering paths interpolated tag names, collection names, entity identifiers, cluster names, and tag metadata directly into HTML, HTML attributes, inline JavaScript event handlers, and CSS...

6.9CVSS0.00277EPSS

Vulnrichment•added 2026/06/10 2:34 p.m.•7 views

CVE-2026-53693 MISP BSimVis stored cross-site scripting in tag and cluster rendering paths via unescaped tag metadata and UI labels

EUVD•added 2026/06/10 2:34 p.m.•8 views

EUVD-2026-36051

Cvelist•added 2026/06/10 2:34 p.m.•28 views

CVE-2026-53693 MISP BSimVis stored cross-site scripting in tag and cluster rendering paths via unescaped tag metadata and UI labels

6.9CVSS0.00277EPSS

CVE•added 2026/06/10 2:34 p.m.•14 views

CVE-2026-53693

CVE-2026-53693 (MISP BSimVis) describes a stored cross-site scripting vulnerability in BSimVis tag rendering paths. Several client-side routes interpolated tag names, collection names, entity identifiers, cluster names, and tag metadata directly into HTML, HTML attributes, inline JavaScript, and ...

Positive Technologies•added 2026/06/10 12:0 a.m.•11 views

PT-2026-48470

NVD•added 2026/06/09 5:17 p.m.•9 views

CVE-2026-46492

md-fileserver allows for local viewing of markdown files in a browser. Prior to version 1.10.3, a cross-site scripting XSS vulnerability exists in the application’s Markdown rendering logic. When user-supplied Markdown content is rendered, embedded raw HTML—including tags—is processed and injecte...

7.2CVSS0.00213EPSS

Vulnrichment•added 2026/06/09 4:9 p.m.•7 views

CVE-2026-46492 md-fileserver: Stored/Reflected XSS when viewing Markdown (raw HTML allowed)

7.2CVSS5.4AI score0.00213EPSS

CVE•added 2026/06/09 4:9 p.m.•22 views

CVE-2026-46492

md-fileserver önce 1.10.3 sürümünden önce HTML içeren Markdown içeriğini güvenli olmayan şekilde render ediyor; bu, kullanıcı tarafından sağlanan Markdown içeriğinde yer alan [removed] gibi ham HTML’nin sayfaya güvenliksız olarak enjekte edilmesine yol açıyor. Etkilenen bileşenler arasında Markdo...

7.2CVSS5.4AI score0.00213EPSS

Vulnrichment•added 2026/06/09 7:32 a.m.•7 views

CVE-2026-25688 Apache Answer: XSS in AI Answer Rendering

Improper Neutralization of Alternate XSS Syntax vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. AI-generated response content was rendered in the browser without proper sanitization, allowing malicious scripts to be executed when the content was viewed. Users are...

5.3AI score0.00406EPSS

Cvelist•added 2026/06/09 7:32 a.m.•37 views

CVE-2026-25688 Apache Answer: XSS in AI Answer Rendering

0.00406EPSS

CVE•added 2026/06/09 7:32 a.m.•24 views

CVE-2026-25688

CVE-2026-25688 describes an XSS vulnerability in Apache Answer. The issue is an improper neutralization of alternate XSS syntax in AI-generated responses rendered in the browser, affecting Apache Answer up to version 2.0.0. Affected behavior allows execution of malicious scripts when content is v...

6.1CVSS5.3AI score0.00406EPSS

Exploits0References2Affected Software1

SUSE CVE•added 2026/06/09 2:20 a.m.•7 views

SUSE CVE-2026-46309

In the Linux kernel, the following vulnerability has been resolved: drm/xe/uapi: Reject cohnone PAT index for CPU cached memory in madvise Add validation in xevmmadviseioctl to reject PAT indices with XECOHNONE coherency mode when applied to CPU cached memory. Using cohnone with CPU cached buffer...

5.5CVSS5.4AI score0.00164EPSS

Exploits0References3

CNNVD•added 2026/06/09 12:0 a.m.•18 views

md-fileserver 安全漏洞

md-fileserver is a local Markdown file browser and rendering server developed by Commenthol as an individual project. Versions of md-fileserver prior to 1.10.3 contained security vulnerabilities. These vulnerabilities stemmed from the Markdown rendering logic’s failure to clean up the embedded...

7.2CVSS4.9AI score0.00213EPSS

EUVD•added 2026/06/08 2:30 p.m.•7 views

EUVD-2025-210081

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in implementation. Vblank timers are covered in vblank helpers and initializer...

5.5AI score0.00162EPSS

Cvelist•added 2026/06/08 2:30 p.m.•43 views

CVE-2025-71315 drm/vkms: Convert to DRM's vblank timer

0.00162EPSS

CNNVD•added 2026/06/08 12:0 a.m.•6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper access to the wptr mapping in the drm amdgpu userq component, potentially leading to...

7.8CVSS5.3AI score0.00112EPSS

CNNVD•added 2026/06/08 12:0 a.m.•12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the drm/vkms module’s conversion of the vblank timer into DRM. This conversion removes the...

5.4AI score0.00162EPSS

CNNVD•added 2026/06/08 12:0 a.m.•11 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of multiple synchronization extensions in DRM v3D, potentially leading to...

5.3AI score0.00157EPSS