Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

81833 matches found

Positive Technologies
Positive Technologiesadded 6 days ago5 views

PT-2026-45134

A vulnerability was detected in TaleLin lin-cms-spring-boot up to 0.2.1. This issue affects some unknown processing of the file src/main/java/io/github/talelin/latticy/controller/v1/BookController.java of the component book Endpoint. The manipulation results in improper access controls. The attac...

6.5CVSS6.3AI score0.00036EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 6 days ago6 views

PT-2026-45138

A flaw has been found in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is the function Search of the file org/springframework/cache/support/AbstractCacheManager.java. This manipulation of the argument s causes cross site scripting. Remote exploitation of the attack i...

5.3CVSS4.4AI score0.00033EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 6 days ago7 views

PT-2026-45075

Name of the Vulnerable Software and Affected Versions sambitraj STUDENT-MANAGEMENT-SYSTEM version 1.0 Description A remote SQL injection exists within the Login Page component. This occurs when the email argument is manipulated, allowing an attacker to interfere with the database queries...

7.5CVSS7.2AI score0.0003EPSS
Exploits0References11
Positive Technologies
Positive Technologiesadded 6 days ago7 views

PT-2026-45141

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accounts report search of the file application/modules/accounts/controllers/Accounts.php of the component Accounts Report Handler. Performing a manipulation of the argument...

5.8CVSS5.7AI score0.00026EPSS
Exploits0References5
OSV
OSVadded 2026/05/29 1:34 p.m.11 views

OESA-2026-2492 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate buffer length while parsing index indxread is called when we have some NTFS directory operations that need more information from the index...

9.8CVSS5.9AI score0.00076EPSS
Exploits0References16
Circl
Circladded 2026/05/29 3:29 a.m.8 views

CVE-2026-44655

creationtimestamp| type| source ---|---|--- 2026-05-29 03:29:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmxltmhdmb2w...

8.6CVSS5.7AI score0.00057EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/05/29 12:13 a.m.6 views

CVE-2026-9912

An inappropriate implementation flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=499873765...

6.5CVSS5.7AI score0.00035EPSS
Exploits0References5
OSV
OSVadded 2026/05/29 12:4 a.m.9 views

OSV-2026-823 Heap-buffer-overflow in ihevcd_fmt_conv_422sp_to_420p

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517027631 Crash type: Heap-buffer-overflow WRITE 1 Crash state: ihevcdfmtconv422spto420p ihevcdfmtconv ihevcddecode...

5.8AI score
Exploits0References1
OSV
OSVadded 2026/05/29 12:0 a.m.7 views

MAL-2026-5035 Malicious code in @t-in-one/add_application_service_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/29 12:0 a.m.9 views

Malicious code in @t-in-one/get_application_hid (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/05/29 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-45872

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: smartpqi: Fix memory leak in pqireportphysluns pqireportphysluns fails to release the rpllist buffer when encountering an unsupported data format or when...

6AI score0.00032EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/29 12:0 a.m.7 views

Malicious code in @sber-ecom-core/sberpay-widget (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

5.8AI score
Exploits0References2
OSV
OSVadded 2026/05/29 12:0 a.m.4 views

MAL-2026-5034 Malicious code in @t-in-one/add_application (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

5.8AI score
Exploits0References2
OSV
OSVadded 2026/05/29 12:0 a.m.3 views

MAL-2026-5045 Malicious code in @t-in-one/safe_local_storage_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/29 12:0 a.m.10 views

Malicious code in @t-in-one/restore_application_hid_from_storage (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/29 12:0 a.m.7 views

Malicious code in @t-in-one/form_product_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/05/29 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-10004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Passwords in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to perform UI spoofing via a crafted...

6.5CVSS5.9AI score0.00038EPSS
Exploits0References2
OSV
OSVadded 2026/05/29 12:0 a.m.4 views

MAL-2026-5037 Malicious code in @t-in-one/application_id_storage_key_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

5.8AI score
Exploits0References2
Circl
Circladded 2026/05/28 6:0 p.m.5 views

CVE-2026-9924

creationtimestamp| type| source ---|---|--- 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260529 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260529 2026-05-29...

8.3CVSS5.8AI score0.00079EPSS
Exploits0References3
Circl
Circladded 2026/05/28 6:0 p.m.5 views

CVE-2026-9969

creationtimestamp| type| source ---|---|--- 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260529 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260529 2026-05-29...

8.8CVSS5.7AI score0.00148EPSS
Exploits0References4
Rows per page
Query Builder