Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

121100 matches found

NVD
NVDadded 2026/06/09 7:17 p.m.6 views

CVE-2026-36793

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.32204 was discovered to contain multiple stack overflows in the formwrlSSIDset function via the mitssid and misssidindex parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

7.5CVSS0.00397EPSS
Exploits0References1
NVD
NVDadded 2026/06/09 7:17 p.m.5 views

CVE-2026-36777

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.32204 was discovered to contain a stack overflow in the param1 parameter of the formSetCfm function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

6.5CVSS0.00217EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/09 6:30 p.m.5 views

EUVD-2026-35680

Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.4AI score0.00402EPSS
Exploits0References2
EUVD
EUVDadded 2026/06/09 6:30 p.m.8 views

EUVD-2026-35484

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

5.9CVSS5.5AI score0.00344EPSS
Exploits0References7
OSV
OSVadded 2026/06/09 5:45 p.m.7 views

MAL-2026-5459 Malicious code in @dktunited/anly-tracker-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a8893b914c3ba3139a3c8cede191521742237aa7c1c5d64f7ee45dbc5f636a6 scripts/postinstall.js runs unconditionally during npm install and exfiltrates installer-side identifiers to an attacker-controlled out-of-band...

5.5AI score
Exploits0References1
OSV
OSVadded 2026/06/09 5:44 p.m.5 views

MAL-2026-5443 Malicious code in exodus-wallet-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53bf93b626689e980ef2e9c4ba33fd95e81d6a04c665f85908c8cf07b8b36e14 Package name impersonates the Exodus cryptocurrency wallet brand. package.json declares "postinstall": "node src/canary.js", and src/canary.js perfor...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/09 5:44 p.m.8 views

Malicious code in exodus-wallet-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53bf93b626689e980ef2e9c4ba33fd95e81d6a04c665f85908c8cf07b8b36e14 Package name impersonates the Exodus cryptocurrency wallet brand. package.json declares "postinstall": "node src/canary.js", and src/canary.js perfor...

6.1AI score
Exploits0References1
OSV
OSVadded 2026/06/09 5:44 p.m.7 views

MAL-2026-5445 Malicious code in grateful-payments (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a7a07a0a09ed8037058353b9b9b067e25e3cbe783eaab8d54276d490f823471 On npm install, the package's postinstall script src/canary.js performs a DNS lookup and HTTPS GET to the hardcoded host...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/09 5:44 p.m.9 views

Malicious code in exodus-solana-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecffe98bff5e1c4655631cf8f92b1b1ccb534e0eeaa7043fab0d5fa1fbfabc35 Package name impersonates the Exodus cryptocurrency wallet brand exodus-solana-sdk. package.json declares a postinstall hook node src/canary.js that...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/09 5:44 p.m.7 views

Malicious code in exodus-ethereum-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4e52a42f8980da0a9df361ef772ca31bbdaec85eb3fc7a73dbcfc8b5ca6894a Package name impersonates the Exodus cryptocurrency wallet brand and ships no real functionality src/index.js exports an empty object; package.json...

5.5AI score
Exploits0References1
OSV
OSVadded 2026/06/09 5:44 p.m.4 views

MAL-2026-5440 Malicious code in exodus-ethereum-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4e52a42f8980da0a9df361ef772ca31bbdaec85eb3fc7a73dbcfc8b5ca6894a Package name impersonates the Exodus cryptocurrency wallet brand and ships no real functionality src/index.js exports an empty object; package.json...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/09 5:35 p.m.7 views

Malicious code in @klapp-login-platform/native-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b3bc8633d15b44abc90074d3362fd9399f53d10a88e24264caee9d924a72bb6 On npm install, the package's preinstall lifecycle hook runs node index.js, which collects installer-side identifiers — os.hostname,...

5.5AI score
Exploits0References2
NVD
NVDadded 2026/06/09 5:17 p.m.7 views

CVE-2026-45503

Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to disclose information over a network...

8.1CVSS0.00428EPSS
Exploits0References1
NVD
NVDadded 2026/06/09 5:17 p.m.8 views

CVE-2026-42767

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

5.9CVSS0.00344EPSS
Exploits0References6
OSV
OSVadded 2026/06/09 5:17 p.m.2 views

ALPINE-CVE-2026-42767

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

5.9CVSS5.5AI score0.00344EPSS
Exploits0References1
CVE
CVEadded 2026/06/09 5:4 p.m.17 views

CVE-2026-45504

CVE-2026-45504 is an SSRF-based elevation of privilege in Microsoft Exchange Server . The entry notes an attacker who is authorized can elevate privileges over the network. CVSS v3.1 base score is 8.8 (HIGH) with NETWORK attack vector, LOW attack complexity, and LOW privileges required, with NONE...

8.8CVSS5.4AI score0.00402EPSS
Exploits0References1Affected Software2
OSV
OSVadded 2026/06/09 4:9 p.m.5 views

USN-8413-1 cyborg vulnerabilities

It was discovered that Cyborg did not properly enforce project ownership in the Accelerator Request ARQ API. An authenticated user could possibly use this issue to delete ARQs bound to other projects' instances, resulting in a cross-tenant denial of service. CVE-2026-40214 It was discovered that...

7.4CVSS5.7AI score0.00206EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/06/09 4:3 p.m.28 views

CVE-2026-42767 NULL Pointer Dereference in CRMF EncryptedValue Decryption

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

0.00344EPSS
Exploits0References6
CVE
CVEadded 2026/06/09 4:3 p.m.28 views

CVE-2026-42767

The CVE-2026-42767 issue affects the OpenSSL CMP client: processing a CRMF CertRepMessage with EncryptedValue where symmAlg has an OID but no parameters can trigger a NULL pointer dereference, crashing the CMP client and enabling DoS. The vulnerability is due to improper handling during CMP respo...

5.9CVSS5.6AI score0.00344EPSS
Exploits0References6Affected Software1
AlpineLinux
AlpineLinuxadded 2026/06/09 4:3 p.m.6 views

CVE-2026-42767

Issue summary: An attacker-controlled CMP Certificate Management Protocol server could trigger a NULL pointer dereference in a CMP client application. Impact summary: A NULL pointer dereference causes a crash of the application and a Denial of Service. An attacker controlling a CMP server or acti...

5.9CVSS5.5AI score0.00344EPSS
Exploits0
Rows per page
Query Builder