Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

121511 matches found

EUVD
EUVDadded 2026/04/15 6:31 p.m.7 views

EUVD-2026-22970

A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...

9.9CVSS6.2AI score0.05972EPSS
Exploits1References2
EUVD
EUVDadded 2026/04/15 6:31 p.m.5 views

EUVD-2026-22953

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerabili...

4.7CVSS5.8AI score0.00202EPSS
Exploits0References2
EUVD
EUVDadded 2026/04/15 6:31 p.m.3 views

EUVD-2026-22957

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...

6.5CVSS6AI score0.00388EPSS
Exploits0References2
EUVD
EUVDadded 2026/04/15 6:31 p.m.3 views

EUVD-2026-22903

Cross-Site Request Forgery CSRF vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through = 1.10.0.2...

8.1CVSS5.8AI score0.00101EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/15 6:26 p.m.18 views

CVE-2026-39845 Weblate: SSRF via the webhook add-on using unprotected fetch_url()

Weblate is a web based localization tool. In versions prior to 5.17, the webhook add-on did not utilize existing SSRF protections. This issue has been fixed in version 5.17. If developers are unable to update immediately, they can disable the webhook add-on as a workaround...

4.1CVSS0.00275EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/15 6:22 p.m.23 views

CVE-2026-34244 Weblate: SSRF via Project-Level Machinery Configuration

Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission granted by the per-project "Administration" role can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate...

5CVSS0.0024EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/15 6:22 p.m.3 views

CVE-2026-34244

Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission granted by the per-project "Administration" role can configure machine translation service URLs pointing to arbitrary internal network addresses. During configuration validation, Weblate...

5CVSS5.8AI score0.0024EPSS
Exploits0References3Affected Software1
NVD
NVDadded 2026/04/15 5:17 p.m.29 views

CVE-2026-20186

A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...

9.9CVSS0.0591EPSS
Exploits0References1
NVD
NVDadded 2026/04/15 5:17 p.m.3 views

CVE-2026-20078

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials. These vulnerabilities are due to improper sanitization o...

6.5CVSS0.00388EPSS
Exploits0References1
NVD
NVDadded 2026/04/15 5:17 p.m.4 views

CVE-2025-15635

Cross-Site Request Forgery CSRF vulnerability in ZAYTECH Smart Online Order for Clover clover-online-orders allows Cross Site Request Forgery.This issue affects Smart Online Order for Clover: from n/a through = 1.6.0...

4.3CVSS0.00107EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/15 4:20 p.m.4 views

CVE-2026-2332

A flaw was found in Eclipse Jetty. The HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used. An attacker can inject crafted requests to manipulate and trick the parser. This issue can lead to security controls bypass, cache poisoning or unauthorized endpoint access...

9.1CVSS5.7AI score0.00523EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/04/15 4:11 p.m.3 views

CVE-2026-20060 Cisco Unity Connection Open Redirect Vulnerability

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerabili...

4.7CVSS5.8AI score0.00202EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/15 4:3 p.m.17 views

CVE-2026-20180 Cisco Identity Services Engine Multiple Remote Code Execution Vulnerability

A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...

9.9CVSS0.05972EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2026/04/15 4:3 p.m.4 views

CVE-2026-20180 Cisco Identity Services Engine Multiple Remote Code Execution Vulnerability

A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...

9.9CVSS6.2AI score0.05972EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2026/04/15 4:3 p.m.2 views

CVE-2026-20186 Cisco Identity Services Engine Multiple Authenticated Remote Code Execution Vulnerability

A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...

9.9CVSS6.2AI score0.0591EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/15 4:3 p.m.38 views

CVE-2026-20186 Cisco Identity Services Engine Multiple Authenticated Remote Code Execution Vulnerability

A vulnerability in Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials. This vulnerabilit...

9.9CVSS0.0591EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/15 4:3 p.m.15 views

CVE-2026-20148 Cisco Identity Services Engine Path Traversal Vulnerability

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system and read arbitrary files. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is...

4.9CVSS0.09213EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/15 4:3 p.m.4 views

CVE-2026-20148 Cisco Identity Services Engine Path Traversal Vulnerability

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system and read arbitrary files. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is...

4.9CVSS6AI score0.09213EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/04/15 4:3 p.m.4 views

CVE-2026-20147 Cisco Identity Services Engine Remote Code Execution Vulnerability

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...

9.9CVSS6.2AI score0.10944EPSS
Exploits0References1
CVE
CVEadded 2026/04/15 4:3 p.m.97 views

CVE-2026-20147

Cisco CVE-2026-20147 affects Cisco Identity Services Engine (ISE) and ISE-PIC. An authenticated, remote attacker with valid administrative credentials can exploit insufficient input validation via a crafted HTTP request to execute arbitrary commands on the device’s underlying OS, potentially gain...

9.9CVSS6.2AI score0.10944EPSS
Exploits0References1
Rows per page
Query Builder