Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

114 matches found

NVD
NVDadded 2026/06/09 8:17 p.m.9 views

CVE-2026-6444

A flaw exists in the FlashArray Purity management interface where an authenticated low-privileged user may, under specific conditions, access functionality beyond their assigned privileges...

8.6CVSS0.00279EPSS
Exploits0References1
NVD
NVDadded 2026/06/05 3:16 p.m.13 views

CVE-2026-6209

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Exploits0
Positive Technologies
Positive Technologiesadded 2026/06/02 12:0 a.m.12 views

PT-2026-45719

Missing Authorization vulnerability in Anton Shevchuk Constructor allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Constructor: from n/a through 1.6.5...

5.3CVSS5.8AI score0.00187EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/08 1:15 p.m.29 views

CVE-2026-44125 Missing Authorization in GINAv2

SEPPmail Secure Email Gateway before version 15.0.4 fails to enforce authorization checks for multiple endpoints in the new GINA UI, allowing unauthenticated remote attackers to access functionality that should require a valid session...

9.3CVSS0.00386EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/03/26 5:4 p.m.1 views

CVE-2026-25345

Improper Validation of Specified Quantity in Input vulnerability in GalleryCreator SimpLy Gallery simply-gallery-block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SimpLy Gallery: from n/a through = 3.3.2...

9.9CVSS5.8AI score0.00447EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/05 6:30 a.m.6 views

EUVD-2026-9785

Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Royal Elementor Addons: from n/a through = 1.7.1049...

5.9AI score0.00229EPSS
Exploits0References2
CVE
CVEadded 2026/03/05 5:54 a.m.12 views

CVE-2026-28135

The CVE refers to WP Royal Elementor Addons (royal-elementor-addons) with versions up to 1.7.1052/1051 affected. Reported as an inclusion of functionality from an untrusted control sphere, which enables Accessing Functionality Not Properly Constrained by ACLs. Public sources (NVD, Red Hat, CVE li...

8.2CVSS5.9AI score0.00229EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/05 5:54 a.m.3 views

CVE-2026-28104

Missing Authorization vulnerability in Aryan Shirani Bid Abadi Site Suggest site-suggest allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Site Suggest: from n/a through = 1.3.9...

5.9AI score0.00242EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEVadded 2026/02/12 12:0 a.m.5 views

VulnCheck KEV: CVE-2025-40536

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality...

9.8CVSS5.7AI score0.81624EPSS
In wildExploits4References3
CISA KEV Catalog
CISA KEV Catalogadded 2026/02/12 12:0 a.m.12 views

SolarWinds Web Help Desk Security Control Bypass Vulnerability

SolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker to gain access to certain restricted functionality...

9.8CVSS5.5AI score0.81624EPSS
In wildExploits4
Cvelist
Cvelistadded 2026/01/28 7:30 a.m.29 views

CVE-2025-40536 SolarWinds Web Help Desk Security Control Bypass Vulnerability

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality...

8.1CVSS0.81624EPSS
Exploits4References2
EUVD
EUVDadded 2026/01/28 7:30 a.m.3 views

EUVD-2025-206418

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality...

8.1CVSS5.9AI score0.81624EPSS
Exploits4References2
Vulnrichment
Vulnrichmentadded 2026/01/28 7:30 a.m.2 views

CVE-2025-40536 SolarWinds Web Help Desk Security Control Bypass Vulnerability

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality...

8.1CVSS5.9AI score0.81624EPSS
Exploits4References2
CVE
CVEadded 2026/01/28 7:30 a.m.26 views

CVE-2025-40536

CVE-2025-40536 relates to SolarWinds Web Help Desk and is described in connected sources as a security control bypass that could allow an unauthenticated attacker to access certain restricted functionality. The KEV/KEA entries note active exploitation risk, and a Metasploit module documents an un...

9.8CVSS5.9AI score0.81624EPSS
In wildExploits4References4Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:52 p.m.2 views

CVE-2025-68009

Missing Authorization vulnerability in Codeless Slider Templates slider-templates allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Slider Templates: from n/a through = 1.0.3...

6.5CVSS5.3AI score0.00354EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/01/10 5:41 a.m.2 views

CVE-2025-67913

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Aruba HiSpeed Cache: from n/a through 3.0.3...

6.5CVSS5.9AI score0.00242EPSS
Exploits0References1
NVD
NVDadded 2026/01/08 10:15 a.m.5 views

CVE-2025-14358

Missing Authorization vulnerability in sizam REHub Framework rehub-framework allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects REHub Framework: from n/a through = 19.9.5...

7.5CVSS0.00287EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/12/29 11:26 p.m.2 views

CVE-2025-68036 WordPress CubeWP plugin <= 1.1.27 - Broken Access Control vulnerability

Missing Authorization vulnerability in Emraan Cheema CubeWP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects CubeWP: from n/a through 1.1.27...

7.5CVSS6.6AI score0.00237EPSS
Exploits0References1
NVD
NVDadded 2025/12/18 8:16 a.m.4 views

CVE-2025-60079

Missing Authorization vulnerability in bPlugins Parallax Section block parallax-section allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Parallax Section block: from n/a through = 1.0.9...

7.1CVSS0.00226EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/12/18 12:0 a.m.2 views

PT-2025-52165

Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro masterstudy-lms-learning-management-system-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MasterStudy LMS Pro: from n/a through 4.7.16...

7AI score0.003EPSS
Exploits0References2
Rows per page
Query Builder