Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

112 matches found

Positive Technologies
Positive Technologiesadded 2 days ago6 views

PT-2026-45719

Missing Authorization vulnerability in Anton Shevchuk Constructor allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Constructor: from n/a through 1.6.5...

5.3CVSS5.8AI score0.00028EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/08 1:15 p.m.24 views

CVE-2026-44125 Missing Authorization in GINAv2

SEPPmail Secure Email Gateway before version 15.0.4 fails to enforce authorization checks for multiple endpoints in the new GINA UI, allowing unauthenticated remote attackers to access functionality that should require a valid session...

9.3CVSS0.00133EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/03/26 5:4 p.m.1 views

CVE-2026-25345

Improper Validation of Specified Quantity in Input vulnerability in GalleryCreator SimpLy Gallery simply-gallery-block allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects SimpLy Gallery: from n/a through = 3.3.2...

9.9CVSS5.8AI score0.00094EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/05 6:30 a.m.1 views

EUVD-2026-9785

Inclusion of Functionality from Untrusted Control Sphere vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Royal Elementor Addons: from n/a through = 1.7.1049...

5.9AI score0.0006EPSS
Exploits0References2
CVE
CVEadded 2026/03/05 5:54 a.m.7 views

CVE-2026-28135

The CVE refers to WP Royal Elementor Addons (royal-elementor-addons) with versions up to 1.7.1052/1051 affected. Reported as an inclusion of functionality from an untrusted control sphere, which enables Accessing Functionality Not Properly Constrained by ACLs. Public sources (NVD, Red Hat, CVE li...

8.2CVSS5.9AI score0.0006EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/03/05 5:54 a.m.2 views

CVE-2026-28104

Missing Authorization vulnerability in Aryan Shirani Bid Abadi Site Suggest site-suggest allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Site Suggest: from n/a through = 1.3.9...

5.9AI score0.00056EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEVadded 2026/02/12 12:0 a.m.1 views

VulnCheck KEV: CVE-2025-40536

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality...

9.8CVSS5.7AI score0.67487EPSS
In wildExploits4References3
CISA KEV Catalog
CISA KEV Catalogadded 2026/02/12 12:0 a.m.9 views

SolarWinds Web Help Desk Security Control Bypass Vulnerability

SolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker to gain access to certain restricted functionality...

9.8CVSS5.5AI score0.67487EPSS
In wildExploits4
Vulnrichment
Vulnrichmentadded 2026/01/28 7:30 a.m.1 views

CVE-2025-40536 SolarWinds Web Help Desk Security Control Bypass Vulnerability

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality...

8.1CVSS5.9AI score0.67487EPSS
Exploits4References2
EUVD
EUVDadded 2026/01/28 7:30 a.m.1 views

EUVD-2025-206418

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality...

8.1CVSS5.9AI score0.67487EPSS
Exploits4References2
Cvelist
Cvelistadded 2026/01/28 7:30 a.m.25 views

CVE-2025-40536 SolarWinds Web Help Desk Security Control Bypass Vulnerability

SolarWinds Web Help Desk was found to be susceptible to a security control bypass vulnerability that if exploited, could allow an unauthenticated attacker to gain access to certain restricted functionality...

8.1CVSS0.67487EPSS
Exploits4References2
CVE
CVEadded 2026/01/28 7:30 a.m.20 views

CVE-2025-40536

CVE-2025-40536 relates to SolarWinds Web Help Desk and is described in connected sources as a security control bypass that could allow an unauthenticated attacker to access certain restricted functionality. The KEV/KEA entries note active exploitation risk, and a Metasploit module documents an un...

9.8CVSS5.9AI score0.67487EPSS
In wildExploits4References4Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/01/22 4:52 p.m.1 views

CVE-2025-68009

Missing Authorization vulnerability in Codeless Slider Templates slider-templates allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Slider Templates: from n/a through = 1.0.3...

6.5CVSS5.3AI score0.00021EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/01/10 5:41 a.m.0 views

CVE-2025-67913

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Aruba HiSpeed Cache: from n/a through 3.0.3...

6.5CVSS5.9AI score0.00073EPSS
Exploits0References1
NVD
NVDadded 2026/01/08 10:15 a.m.2 views

CVE-2025-14358

Missing Authorization vulnerability in sizam REHub Framework rehub-framework allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects REHub Framework: from n/a through = 19.9.5...

7.5CVSS0.00058EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/12/29 11:26 p.m.1 views

CVE-2025-68036 WordPress CubeWP plugin <= 1.1.27 - Broken Access Control vulnerability

Missing Authorization vulnerability in Emraan Cheema CubeWP allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects CubeWP: from n/a through 1.1.27...

7.5CVSS6.6AI score0.00039EPSS
Exploits0References1
NVD
NVDadded 2025/12/18 8:16 a.m.1 views

CVE-2025-60079

Missing Authorization vulnerability in bPlugins Parallax Section block parallax-section allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Parallax Section block: from n/a through = 1.0.9...

7.1CVSS0.00052EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/12/18 12:0 a.m.0 views

PT-2025-52165

Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro masterstudy-lms-learning-management-system-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MasterStudy LMS Pro: from n/a through 4.7.16...

7AI score0.00059EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/12/18 12:0 a.m.2 views

PT-2025-52137

Missing Authorization vulnerability in bPlugins Parallax Section block parallax-section allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Parallax Section block: from n/a through = 1.0.9...

7AI score0.00052EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/12/17 10:2 a.m.0 views

CVE-2025-64634

Missing Authorization vulnerability in ThemeFusion Avada avada allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Avada: from n/a through = 7.13.2...

5.3CVSS5.9AI score0.00038EPSS
Exploits0References1
Rows per page
Query Builder