Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

88 matches found

Positive Technologies
Positive Technologiesadded 2026/04/07 12:0 a.m.4 views

PT-2026-30836

An issue that allowed all-organization administrators to promote accounts to superuser status has been resolved. This is an instance of CWE-269: Improper Privilege Management, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N 8.1 High. This issue was fixed in version...

8.1CVSS5.8AI score0.00221EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/04/07 12:0 a.m.9 views

runZero Platform 安全漏洞

RunZero Platform is an asset discovery and attack surface management platform developed by the US company RunZero. Versions of RunZero Platform prior to 4.0.260205.0 contained security vulnerabilities. These vulnerabilities were due to improper authorization, which could lead to unauthorized...

2.2CVSS5.8AI score0.00174EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/07 12:0 a.m.5 views

PT-2026-30837

An issue that allowed MCP agents to access remediation and asset information from outside of the authorized organization scope has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N 5.8 Medium. Th...

5.8CVSS5.8AI score0.00208EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/04/07 12:0 a.m.8 views

runZero Platform 安全漏洞

runZero Platform is an asset discovery and attack surface management platform developed by the US company runZero. Versions of runZero Platform prior to 4.0.260203.0 contained security vulnerabilities. These vulnerabilities were due to improper authorization, which could allow the MCP proxy to...

3CVSS5.8AI score0.00118EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/07 12:0 a.m.5 views

PT-2026-30877

An issue that could expose records outside of the authorized organization scope through the MCP endpoints has been resolved. This is an instance of CWE-863: Incorrect Authorization, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N 3.0 Low. This issue was fixed in...

3CVSS5.8AI score0.00174EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/04/07 12:0 a.m.6 views

PT-2026-30874

Name of the Vulnerable Software and Affected Versions runZero Platform versions prior to 4.0.260203.0 Description A flaw allowed MCP agents to access certificate information beyond their authorized organizational boundaries. This is categorized as CWE-863: Incorrect Authorization. Recommendations...

3CVSS5.8AI score0.00118EPSS
Exploits0References6
CNNVD
CNNVDadded 2026/04/07 12:0 a.m.10 views

runZero Platform 安全漏洞

RunZero Platform is an asset discovery and attack surface management platform developed by the US company RunZero. Versions of RunZero Platform prior to 4.0.260203.0 contained security vulnerabilities. These vulnerabilities were due to improper authorization, which could allow administrators to...

6.8CVSS5.8AI score0.00191EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/07 12:0 a.m.6 views

PT-2026-30875

An issue that could allow an authorized user to view the clear-text secrets for a subset of credential types and fields has been resolved. This is an instance of CWE-522: Insufficiently Protected Credentials, and has an estimated CVSS score of CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N 5.3...

5.3CVSS5.8AI score0.00196EPSS
Exploits0References3
Rows per page
Query Builder