Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

106032 matches found

EUVD
EUVDadded 2026/05/12 3:31 p.m.17 views

EUVD-2026-29470

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

5.3CVSS5.7AI score0.0002EPSS
Exploits0References2
NVD
NVDadded 2026/05/12 2:17 p.m.6 views

CVE-2026-40016

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

6.5CVSS0.0002EPSS
Exploits0References1
OSV
OSVadded 2026/05/12 2:17 p.m.3 views

UBUNTU-CVE-2026-40016

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

6.5CVSS5.7AI score0.0002EPSS
Exploits0References4
UbuntuCve
UbuntuCveadded 2026/05/12 2:17 p.m.8 views

CVE-2026-40016

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

6.5CVSS5.7AI score0.0002EPSS
Exploits0References2
Microsoft KB
Microsoft KBadded 2026/05/12 2:0 p.m.8 views

Update 26.12 for Microsoft Dynamics 365 Business Central 2025 Release Wave 1 (Application Build 26.12.48244, Platform Build 26.0.48120)

Update 26.12 for Microsoft Dynamics 365 Business Central 2025 Release Wave 1 Application Build 26.12.48244, Platform Build 26.0.48120 Overview This update replaces previously released updates. You should always install the latest update.After you install this hotfix, you might have to update your...

7.8CVSS5.8AI score0.00045EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2026/05/12 2:0 p.m.7 views

Visual Studio Code Remote Code Execution Vulnerability

Improper neutralization of script-related html tags in a web page basic xss in Visual Studio Code allows an unauthorized attacker to execute code locally...

7.8CVSS6AI score0.00037EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2026/05/12 1:28 p.m.6 views

CVE-2026-40016

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

5.3CVSS5.7AI score0.0002EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/12 1:28 p.m.4 views

CVE-2026-40016

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

5.3CVSS5.7AI score0.0002EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/12 1:28 p.m.23 views

CVE-2026-40016

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

5.3CVSS0.0002EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2026/05/12 1:28 p.m.5 views

CVE-2026-40016

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

6.5CVSS5.7AI score0.0002EPSS
Exploits0
CVE
CVEadded 2026/05/12 1:28 p.m.9 views

CVE-2026-40016

CVE-2026-40016: An attacker can upload a malicious Sieve script via ManageSieve (or local access) to bypass CPU time limits, potentially increasing allowed run time up to 130× the configured limit and degrading server performance. Affected component is the Sieve execution/ManageSieve handling; ro...

6.5CVSS5.7AI score0.0002EPSS
Exploits0References1Affected Software2
AlpineLinux
AlpineLinuxadded 2026/05/12 1:28 p.m.10 views

CVE-2026-40016

Attacker can upload a malicious Sieve script over ManageSieve service or locally to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to degrade server performance and bypass configured CPU time limits for Sieve scripts. Install fixed...

6.5CVSS5.7AI score0.0002EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/12 12:32 p.m.8 views

EUVD-2026-29426

Affected devices do not properly validate and sanitize PLC/station name rendered on the "communication" parameters page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the page. If a...

9.3CVSS5.9AI score0.00057EPSS
Exploits0References2
OSV
OSVadded 2026/05/12 11:39 a.m.2 views

MAL-2026-3693 Malicious code in kaggle-runner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dcd49ca70b987b236ba4341d839addfec9afb344e1471195f2f825281092f71 kagglerunner/coordinator.py embeds a bash reverse-shell template rvsstr that connects to vtool.duckdns.org:23454 via ncat with retry/backoff plus a...

5.8AI score
Exploits0References1
NVD
NVDadded 2026/05/12 10:16 a.m.7 views

CVE-2026-25786

Affected devices do not properly validate and sanitize PLC/station name rendered on the "communication" parameters page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the page. If a...

9.3CVSS0.00057EPSS
Exploits0References1
EUVD
EUVDadded 2026/05/12 9:31 a.m.6 views

EUVD-2026-29410

The Pricing Tables for WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.1.0. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS6AI score0.00021EPSS
Exploits0References4
NVD
NVDadded 2026/05/12 9:16 a.m.7 views

CVE-2026-5715

The Voyage Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' attribute of the 'post-content' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

6.4CVSS0.00032EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/05/12 8:21 a.m.30 views

CVE-2026-25789

Affected devices do not properly validate and sanitize filenames on the Firmware Update page. This could allow a remote attacker to social engineer the user into selecting the modified firmware file to be uploaded. This would result in malitcious JavaScript execution in the context of the...

7.2CVSS0.00141EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/05/12 8:21 a.m.4 views

CVE-2026-25789

Affected devices do not properly validate and sanitize filenames on the Firmware Update page. This could allow a remote attacker to social engineer the user into selecting the modified firmware file to be uploaded. This would result in malitcious JavaScript execution in the context of the...

7.2CVSS5.9AI score0.00141EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/12 8:21 a.m.4 views

CVE-2026-25787

Affected devices do not properly validate and sanitize Technology Object TO name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the...

9.3CVSS5.9AI score0.00057EPSS
Exploits0References1
Rows per page
Query Builder