CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

5.4CVSS5.5AI score0.0003EPSS

PT-2026-48083

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser...

PT-2026-48045

Name of the Vulnerable Software and Affected Versions Adobe Experience Manager versions 6.5.24 and earlier Adobe Experience Manager versions LTS SP1 and earlier Adobe Experience Manager versions 2026.04 and earlier Description A stored Cross-Site Scripting XSS issue allows a low-privileged attack...

PT-2026-48054

Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's...

PT-2026-48056

PT-2026-48057

5.4CVSS5.5AI score0.0003EPSS

PT-2026-48072

Cvelist•added 5 days ago•27 views

CVE-2026-36728

A markdown based cross-site scripting XSS vulnerability in the AI assistant chat function of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into a chat message...

0.00029EPSS

Exploits0References1

Positive Technologies•added 5 days ago•8 views

PT-2026-48064

6.1CVSS5AI score0.00169EPSS

PT-2026-47712

Name of the Vulnerable Software and Affected Versions Apache Answer versions prior to 2.0.1 Description Improper Neutralization of Alternate XSS Syntax occurs when AI-generated response content is rendered in the browser without proper sanitization. This allows malicious scripts to be executed wh...

Exploits0References6

PT-2026-48059

PT-2026-48070

5.4CVSS5.3AI score0.0003EPSS

PT-2026-48222

Name of the Vulnerable Software and Affected Versions Ellucian Banner Self-Service versions prior to 2025-04-23 Description The course search functionality contains a stored cross-site scripting issue. Authenticated Banner ERP users with write access can inject malicious JavaScript into faculty a...

Exploits0References6

PT-2026-48055

Positive Technologies•added 5 days ago•7 views

PT-2026-48046

Positive Technologies•added 5 days ago•7 views

PT-2026-47863

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS7.1AI score0.00061EPSS

Positive Technologies•added 5 days ago•7 views

PT-2026-48088

5.4CVSS5.5AI score0.0003EPSS

Tenable Nessus•added 5 days ago•5 views

Security Updates for Microsoft SharePoint Server 2019 (June 2026)

The Microsoft SharePoint Server 2019 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attack...

8.8CVSS7.5AI score0.00753EPSS

Exploits0References32

6.4CVSS5.7AI score0.00029EPSS

PT-2026-47629

The Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Accordion body field in all versions up to, and including, 2.3.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and...

PT-2026-48049