CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

135 matches found

EUVD-2026-34056

A security flaw has been discovered in wonderwhy-er DesktopCommanderMCP up to 0.2.38. This impacts an unknown function of the file src/search-manager.ts of the component startsearch. Performing a manipulation of the argument SearchResult results in inefficient regular expression complexity. It is...

5.3CVSS5.4AI score0.0006EPSS

Exploits0References10

RedhatCVE•added 2026/05/08 10:39 p.m.•3 views

CVE-2026-8011

An insufficient policy enforcement flaw was found in the Search component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496626029...

6.5CVSS5.7AI score0.00041EPSS

Exploits0References5

RedhatCVE•added 2026/04/15 7:23 p.m.•1 views

CVE-2026-27909

Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00076EPSS

Exploits0References1

EUVD•added 2026/04/14 6:30 p.m.•0 views

EUVD-2026-22447

Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally...

7.8CVSS5.7AI score0.00076EPSS

Exploits0References2

NVD•added 2026/04/14 6:16 p.m.•1 views

CVE-2026-27909

Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally...

7.8CVSS0.00076EPSS

Exploits0References1

Microsoft CVE•added 2026/04/14 2:0 p.m.•2 views

Windows Search Service Elevation of Privilege Vulnerability

Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally...

7.8CVSS6.2AI score0.00076EPSS

Exploits0

CNNVD•added 2026/04/14 12:0 a.m.•2 views

Microsoft Windows 资源管理错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. The Microsoft Windows Search Component has a resource management vulnerability. Attackers can exploit this vulnerability to gain higher privileges. The following products and versions are affected...

7.8CVSS5.8AI score0.00076EPSS

Exploits0References1

Positive Technologies•added 2026/04/14 12:0 a.m.•0 views

PT-2026-32771

CVE-2026-27909 Use after free in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally. https://t.co/EEmqZf1GgX...

7.8CVSS6.2AI score0.00076EPSS

Exploits0References3

RedhatCVE•added 2026/03/10 2:12 a.m.•1 views

CVE-2026-3791

A vulnerability has been found in SourceCodester Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file dashboard.php of the component Search. The manipulation of the argument searchtxt leads to sql injection. The attack is possible to be carried out...

8.8CVSS6.4AI score0.00037EPSS

Exploits1References1

Positive Technologies•added 2026/02/08 12:0 a.m.•4 views

PT-2026-6954

Name of the Vulnerable Software and Affected Versions BurtTheCoder mcp-maigret versions through 1.0.12 Description A flaw exists in the component search username within the file src/index.ts. Manipulating the Username argument can result in command injection, potentially allowing for remote...

6.5CVSS5.3AI score0.00194EPSS

Exploits0References10

Positive Technologies•added 2026/01/19 12:0 a.m.•3 views

PT-2026-3447

A security vulnerability has been detected in PHPGurukul Directory Management System 1.0. Impacted is an unknown function of the file /index.php of the component Search. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS5.5AI score0.00058EPSS

Exploits1References6

RedhatCVE•added 2026/01/09 12:32 p.m.•2 views

CVE-2023-4118

A vulnerability, which was classified as problematic, was found in Cute Http File Server 2.0. This affects an unknown part of the component Search. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may ...

6.1CVSS5.8AI score0.00088EPSS

Exploits0References1

RedhatCVE•added 2026/01/08 3:14 a.m.•2 views

CVE-2025-13744

An Improper Neutralization of Input During Web Page Generation vulnerability was identified in GitHub Enterprise Server that allowed attacker controlled HTML to be rendered by the Filter component search across GitHub that could be used to exfiltrate sensitive information. An attacker would requi...

8.4CVSS6.3AI score0.0005EPSS

Exploits0References1

OSV•added 2025/11/23 11:15 a.m.•0 views

CVE-2025-13546

A vulnerability was detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this issue is some unknown functionality of the file /results.php of the component Search. The manipulation of the argument userquery results in sql injection. The attack can be...

9.8CVSS5.7AI score

Exploits0References4

RedhatCVE•added 2025/10/15 5:44 p.m.•1 views

CVE-2025-59253

Improper access control in Microsoft Windows Search Component allows an authorized attacker to deny service locally...

5.5CVSS6.8AI score0.0005EPSS

Exploits0References1

RedhatCVE•added 2025/10/15 5:44 p.m.•1 views

CVE-2025-59198

Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally...

5CVSS6.8AI score0.00066EPSS

Exploits0References1