Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2026/03/26 6:28 p.m.0 views

GHSA-QFC3-HM4J-7Q77 n8n Vulnerable to XSS via Binary Data Inline HTML Rendering

Impact An authenticated user with permission to create or modify workflows could craft a workflow that produces an HTML binary data object without a filename. The /rest/binary-data endpoint served such responses inline on the n8n origin without Content-Disposition or Content-Security-Policy...

8.9CVSS5.9AI score0.0005EPSS
Exploits0References3
OSV
OSVadded 2026/03/25 6:39 p.m.3 views

CVE-2026-33749 n8n Vulnerable to XSS via Binary Data Inline HTML Rendering

n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, an authenticated user with permission to create or modify workflows could craft a workflow that produces an HTML binary data object without a filename. The /rest/binary-data endpoint served such...

6.3CVSS5.9AI score0.0005EPSS
Exploits0References3
Cvelist
Cvelistadded 2026/02/03 6:0 p.m.23 views

CVE-2025-52633 HCL AION is susceptible to Missing Content-Security-Policy

HCL AION is affected by a Permanent Cookie Containing Sensitive Session Information vulnerability. It is storing sensitive session data in persistent cookies may increase the risk of unauthorized access if the cookies are intercepted or compromised. This issue affects AION: 2.0...

3.1CVSS0.00058EPSS
Exploits0References1
EUVD
EUVDadded 2026/01/05 12:0 a.m.1 views

EUVD-2026-0827

PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, allowing the application to be embedded within malicious iframes. While this does not lead to unintended modification of projects or tasks, it exposes users to Phishing attacks. Attackers can frame the legitimate Planka applicati...

4.3CVSS6.1AI score0.00017EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/09/22 12:0 a.m.1 views

CVE-2025-57204

Stocky POS with Inventory Management & HRM ui-lib version 5.0 is affected by a Stored Cross-Site Scripting XSS vulnerability within the Products module available to authenticated users. The vulnerability resides in the product name parameter submitted to the product-creation endpoint via a standa...

5.6AI score0.0005EPSS
Exploits1References2
OSV
OSVadded 2023/08/29 3:15 p.m.1 views

CVE-2023-0238

Due to lack of a security policy, the WARP Mobile Client =6.29 for Android was susceptible to this vulnerability which allowed a malicious app installed on a victim's device to exploit a peculiarity in an Android function, wherein under certain conditions, the malicious app could dictate the task...

5.5CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder