CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

301 matches found

GithubExploit•added 2026/05/25 12:25 p.m.•49 views

XssDaisy

...

5.8AI score

Exploits0

OSSF Malicious Packages•added 2026/05/21 12:0 a.m.•8 views

Malicious code in mnemonic-safety-check (npm)

A coordinated supply-chain attack comprising 10 npm packages published by maintainer ddjidd5640 [email protected] within a 48-hour window 2026-05-19T03:55Z – 2026-05-21T04:31Z. All packages masquerade as legitimate Web3/DeFi developer security tools MCP servers while silently exfiltrating...

5.8AI score

Exploits0References17

GithubExploit•added 2026/05/01 1:34 a.m.•46 views

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 A security research tool for detecting and anal...

9.8CVSS5.8AI score0.90762EPSS

Exploits59

GithubExploit•added 2026/04/30 6:16 a.m.•42 views

Exploit for CVE-2026-31431

This script is entirely genera...

7.8CVSS5.2AI score0.02235EPSS

Exploits225

CNNVD•added 2026/04/23 12:0 a.m.•5 views

PySpector 安全漏洞

PySpector is a high-performance Python static security analysis framework based on graphs, developed by Tommaso Bona. Versions of PySpector prior to 0.1.8 contained security vulnerabilities. These vulnerabilities stemmed from an incomplete blacklist of plugin security validators, which could allo...

7.8CVSS6.1AI score0.00021EPSS

Exploits1References1

Packet Storm News•added 2026/04/22 12:0 a.m.•2 views

HTTP Chunked Encoding Behavior Analyzer

This script is a security analysis tool designed to test how a web server such as Kestrel-based applications handles HTTP requests using chunked transfer encoding...

5.8AI score

Exploits0

GithubExploit•added 2026/04/21 2:11 p.m.•69 views

OSCP-CVE-exploit-suggester

No d...

5.7AI score

Exploits0

GithubExploit•added 2026/04/20 4:40 a.m.•74 views

Xss-finder

...

5.7AI score

Exploits0

GithubExploit•added 2026/04/06 9:4 p.m.•139 views

Exploit for Improper Access Control in Fortinet Forticlientems

CVE-2026-35616 Vulnerability Assessment Tool Safely detect wh...

9.8CVSS6.2AI score0.34753EPSS

Exploits7

HackRead•added 2026/03/30 11:50 p.m.•2 views

Kernel Observability for Data Movement

Kernel-level visibility reveals hidden data movement in breaches, exposing gaps in modern security tools and improving detection, compliance, and system behavior tracking...

5.9AI score

Exploits0

Cvelist•added 2026/03/26 8:32 p.m.•19 views

CVE-2026-33545 MobSF has SQL Injection in its SQLite Database Viewer Utils

MobSF is a mobile application security testing tool used. Prior to version 4.4.6, MobSF's readsqlite function in mobsf/MobSF/utils.py lines 542-566 uses Python string formatting % to construct SQL queries with table names read from a SQLite database's sqlitemaster table. When a security analyst...

5.3CVSS0.00035EPSS

Exploits1References3

ATTACKERKB•added 2026/03/25 12:45 p.m.•1 views

CVE-2026-4761

When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. Installations based on Panorama Suite 2025 25.00.004 are vulnerable unless update...

6.8CVSS5.8AI score0.00024EPSS

Exploits0References2Affected Software1

CVE•added 2026/03/25 12:45 p.m.•3 views

CVE-2026-4761

The CVE-2026-4761 issue affects Windows machines where a certificate and its private key are installed in the certificate store via the Network and Security tool. The underlying problem is that access rights to the private key are unnecessarily granted to the operator group. Affected installation...

7.5CVSS5.8AI score0.00024EPSS

Exploits0References1Affected Software4

Positive Technologies•added 2026/03/25 12:0 a.m.•1 views

PT-2026-27762

6.8CVSS5.8AI score0.00024EPSS

Exploits0References2

Hacker One•added 2026/03/24 6:37 p.m.•4 views

PortSwigger Web Security: Out of scope: Improper Input Validation Order on /api-internal/login via password field leads to unnecessary resource consumption

A security issue was discovered in the /api-internal/login authentication endpoint of the internal login interface of Burp Suite DAST Enterprise. The issue was caused by improper input validation order, where the application processed user-supplied input before enforcing field-level validation...

5.8AI score

Exploits0

OSSF Malicious Packages•added 2026/03/18 1:9 p.m.•2 views

Malicious code in snort-security-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 27bb4a30a492a84e3b126941b2ca78dd48b2c494c55ee4e4861527e7c2bf1524 The package snort-security-tool was found to contain malicious code...

5.8AI score

Exploits0

OSV•added 2026/03/18 1:9 p.m.•0 views

MAL-2026-1851 Malicious code in snort-security-tool (npm)

5.8AI score

Exploits0

The Hacker News•added 2026/03/18 11:58 a.m.•5 views

Claude Code Security and Magecart: Getting the Threat Model Right

When a Magecart payload hides inside the EXIF data of a dynamically loaded third-party favicon, no repository scanner will catch it – because the malicious code never actually touches your repo. As teams adopt Claude Code Security for static analysis, this is the exact technical boundary where AI...

6.1AI score

Exploits0

GithubExploit•added 2026/03/13 7:20 a.m.•88 views

XSS_Scanner

...

5.8AI score

Exploits0

GithubExploit•added 2026/03/04 1:40 a.m.•405 views

Exploit for CVE-2026-21385

Qualcomm Vulnerability Scanner The Qualcomm Vulnerability Scan...

7.8CVSS5.9AI score0.00227EPSS

Exploits3