Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

150 matches found

EUVD
EUVDadded 2026/06/12 8:24 p.m.8 views

EUVD-2026-36557

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the AI "explain" helper only checks cansee? on the post being explained, not its replytopost, so any authenticated user wi...

4.3CVSS5.3AI score0.00189EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/09 8:59 p.m.10 views

CVE-2026-11533

A security vulnerability has been detected in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknown functionality of the file /see.php of the component Student Deletion Endpoint. The manipulation of the argument del leads to...

5.5CVSS5.5AI score0.0023EPSS
Exploits0References1
EUVD
EUVDadded 2026/06/08 4:30 p.m.7 views

EUVD-2026-35130

A security vulnerability has been detected in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknown functionality of the file /see.php of the component Student Deletion Endpoint. The manipulation of the argument del leads to...

5.5CVSS5.1AI score0.0023EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/06/08 4:30 p.m.10 views

CVE-2026-11533 imvks786 student_management_system Student Deletion Endpoint see.php improper authorization

A security vulnerability has been detected in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknown functionality of the file /see.php of the component Student Deletion Endpoint. The manipulation of the argument del leads to...

5.5CVSS5.1AI score0.0023EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/06/08 12:0 a.m.11 views

PT-2026-47337

A security vulnerability has been detected in imvks786 student management system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknown functionality of the file /see.php of the component Student Deletion Endpoint. The manipulation of the argument del leads t...

5.5CVSS5.1AI score0.0023EPSS
Exploits0References7
FreeBSD
FreeBSDadded 2026/06/08 12:0 a.m.20 views

Apache httpd -- Multiple vulnerabilities

The Apache httpd project reports: See links for details...

9.8CVSS5.4AI score0.00682EPSS
Exploits0References1
Circl
Circladded 2026/05/28 6:0 p.m.11 views

CVE-2026-6891

creationtimestamp| type| source ---|---|--- 2026-05-28 18:00:00+00:00| seen| https://jvn.jp/en/vu/JVNVU93879027 2026-05-29 01:53:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmxgiqyssb2k...

5.1CVSS5.7AI score0.00123EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.22 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: nsfs: Permission checks for handling opening have been tightened. Even privileged services should not necessarily be able to access the namespaces of other privileged services, so that they cannot leak information to each other...

8.8CVSS5.3AI score0.00121EPSS
Exploits0References1
SUSE CVE
SUSE CVEadded 2026/05/11 2:13 p.m.8 views

SUSE CVE-2026-43391

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper...

8.8CVSS5.7AI score0.00121EPSS
Exploits0References3
EUVD
EUVDadded 2026/05/08 3:31 p.m.7 views

EUVD-2026-28697

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper...

5.7AI score0.00121EPSS
Exploits0References3
EUVD
EUVDadded 2026/05/08 3:31 p.m.7 views

EUVD-2026-28696

In the Linux kernel, the following vulnerability has been resolved: nstree: tighten permission checks for listing Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper that...

5.7AI score0.00107EPSS
Exploits0References3
NVD
NVDadded 2026/05/08 3:16 p.m.5 views

CVE-2026-43391

In the Linux kernel, the following vulnerability has been resolved: nsfs: tighten permission checks for handle opening Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper...

8.8CVSS0.00121EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2026/05/08 3:16 p.m.10 views

CVE-2026-43390

In the Linux kernel, the following vulnerability has been resolved: nstree: tighten permission checks for listing Even privileged services should not necessarily be able to see other privileged service's namespaces so they can't leak information to each other. Use mayseeallnamespaces helper that...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References4
CVE
CVEadded 2026/05/08 2:21 p.m.17 views

CVE-2026-43403

CVE-2026-43403 concerns the Linux kernel nsfs component. The issue arises from insufficient permission checks in ns iteration ioctls, potentially allowing a privileged service to view information from other privileged services and perform information disclosure. Multiple sources (Red Hat, Debian,...

8.8CVSS5.7AI score0.00129EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2026/04/23 5:16 a.m.8 views

CVE-2026-41233

Froxlor is open source server administration software. Prior to version 2.3.6, in Domains.add, the adminid parameter is accepted from user input and used without validation when the calling reseller does not have the customersseeall permission. This allows a reseller to attribute newly created...

5.4CVSS0.00264EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/04/23 4:0 a.m.2 views

CVE-2026-41233 Froxlor has a Reseller Domain Quota Bypass via Unvalidated adminid Parameter in Domains.add()

Froxlor is open source server administration software. Prior to version 2.3.6, in Domains.add, the adminid parameter is accepted from user input and used without validation when the calling reseller does not have the customersseeall permission. This allows a reseller to attribute newly created...

5.4CVSS5.8AI score0.00264EPSS
Exploits1References3
ATTACKERKB
ATTACKERKBadded 2026/04/23 4:0 a.m.3 views

CVE-2026-41233

Froxlor is open source server administration software. Prior to version 2.3.6, in Domains.add, the adminid parameter is accepted from user input and used without validation when the calling reseller does not have the customersseeall permission. This allows a reseller to attribute newly created...

5.4CVSS5.8AI score0.00264EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2026/04/23 4:0 a.m.8 views

CVE-2026-41233

Froxlor CVE-2026-41233 affects the Domains.add() flow prior to version 2.3.6. The adminid parameter is taken from user input and used without validation when the caller lacks customers_see_all, allowing a reseller to attribute newly created domains to another admin. This bypasses the reseller’s o...

5.4CVSS5.8AI score0.00264EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blogadded 2026/04/16 12:46 a.m.8 views

Froxlor has a Reseller Domain Quota Bypass via Unvalidated adminid Parameter in Domains.add()

Summary In Domains.add, the adminid parameter is accepted from user input and used without validation when the calling reseller does not have the customersseeall permission. This allows a reseller to attribute newly created domains to any other admin, bypassing their own domain quota since the...

5.4CVSS5.9AI score0.00264EPSS
Exploits1References5Affected Software1
Fedora
Fedoraadded 2026/03/29 12:51 a.m.6 views

[SECURITY] Fedora 43 Update: python3.6-3.6.15-55.fc43

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

7CVSS5.9AI score0.00216EPSS
Exploits0
Rows per page
Query Builder