CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 3 days ago•2 views

UBUNTU-CVE-2026-49270

Exposure of Sensitive Information Through Metadata vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Brokers that are configured with a network connector with syncDurableSubs set to true, are vulnerable to an unauthenticated attacker who can receive a list of all...

5.9CVSS5.8AI score0.0009EPSS

Exploits0References5

NVD•added 6 days ago•8 views

CVE-2026-9811

A stored Cross-Site Scripting XSS vulnerability exists in the project selector component of Mautic 7. When rendering selection menus for associating projects with system entities, the application fails to sanitize project names returned via AJAX before injecting them into the DOM as option fields...

5.4CVSS0.00024EPSS

EUVD•added 6 days ago•7 views

EUVD-2026-33280

Vulnrichment•added 6 days ago•7 views

CVE-2026-9811

Cvelist•added 6 days ago•30 views

CVE-2026-9811

5.4CVSS0.00024EPSS

CVE•added 6 days ago•8 views

CVE-2026-9811

CVE-2026-9811 is a stored XSS vulnerability in Mautic 7, specifically in the project selector component. The issue arises when rendering AJAX-returned project names into DOM option fields without proper sanitization; an authenticated user with project creation rights can inject malicious script v...

ATTACKERKB•added 6 days ago•4 views

CVE-2026-9811

Positive Technologies•added 6 days ago•6 views

PT-2026-44823

CNNVD•added 6 days ago•4 views

Mautic 安全漏洞

Mautic is an open-source marketing automation software developed by Mautic. This software can monitor and manage websites, send emails, and manage customer resources. Version 7 of Mautic has a security vulnerability, which stems from a cross-site scripting vulnerability stored in the project...

5.4CVSS5.7AI score0.00024EPSS

Snyk•added 2026/05/24 7:39 a.m.•11 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the toString function in the AST Serialization. An attacker can cause uncontrolled recursion by providing specially crafted input, potentially resulting in resource exhaustion and application unavailability...

6.9CVSS5.8AI score0.00036EPSS

Snyk•added 2026/05/24 7:39 a.m.•8 views

Uncontrolled Recursion

6.9CVSS5.8AI score0.00036EPSS

OSV•added 2026/05/22 4:4 p.m.•3 views

CLSA-2026-1779465893 postgresql: Fix of CVE-2026-6473

CVE-2026-6473: tsearch: bound StartSel/StopSel/FragmentDelimiter length to PGINT16MAX in tsheadline - CVE-2026-6473: contrib/ltree: guard lquery parsing against numvar and totallen wraparound - CVE-2026-6473: regex: add overflow-checked MALLOCARRAY/REALLOCARRAY and bound NFA state/color products...

8.8CVSS5.8AI score0.00075EPSS

Github Security Blog•added 2026/05/21 8:43 p.m.•7 views

@hulumi/baseline: CloudTrail selector tampering events were not fully detected

Impact: @hulumi/baseline versions before 1.3.2 could miss some CloudTrail event-selector tampering evidence, reducing coverage for changes to audit logging configuration. Patched in 1.3.2: detection coverage and regression tests were expanded. Remediation: upgrade @hulumi/baseline to 1.3.2 or lat...

5.8AI score

Exploits0References2Affected Software1

OSV•added 2026/05/21 8:43 p.m.•0 views

GHSA-GFP8-MP24-5VXG @hulumi/baseline: CloudTrail selector tampering events were not fully detected

6.9CVSS5.8AI score

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: xfrm: Validates the prefix length of new SA entries using the SA family, when sel.family is unset. This extends the validation introduced in commit 07bf7908950a “xfrm: Validates address prefix lengths in the xfrm selector”. The...

5.5CVSS6.2AI score0.00007EPSS