Lucene search
K

126309 matches found

CVE
CVE
added 5 days ago16 views

CVE-2026-8095

CVE-2026-8095 — The Frontend File Manager Plugin for WordPress (up to version 23.6) is vulnerable to Authenticated Arbitrary File Deletion. A case-sensitive bypass of the wpfm_dir_path parameter sanitization in the wpfm_file_meta_update AJAX handler allows an attacker to overwrite the stored file...

8.1CVSS5.8AI score0.00417EPSS
Exploits0References3
CVE
CVE
added 5 days ago18 views

CVE-2026-12404

The CVE concerns the NEX-Forms – Ultimate Forms Plugin for WordPress. All versions up to and including 9.2.2 are vulnerable to an authorization bypass due to improper verification of user permissions. This allows unauthenticated attackers to enumerate sequential report IDs and download complete f...

5.3CVSS5.8AI score0.00281EPSS
Exploits0References8
NVD
NVD
added 5 days ago9 views

CVE-2025-59868

HCL Traveler for Microsoft Outlook HTMO is susceptible to a sensitive data exposure vulnerability which could allow an attacker to exploit application information to then attempt additional attacks and cause unknown behavior in the application...

5.5CVSS0.00108EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago10 views

EUVD-2025-210365

HCL Traveler for Microsoft Outlook HTMO is susceptible to a sensitive data exposure vulnerability which could allow an attacker to exploit application information to then attempt additional attacks and cause unknown behavior in the application...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago34 views

CVE-2025-59868 HCL Traveler for Microsoft Outlook (HTMO) is susceptible to sensitive data exposure

HCL Traveler for Microsoft Outlook HTMO is susceptible to a sensitive data exposure vulnerability which could allow an attacker to exploit application information to then attempt additional attacks and cause unknown behavior in the application...

5.5CVSS0.00108EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago8 views

CVE-2025-59868

HCL Traveler for Microsoft Outlook HTMO is susceptible to a sensitive data exposure vulnerability which could allow an attacker to exploit application information to then attempt additional attacks and cause unknown behavior in the application...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References2Affected Software1
Nuclei
Nuclei
added 6 days ago46 views

Jeecg-Boot v3.5.1 - SQL Injection

SQL injection vulnerability via the title parameter at /sys/dict/loadTreeData in jeecg-boot v3.5.1. id: CVE-2023-38992 info: name: Jeecg-Boot v3.5.1 - SQL Injection author: ritikchaddha severity: critical description: | SQL injection vulnerability via the title parameter at /sys/dict/loadTreeData...

9.8CVSS7.3AI score0.72043EPSS
Exploits1References3
Nuclei
Nuclei
added 6 days ago240 views

Mlflow <2.9.2 - Path Traversal

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. id: CVE-2023-6909 info: name: Mlflow 2.9.2 - Path Traversal author: Hyunsoo-ds severity: high description: | Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. impact: | Successful...

7.5CVSS7.1AI score0.89716EPSS
Exploits1References3
Nuclei
Nuclei
added 6 days ago46 views

Cisco RV132W/RV134W Router - Information Disclosure

Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to view configuration parameters for an affected device via the web interface, which could lead to the disclosure of confidential information. id: CVE-2018-012...

9.8CVSS7.4AI score0.77755EPSS
Exploits1References5
NVD
NVD
added 6 days ago6 views

CVE-2026-5757

Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence...

7.5CVSS0.00551EPSS
Exploits1References3
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-39790

Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.45.0 until 2.91.0, the METS-GBS backend's XML parsing and the input document format detection lacked security controls. An attacker could craft malicious METS-GBS...

5.5CVSS5.8AI score0.00113EPSS
Exploits0References2
NVD
NVD
added 6 days ago10 views

CVE-2026-57664

Unauthenticated Sensitive Data Exposure in Bopo – WooCommerce Product Bundle Builder = 1.1.6 versions...

4.3CVSS0.00176EPSS
Exploits0References1
NVD
NVD
added 6 days ago6 views

CVE-2026-56060

Unauthenticated Sensitive Data Exposure in Print Invoice & Delivery Notes for WooCommerce = 7.1.1 versions...

7.5CVSS0.00303EPSS
Exploits0References1
NVD
NVD
added 6 days ago5 views

CVE-2026-54839

Unauthenticated Sensitive Data Exposure in Trinity Backup Backup, Migrate, Restore, Clone & Schedule Backups = 2.0.9 versions...

7.5CVSS0.00278EPSS
Exploits0References1
NVD
NVD
added 6 days ago5 views

CVE-2026-54834

Unauthenticated Sensitive Data Exposure in Object Cache 4 everyone = 2.3.2 versions...

7.5CVSS0.00294EPSS
Exploits0References1
NVD
NVD
added 6 days ago5 views

CVE-2026-54824

Unauthenticated Sensitive Data Exposure in Ads by WPQuads = 3.0.3 versions...

7.5CVSS0.00294EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-5757 There exists an unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine

Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence...

0.00551EPSS
Exploits1References2
CVE
CVE
added 6 days ago14 views

CVE-2026-57664

The CVE-2026-57664 entry concerns a vulnerability in the WordPress plugin Bopo – WooCommerce Product Bundle Builder, specifically versions

4.3CVSS5.8AI score0.00176EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-57664 WordPress Bopo – WooCommerce Product Bundle Builder plugin <= 1.1.6 - Sensitive Data Exposure vulnerability

Unauthenticated Sensitive Data Exposure in Bopo – WooCommerce Product Bundle Builder = 1.1.6 versions...

4.3CVSS0.00176EPSS
Exploits0References1
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-39669

Unauthenticated Sensitive Data Exposure in Bopo – WooCommerce Product Bundle Builder = 1.1.6 versions...

4.3CVSS5.8AI score0.00176EPSS
Exploits0References1
Rows per page
Query Builder