CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/06/05 11:31 a.m.•9 views

CVE-2026-11346

CVE•added 2026/06/05 11:31 a.m.•13 views

CVE-2026-11346

The CVE-2026-11346 entry concerns a Server-Side Request Forgery (SSRF) in the custom process creation feature of linQI. An authenticated user can craft a process containing an HTTP Request component to force the server to issue arbitrary HTTP requests, enabling internal-network probing by observi...

Cvelist•added 2026/06/05 11:31 a.m.•39 views

CVE-2026-11346 Server-Side Request Forgery (SSRF) allowing Internal Network Probing in linqi

5.3CVSS0.00226EPSS

EUVD•added 2026/06/05 11:31 a.m.•9 views

EUVD-2026-34825

Vulnrichment•added 2026/06/05 11:31 a.m.•6 views

CVE-2026-11346 Server-Side Request Forgery (SSRF) allowing Internal Network Probing in linqi

GithubExploit•added 2026/06/05 9:5 a.m.•65 views

Exploit for Server-Side Request Forgery in Apeworx Web3.Py

CVE-2026-40072 SSRF Lab Hands-on local lab to demonstrate CVE...

7.2CVSS5.5AI score0.00228EPSS

Exploits2

EUVD•added 2026/06/05 7:31 a.m.•11 views

EUVD-2026-34789

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS5.6AI score0.06854EPSS

Exploits8References1

Patchstack•added 2026/06/05 4:6 a.m.•8 views

WordPress Gutenberg Essential Blocks - Page Builder for Gutenberg Blocks & Patterns plugin <= 6.1.3 - Authenticated (Author+) Server-Side Request Forgery vulnerability

WordPress Gutenberg Essential Blocks - Page Builder for Gutenberg Blocks & Patterns plugin = 6.1.3 - Authenticated Author+ Server-Side Request Forgery vulnerability discovered by Shambles in WordPress Plugin Essential Blocks for Gutenberg versions = 6.1.3...

7.2CVSS5.8AI score0.00219EPSS

Exploits0References1Affected Software1

EUVD•added 2026/06/05 12:31 a.m.•7 views

EUVD-2026-34771

The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.1.3 via the saveaigeneratedimage function. This makes it possible for authenticated attackers, with Author-level...

7.2CVSS5.9AI score0.00219EPSS

Exploits0References3

Positive Technologies•added 2026/06/05 12:0 a.m.•12 views

PT-2026-47093

Name of the Vulnerable Software and Affected Versions DbGate versions prior to 7.1.9 Description The "POST /runners/load-reader" endpoint accepts a functionName parameter that is directly interpolated into a JavaScript code template without sanitization or validation. An authenticated user with...

8.8CVSS5.9AI score0.00583EPSS

Exploits1References6

Positive Technologies•added 2026/06/05 12:0 a.m.•8 views

PT-2026-47040

Name of the Vulnerable Software and Affected Versions HAX CMS versions 11.0.6 through 24.x Description The file upload functionality in HAXCMS PHP validates file extensions using a regex pattern but fails to verify the actual file content or MIME type Multipurpose Internet Mail Extensions, a...

8.7CVSS5.9AI score0.00387EPSS

Exploits0References3

Positive Technologies•added 2026/06/05 12:0 a.m.•10 views

PT-2026-47056

Name of the Vulnerable Software and Affected Versions Altium Enterprise Server versions prior to 8.1.1 Altium 365 affected versions not specified Description A server-side request forgery SSRF exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticate...

8.3CVSS5.4AI score0.00226EPSS

Exploits0References4

CNNVD•added 2026/06/05 12:0 a.m.•4 views

WordPress plugin Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.2CVSS5.8AI score0.00219EPSS

CNNVD•added 2026/06/05 12:0 a.m.•4 views

Altium 365和Altium Enterprise Server 安全漏洞

Altium 365 and Altium Enterprise Server are both products of the American company Altium. Altium 365 is a product design and development platform. Altium Enterprise Server is a localized data management server. Both Altium 365 and Altium Enterprise Server have security vulnerabilities. These...

8.3CVSS5.4AI score0.00226EPSS

CNNVD•added 2026/06/05 12:0 a.m.•4 views

HAX 代码问题漏洞

HAX is an open-source microsite managed using HAX+CMS with a PHP backend. Versions of HAX prior to 26.0.0 had code vulnerabilities. These vulnerabilities stemmed from an authentication-based server-side request forgeing vulnerability, which could allow authenticated users to access arbitrary...

7.1CVSS5.6AI score0.00238EPSS

VulnCheck KEV•added 2026/06/05 12:0 a.m.•18 views

VulnCheck KEV: CVE-2026-31816

Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.31.4 and earlier, the Budibase server's authorized middleware that protects every server-side API endpoint can be completely bypassed by appending a webhook path pattern to the query string of any...

9.1CVSS5.6AI score0.15339EPSS

In wildExploits2References3

Tenable Nessus•added 2026/06/05 12:0 a.m.•6 views

Cisco Unified Communications Manager (CUCM) 14.x < 14SU6 / 15.x < 15SU5 SSRF (cisco-sa-cucm-ssrf-cXPnHcW)

According to its self-reported version, Cisco Unified Communications Manager is affected by a server-side request forgery SSRF vulnerability. - A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME cou...

8.6CVSS6AI score0.00566EPSS

Exploits1References3

Vulnrichment•added 2026/06/04 11:28 p.m.•7 views

CVE-2026-10586 Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns <= 6.1.3 - Authenticated (Author+) Server-Side Request Forgery

7.2CVSS5.9AI score0.00219EPSS