Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Cvelist
Cvelistadded 2026/04/30 4:9 p.m.21 views

CVE-2022-50992 Weaver E-cology 9.5 Unauthenticated Arbitrary File Read via XmlRpcServlet

Weaver Fanwei E-cology 9.5 versions prior to 10.52 contain an arbitrary file read vulnerability in the XmlRpcServlet interface at the XML-RPC endpoint that allows unauthenticated remote attackers to read arbitrary files by supplying file paths to the WorkflowService.getAttachment and...

8.7CVSS0.00156EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2026/03/26 3:3 p.m.1 views

CVE-2026-29793

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. From 5.0.0 to before 5.0.42, Socket.IO clients can send arbitrary JavaScript objects as the id argument to any service method get, patch, update, remove. The transport layer performs no type...

9.8CVSS5.9AI score0.00024EPSS
Exploits0References1
CVE
CVEadded 2026/03/10 8:8 p.m.13 views

CVE-2026-29793

Feathersjs vulnerability CVE-2026-29793 affects Feathersjs 5.0.0–5.0.41 with Socket.IO client-supplied ids not type-checked, which may pass as MongoDB operators (e.g., {$ne: null}) into queries via the MongoDB adapter. This can cause unintended document matches and impacts on confidentiality, int...

9.8CVSS5.9AI score0.00024EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2026/03/10 12:0 a.m.1 views

PT-2026-24421

Name of the Vulnerable Software and Affected Versions Feathersjs versions 5.0.0 through 5.0.41 Description Feathersjs is a framework used for building web APIs and real-time applications. Socket.IO clients can send arbitrary JavaScript objects as the id argument to any service method get, patch,...

9.3CVSS5.9AI score0.00024EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/03 8:7 p.m.0 views

EUVD-2025-6926

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00471EPSS
Exploits1References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2021-28006

Malicious code in bioql PyPI...

10CVSS9.2AI score0.00264EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/08/07 12:0 a.m.1 views

Flexibits Fantastical 安全漏洞

Flexibits Fantastical is a cross-platform calendar and task manager from Flexibits, Inc. A security vulnerability exists in Flexibits Fantastical that stems from the XPC service not implementing proper client-side authorization checks, which could result in a local, unprivileged process accessing...

6.9CVSS6.7AI score0.00323EPSS
Exploits0References2
Microsoft KB
Microsoft KBadded 2022/09/13 7:0 a.m.69 views

Description of the security update for SharePoint Foundation 2013: September 13, 2022 (KB5002159)

Description of the security update for SharePoint Foundation 2013: September 13, 2022 KB5002159 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures...

8.8CVSS9.4AI score0.13427EPSS
Exploits0
OSV
OSVadded 2021/12/17 5:15 p.m.1 views

CVE-2021-40850

TCMAN GIM is vulnerable to a SQL injection vulnerability inside several available webservice methods in /PC/WebService.asmx...

9.8CVSS5.8AI score
Exploits0References1
Rows per page
Query Builder