CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7908 matches found

ATTACKERKB•added 2026/06/08 7:28 p.m.•6 views

CVE-2026-40519

Nginx Proxy Manager versions 2.9.14 through 2.15.1, fixed in commit a5db5ed, contain an authenticated remote code execution vulnerability via OS command injection in the setupCertbotPlugins function in backend/setup.js, allowing attackers with certificates:manage permission to execute arbitrary...

7.7CVSS6.7AI score0.00921EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/06/08 7:28 p.m.•41 views

CVE-2026-40519 Nginx Proxy Manager Authenticated RCE via setupCertbotPlugins()

7.7CVSS0.00921EPSS

Exploits0References3

EUVD•added 2026/06/08 7:28 p.m.•12 views

EUVD-2026-35196

7.7CVSS6.7AI score0.00921EPSS

Exploits0References3

OSSF Malicious Packages•added 2026/06/08 7:20 p.m.•13 views

Malicious code in nerfstudio-gs (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 523b928ceb73227e96f02eb85783222da17d0e716c9c7012b4cbcafd1e787f58 During installation or Python setup via PTH file, the code exfiltrated all kinds of sensitive data, including env variables, browser's data, SSH keys, data fro...

5.7AI score

Exploits0References1

OSV•added 2026/06/08 7:20 p.m.•8 views

MAL-2026-5333 Malicious code in nerfstudio-gs (PyPI)

5.7AI score

Exploits0References1

Positive Technologies•added 2026/06/08 12:0 a.m.•15 views

PT-2026-47446

Name of the Vulnerable Software and Affected Versions Nginx Proxy Manager versions 2.9.14 through 2.15.1 Description An authenticated remote code execution issue exists via OS command injection in the setupCertbotPlugins function located in backend/setup.js. Attackers with certificates:manage...

7.7CVSS6.6AI score0.00921EPSS

Exploits0References5

Mageia•added 2026/06/07 5:10 a.m.•22 views

Updated golang-x-crypto & golang-x-sys-devel packages fix security vulnerability

fixes a protocol weakness in the golang.org/x/crypto/ssh package that allowed a MITM attacker to compromise the integrity of the secure channel before it was established, allowing them to prevent transmission of a number of messages immediately after the secure channel was established without...

5.9CVSS5.9AI score0.93305EPSS

Exploits4References4

GithubExploit•added 2026/06/07 1:5 a.m.•55 views

robot

Good all day, my friends, I finally finished the first versio...

5.5AI score

Exploits0

OSSF Malicious Packages•added 2026/06/06 7:2 p.m.•12 views

Malicious code in uhd-setup (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cd16b0b6896b16874da441b7197b846bf0c725dcff0ef2d6e8f93c6cc08fc99 package.json declares scripts.preinstall: node index.js. On npm install, index.js lines 4-5 performs dns.resolve and https.get against...

5.5AI score

Exploits0References1

OSV•added 2026/06/06 7:2 p.m.•13 views

MAL-2026-5287 Malicious code in uhd-setup (npm)

5.5AI score

Exploits0References1

RedhatCVE•added 2026/06/06 6:43 p.m.•11 views

CVE-2026-11339

A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is now public and may ...

8.8CVSS5.4AI score0.03133EPSS

Exploits1References1

RedhatCVE•added 2026/06/06 6:43 p.m.•15 views

CVE-2026-11341

A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEIvalue causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...

6.5CVSS5.3AI score0.01044EPSS

Exploits0References1

GithubExploit•added 2026/06/06 4:10 p.m.•79 views

Kernel-Exploit-Dojo-127

Kernel-Exploit-Dojo-127 CTF kernel exploitation notes, PoCs,...

5.5AI score

Exploits0

GithubExploit•added 2026/06/06 3:17 p.m.•63 views

Kernel-Exploit-Dojo-243

Kernel-Exploit-Dojo-243 CTF kernel exploitation notes, PoCs,...

5.5AI score

Exploits0