Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

315 matches found

OSV
OSVadded 2026/06/11 7:58 a.m.12 views

SUSE-SU-2026:2365-1 Security update for cosign

This update for cosign fixes the following issue - CVE-2026-39395: Incorrect attestation verification due to malformed payloads or mismatched predicate types bsc1261859. Changes for cosign: - update to 3.0.6: Fix DSSE predicate check GHSA-w6c6-c85g-mmv6 4801 Handle whitespace-only certificate...

5.3CVSS5.4AI score0.00241EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/09 5:44 p.m.7 views

Malicious code in exodus-checkout-signer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 921c5ef246587db452bdb65aae12321f4de868e7882f9550f9b9e32300ae792c exodus-checkout-signer is the unscoped name of the scoped package @exodus/checkout-signer and self-describes in README and package.json as a...

5.5AI score
Exploits0References1
OSV
OSVadded 2026/06/09 5:44 p.m.6 views

MAL-2026-5439 Malicious code in exodus-checkout-signer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 921c5ef246587db452bdb65aae12321f4de868e7882f9550f9b9e32300ae792c exodus-checkout-signer is the unscoped name of the scoped package @exodus/checkout-signer and self-describes in README and package.json as a...

5.5AI score
Exploits0References1
RedHat Linux
RedHat Linuxadded 2026/06/08 1:11 p.m.10 views

Important: Red Hat Security Advisory: RHTAS 1.3.5 - Red Hat Trusted Artifact Signer Release

The 1.3.5 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

9.8CVSS6.9AI score0.00408EPSS
Exploits0References8
RedHat Linux
RedHat Linuxadded 2026/06/08 12:55 p.m.7 views

Important: Red Hat Security Advisory: RHTAS 1.3.5 - Red Hat Trusted Artifact Signer Release

The 1.3.5 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

9.8CVSS6.8AI score0.00408EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2026/06/08 12:54 p.m.9 views

Important: Red Hat Security Advisory: RHTAS 1.3.5 - Red Hat Trusted Artifact Signer Release

The 1.3.5 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

8.2CVSS7.2AI score0.00424EPSS
Exploits1References6
RedHat Linux
RedHat Linuxadded 2026/06/08 12:54 p.m.7 views

Important: Red Hat Security Advisory: RHTAS 1.3.5 - Red Hat Trusted Artifact Signer Release

The 1.3.5 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

7.5CVSS6.8AI score0.00283EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/06/08 12:54 p.m.6 views

Important: Red Hat Security Advisory: RHTAS 1.3.5 - Red Hat Trusted Artifact Signer Release

The 1.3.5 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

8.9CVSS6.4AI score0.00491EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/06/08 12:54 p.m.6 views

Important: Red Hat Security Advisory: RHTAS 1.3.5 - Red Hat Trusted Artifact Signer Release

The 1.3.5 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

9.8CVSS6.2AI score0.00408EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2026/06/08 12:34 p.m.12 views

Important: Red Hat Security Advisory: RHTAS 1.3.5 - Red Hat Trusted Artifact Signer Release

The 1.3.5 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

9.9CVSS6.1AI score0.01075EPSS
Exploits3References7
RedhatCVE
RedhatCVEadded 2026/06/05 7:11 p.m.5 views

CVE-2026-8931

A critical Remote Code Execution RCE vulnerability exists in Disig Web Signer versions 2.0.3 through 2.5.3...

9.4CVSS5.7AI score0.0072EPSS
Exploits0References1
NVD
NVDadded 2026/06/04 2:16 p.m.9 views

CVE-2019-25729

PDF Signer 3.0 contains a server-side template injection vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP commands through the CSRF-TOKEN cookie parameter. Attackers can craft malicious cookie values containing template injection payloads like shellex...

9.8CVSS0.00258EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/06/04 1:22 p.m.9 views

CVE-2019-25729 PDF Signer 3.0 Server-Side Template Injection RCE via CSRF Cookie

PDF Signer 3.0 contains a server-side template injection vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP commands through the CSRF-TOKEN cookie parameter. Attackers can craft malicious cookie values containing template injection payloads like shellex...

9.8CVSS6.1AI score0.00258EPSS
Exploits0References4
EUVD
EUVDadded 2026/06/04 1:22 p.m.8 views

EUVD-2019-20165

PDF Signer 3.0 contains a server-side template injection vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP commands through the CSRF-TOKEN cookie parameter. Attackers can craft malicious cookie values containing template injection payloads like shellex...

9.8CVSS6.1AI score0.00258EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/06/04 1:22 p.m.5 views

CVE-2019-25729

PDF Signer 3.0 contains a server-side template injection vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP commands through the CSRF-TOKEN cookie parameter. Attackers can craft malicious cookie values containing template injection payloads like shellex...

9.8CVSS6.1AI score0.00258EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/06/04 1:22 p.m.34 views

CVE-2019-25729 PDF Signer 3.0 Server-Side Template Injection RCE via CSRF Cookie

PDF Signer 3.0 contains a server-side template injection vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP commands through the CSRF-TOKEN cookie parameter. Attackers can craft malicious cookie values containing template injection payloads like shellex...

9.8CVSS0.00258EPSS
Exploits0References4
CVE
CVEadded 2026/06/04 1:22 p.m.14 views

CVE-2019-25729

CVE-2019-25729 : PDF Signer 3.0 is affected by a server-side template injection vulnerability that allows unauthenticated attackers to execute arbitrary code via the CSRF-TOKEN cookie parameter. Attackers can craft cookie values containing template payloads (e.g., shell_exec()) to run system comm...

9.8CVSS6.1AI score0.00258EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/06/04 12:0 a.m.12 views

PT-2026-46199

PDF Signer 3.0 contains a server-side template injection vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP commands through the CSRF-TOKEN cookie parameter. Attackers can craft malicious cookie values containing template injection payloads like shell...

9.8CVSS6.1AI score0.00258EPSS
Exploits0References5
NVD
NVDadded 2026/06/01 3:16 p.m.17 views

CVE-2026-8931

A critical Remote Code Execution RCE vulnerability exists in Disig Web Signer versions 2.0.3 through 2.5.3...

9.4CVSS0.0072EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/06/01 2:31 p.m.30 views

CVE-2026-8931 Critical RCE vulnerability in Disig Web Signer

A critical Remote Code Execution RCE vulnerability exists in Disig Web Signer versions 2.0.3 through 2.5.3...

9.4CVSS0.0072EPSS
Exploits0References6
Rows per page
Query Builder