Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2026/05/27 2:59 p.m.12 views

CVE-2026-45570

Technical details beyond the initial description are not present in the connected documents; monitor for updates.

9.6CVSS5.8AI score0.00016EPSS
Exploits0References1Affected Software1
NVD
NVDadded 2026/05/19 10:16 p.m.12 views

CVE-2026-5090

Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The htmlfilter function did not escape single quotes. HTML attributes inside of single quotes could be have code injected. For example, the variable "var" in would not be properly escaped. An attacke...

6.1CVSS0.0001EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/05/19 9:30 p.m.4 views

CVE-2026-5090 Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected

Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The htmlfilter function did not escape single quotes. HTML attributes inside of single quotes could be have code injected. For example, the variable "var" in would not be properly escaped. An attacke...

6AI score0.0001EPSS
Exploits0References2
OSV
OSVadded 2026/05/19 3:21 p.m.3 views

GHSA-M7CR-M3PV-HGRP go-git: Improper single-quote escaping in go-git SSH transport

Impact go-git's SSH transport constructs the remote exec command by wrapping the repository path in single quotes without escaping single quotes embedded inside the path. This diverges from canonical Git, which shell-quotes the path through sqquotebuf so that an embedded ' becomes the '''...

2.3CVSS5.9AI score0.00016EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/03/20 12:0 a.m.1 views

PT-2026-26761

Name of the Vulnerable Software and Affected Versions Kysely versions 0.28.12 through 0.28.13 Description Kysely's sanitizeStringLiteral method inadequately handles backslashes when escaping single quotes, leading to potential SQL injection in MySQL databases with the default BACKSLASH ESCAPES SQ...

8.1CVSS6AI score0.00034EPSS
Exploits1References8
PyPA
PyPAadded 2022/03/17 9:15 p.m.5 views

PYSEC-2022-229

gradio is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, gradio suffers from Improper Neutralization of Formula Elements in a CSV File. The gradio library has a flagging functionality which saves input/output data into a CSV file on t...

8.8CVSS7.2AI score0.00591EPSS
Exploits0References3Affected Software1
Snyk
Snykadded 2017/11/08 10:0 p.m.1 views

Cross-site Scripting (XSS)

Overview erubis is an implementation of eRuby and has the following features: Affected versions of the package are vulnerable to Cross-site Scripting XSS. Single quotes were not properly escaped in the helper.rb and helpers/railshelper.rb files. The Erubis Documentation shows missing escaping...

4.2CVSS6.5AI score
Exploits0References2
Rows per page
Query Builder