Lucene search
K

110873 matches found

Circl
Circl
added 2026/05/12 9:33 a.m.9 views

CVE-2026-7561

creationtimestamp| type| source ---|---|--- 2026-05-12 09:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlniahwve42x...

6.1CVSS5.8AI score0.0012EPSS
Exploits0References1
Circl
Circl
added 2026/05/12 9:25 a.m.7 views

CVE-2026-38568

creationtimestamp| type| source ---|---|--- 2026-05-12 09:25:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlnhrjjywa2e...

8.1CVSS5.8AI score0.00231EPSS
Exploits1References1
Circl
Circl
added 2026/05/12 9:22 a.m.9 views

CVE-2026-2993

creationtimestamp| type| source ---|---|--- 2026-05-12 09:22:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlnho3aw7b2g...

7.5CVSS5.8AI score0.00413EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/12 9:19 a.m.10 views

Exposed Dangerous Method or Function

Overview webpack-dev-server is an Uses webpack with a development server that provides live reloading. It should be used for development only. Affected versions of this package are vulnerable to Exposed Dangerous Method or Function in Server.js, when handling non-HTTPS responses. An attacker can...

6.5CVSS5.8AI score0.00427EPSS
Exploits1References2
Snyk
Snyk
added 2026/05/12 9:19 a.m.12 views

Exposed Dangerous Method or Function

Overview org.webjars.npm:webpack-dev-server is an Uses webpack with a development server that provides live reloading. It should be used for development only. Affected versions of this package are vulnerable to Exposed Dangerous Method or Function in Server.js, when handling non-HTTPS responses. ...

6.5CVSS5.8AI score0.00427EPSS
Exploits1References2
NVD
NVD
added 2026/05/12 9:16 a.m.13 views

CVE-2026-2300

The BJ Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the filterimages function in all versions up to, and including, 1.0.9. This is due to the use of regex-based HTML processing pregreplace that does not properly handle HTML attribute boundaries when replacing sr...

6.4CVSS0.00193EPSS
Exploits0References5
Circl
Circl
added 2026/05/12 9:14 a.m.10 views

CVE-2026-0804

creationtimestamp| type| source ---|---|--- 2026-05-12 09:14:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlnh7jt6s22e 2026-05-12 14:16:20+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mlnxzftvs62e...

7.3CVSS5.8AI score0.00128EPSS
Exploits0References2
Circl
Circl
added 2026/05/12 9:9 a.m.7 views

CVE-2026-1681

creationtimestamp| type| source ---|---|--- 2026-05-12 09:09:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlngwl2gxq2o...

6.1CVSS5.8AI score0.00105EPSS
Exploits0References1
Circl
Circl
added 2026/05/12 9:4 a.m.8 views

CVE-2026-1185

creationtimestamp| type| source ---|---|--- 2026-05-12 09:04:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlngnmd4mh2o 2026-05-12 14:16:20+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mlnxzftvs62e...

8.8CVSS5.8AI score0.00226EPSS
Exploits0References2
Circl
Circl
added 2026/05/12 8:55 a.m.9 views

CVE-2026-0802

creationtimestamp| type| source ---|---|--- 2026-05-12 08:55:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlng4y57hj2e 2026-05-12 14:16:20+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mlnxzftvs62e...

7.3CVSS5.8AI score0.00396EPSS
Exploits0References2
Circl
Circl
added 2026/05/12 8:33 a.m.9 views

CVE-2026-7050

creationtimestamp| type| source ---|---|--- 2026-05-12 08:33:15+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlnevhmsnt2c 2026-05-13 01:32:24+00:00| seen| https://bsky.app/profile/donwebmedia.bsky.social/post/3mlp5ttfegh2s...

4.3CVSS5.8AI score0.00283EPSS
Exploits0References2
Circl
Circl
added 2026/05/12 7:53 a.m.8 views

CVE-2026-6402

creationtimestamp| type| source ---|---|--- 2026-05-12 07:53:37+00:00| seen| https://bsky.app/profile/ulisesgascon.com/post/3mlncojczic27 2026-05-18 14:40:50+00:00| seen| https://gist.github.com/alon710/6c307c7259353f2c5a97793055cbda6e...

6.5CVSS5.7AI score0.00216EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 7:48 a.m.40 views

CVE-2026-2300 BJ Lazy Load <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom HTML Block

The BJ Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the filterimages function in all versions up to, and including, 1.0.9. This is due to the use of regex-based HTML processing pregreplace that does not properly handle HTML attribute boundaries when replacing sr...

6.4CVSS0.00193EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/12 7:48 a.m.8 views

CVE-2026-2300 BJ Lazy Load <= 1.0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom HTML Block

The BJ Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the filterimages function in all versions up to, and including, 1.0.9. This is due to the use of regex-based HTML processing pregreplace that does not properly handle HTML attribute boundaries when replacing sr...

6.4CVSS6AI score0.00193EPSS
Exploits0References5
Wolfi
Wolfi
added 2026/05/12 7:48 a.m.13 views

GHSA-389R-GV7P-R3RP vulnerabilities

Vulnerabilities for packages: grype, zarf, kubescape, grafana, kyverno, src-fingerprint, trivy, goreleaser, pulumi-kubernetes-operator, nfpm, flux-source-controller, cerbos, teleport, pulumi-language-yaml, wolfictl, pulumi, argo-cd, flux-image-automation-controller, snyk-cli, flux, xeol,...

5.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/12 7:45 a.m.9 views

CVE-2026-6402 webpack-dev-server vulnerable to cross-origin source code exposure on non-HTTPS origins

webpack-dev-server versions up to and including 5.2.3 are vulnerable to cross-origin source code exposure when serving over a non-potentially trustworthy origin such as plain HTTP. The previous fix relied on the Sec-Fetch-Mode and Sec-Fetch-Site request headers, which browsers omit for...

5.3CVSS5.8AI score0.00216EPSS
Exploits0References2
Chainguard
Chainguard
added 2026/05/12 7:19 a.m.33 views

CVE-2026-45022 vulnerabilities

Vulnerabilities for packages: chainloop-cli, coder, argo-workflows-fips, upwind-agent, trivy, argo-events-fips, steampipe, trivy-operator-fips, gitlab-rails-ce, kargo, grype, amazon-ssm-agent-fips, kubevela-fips, scorecard, src-fingerprint-fips, teleport, pulumi-kubernetes-operator,...

7.5CVSS5.8AI score0.00159EPSS
Exploits0
Circl
Circl
added 2026/05/12 6:6 a.m.8 views

CVE-2026-2614

creationtimestamp| type| source ---|---|--- 2026-05-12 06:06:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mln4pnz4sy2t...

7.5CVSS5.8AI score0.00657EPSS
Exploits1References1
Circl
Circl
added 2026/05/12 5:41 a.m.11 views

CVE-2026-7287

creationtimestamp| type| source ---|---|--- 2026-05-12 05:41:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mln3czbvcb2q...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
Circl
Circl
added 2026/05/12 5:38 a.m.11 views

CVE-2026-41489

creationtimestamp| type| source ---|---|--- 2026-05-12 05:38:42+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mln357zkq62n...

8.8CVSS5.8AI score0.00132EPSS
Exploits0References1
Rows per page
Query Builder