Lucene search
K

23891 matches found

Circl
Circl
added 2 days ago7 views

CVE-2026-29519

creationtimestamp| type| source ---|---|--- 2026-07-11 10:26:40+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116900862378837802 2026-07-12 11:00:47+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqgzlgbsyo2r...

8.2CVSS6.1AI score0.00386EPSS
Exploits1References2
Circl
Circl
added 2 days ago10 views

CVE-2026-6801

creationtimestamp| type| source ---|---|--- 2026-07-11 07:35:28+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqe5nejffn2e 2026-07-11 08:02:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqe76hgzi22x...

5.3CVSS6.1AI score0.00239EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago8 views

EUVD-2026-43151

The WP Easy Pay – Payment and Donation form Builder for Square plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.5.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for...

4.3CVSS6.1AI score0.00213EPSS
Exploits0References5
Nuclei
Nuclei
added 2 days ago35 views

RevPi Webstatus <= v2.4.5 - Authentication Bypass

An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device id: CVE-2025-41646 info: name: RevPi Webstatus = v2.4.5 - Authentication Bypass author: DhiyaneshDK severity: critic...

9.8CVSS7AI score0.40725EPSS
Exploits2References3
Circl
Circl
added 2 days ago5 views

CVE-2026-53038

creationtimestamp| type| source ---|---|--- 2026-07-11 01:33:28+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdjg2r4yi2y...

6.1AI score0.00168EPSS
Exploits0References1
Circl
Circl
added 2 days ago4 views

CVE-2026-15053

creationtimestamp| type| source ---|---|--- 2026-07-11 00:40:14+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdggv6z7c2c...

7.5CVSS6.1AI score0.00324EPSS
Exploits0References1
Circl
Circl
added 2 days ago4 views

GHSA-5XFX-XJ4H-5P7R

creationtimestamp| type| source ---|---|--- 2026-07-11 00:12:22+00:00| seen| https://gist.github.com/alon710/c12d56fc3c8087be09be97f40fd8c89a...

6.1AI score
Exploits0References1
Circl
Circl
added 3 days ago5 views

GHSA-G936-7JQJ-MWV8

creationtimestamp| type| source ---|---|--- 2026-07-10 22:12:05+00:00| seen| https://gist.github.com/alon710/3aab1c4181e03ef1803e74b755304657...

6.1AI score
Exploits0References1
Circl
Circl
added 3 days ago4 views

CVE-2026-56335

creationtimestamp| type| source ---|---|--- 2026-07-10 21:23:03+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd3gbkepx2y...

7.1CVSS6.1AI score0.00295EPSS
Exploits0References1
CVE
CVE
added 3 days ago7 views

CVE-2026-57213

RabbitMQ’s rabbitmq_federation_management plugin is vulnerable to stored XSS on the Federation Status page because consumer_tag is rendered without HTML escaping. Prior to the fixed releases (3.13.14, 4.0.19, 4.1.10, 4.2.5), a user who can configure a federation upstream or policy could inject co...

5.7CVSS6.2AI score0.00325EPSS
Exploits0References6
Circl
Circl
added 3 days ago5 views

CVE-2026-55843

creationtimestamp| type| source ---|---|--- 2026-07-10 20:07:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqcx6o6zfz2g 2026-07-11 01:01:34+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdhmz3k6w2f...

7CVSS6.1AI score0.00298EPSS
Exploits0References2
Circl
Circl
added 3 days ago6 views

GHSA-W7CG-WHH7-XP28

creationtimestamp| type| source ---|---|--- 2026-07-10 19:42:40+00:00| seen| https://gist.github.com/alon710/b90f7da9d543dd51155aefe8a87d6f66...

6.1AI score
Exploits0References1
Circl
Circl
added 3 days ago5 views

CVE-2026-54469

creationtimestamp| type| source ---|---|--- 2026-07-10 15:30:16+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116896393517811948 2026-07-10 17:27:21+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqcoasxcp327 2026-07-10 21:24:23+00:00| seen|...

8.8CVSS6.1AI score0.00442EPSS
Exploits0References4
Circl
Circl
added 3 days ago5 views

GHSA-4VJ7-5MJ6-JM8M

creationtimestamp| type| source ---|---|--- 2026-07-10 15:11:59+00:00| seen| https://gist.github.com/alon710/6a1f370c6283107f299350100ca84db2...

6.1AI score
Exploits0References1
Circl
Circl
added 3 days ago5 views

CVE-2026-57229

creationtimestamp| type| source ---|---|--- 2026-07-10 14:00:19+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mqccon2eyw25...

6.1AI score
Exploits0References1
Circl
Circl
added 3 days ago5 views

CVE-2025-45422

creationtimestamp| type| source ---|---|--- 2026-07-10 13:32:41+00:00| seen| https://infosec.exchange/users/obivan/statuses/116895931383000599 2026-07-10 13:35:59+00:00| seen| https://bsky.app/profile/obivan.infosec.exchange.ap.brid.gy/post/3mqcb5c7v52t2...

8.1CVSS6.1AI score0.00448EPSS
Exploits0References2
NVD
NVD
added 3 days ago7 views

CVE-2026-41877

R-SOFT DMS is vulnerable to Stored XSS in file upload functionality. Authenticated attacker can inject arbitrary HTML and JS into the name of the file being uploaded, which will be executed when visiting file list or upload status by other users. This issue was fixed in version v3.19-2832 and...

5.1CVSS0.0039EPSS
Exploits0References1
Circl
Circl
added 3 days ago5 views

CVE-2026-15330

creationtimestamp| type| source ---|---|--- 2026-07-10 09:57:40+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbv4pxta22y...

7.5CVSS6.1AI score0.00352EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-11990 KiviCare <= 4.4.0 - Missing Authorization to Unauthenticated Payment Bypass and Appointment Status Manipulation via /payment-success REST Endpoint

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...

5.3CVSS0.00342EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 3 days ago6 views

CVE-2026-41877

R-SOFT DMS is vulnerable to Stored XSS in file upload functionality. Authenticated attacker can inject arbitrary HTML and JS into the name of the file being uploaded, which will be executed when visiting file list or upload status by other users. This issue was fixed in version v3.19-2832 and...

8.7CVSS6.2AI score0.01228EPSS
Exploits0References2
Rows per page
Query Builder