CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added yesterday•6 views

EUVD-2026-38597

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.13.0 until 2.14.0, a potential Denial-of-Service exists when attacker sends deeply nested JSON if and only if the service reads deeply nested 1000s of levels JSON as JsonNode...

6.3CVSS5.9AI score

CVE•added yesterday•16 views

CVE-2026-47376

CVE-2026-47376 (NocoDB) describes a reflected XSS on the password-reset flow. Before 2026.04.1, the token from the password-reset URL was directly embedded into a JavaScript string in a server-rendered EJS template, which does not escape single quotes or backslashes. This allowed an attacker-cont...

5.1CVSS5.9AI score0.0009EPSS

Exploits0References1

CVE•added yesterday•6 views

CVE-2026-11820

CVE-2026-11820 affects the community.general nexmo module. Credentials api_key and api_secret are declared no_log but are URL-encoded into a GET request, exposing them in the query string (e.g., .../sms/json?api_key=...&api_secret=...). The vulnerability arises because the code constructs the URL...

EUVD•added yesterday•6 views

EUVD-2026-38605

Module: plugins/modules/nexmo.py CVSS 3.1: 6.5 MEDIUM — AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: apikey and apisecret are declared nolog=True at the input level, but both credentials are immediately URL-encoded into a GET request as query parameters, bypassing all nolog protection. Vulnerable...

ATTACKERKB•added yesterday•2 views

CVE-2026-11820

RedhatCVE•added yesterday•3 views

CVE-2026-11820

EUVD•added yesterday•6 views

EUVD-2026-38442

Grav before 2.0.0-beta.2 contains an XML external entity injection vulnerability in SVG file upload processing that allows authenticated attackers to read arbitrary files. The application uses simplexmlloadstring without disabling external entity loading, enabling attackers to inject XXE payloads...

7.1CVSS6AI score

Nuclei•added yesterday•25 views

NocoBase - SQL Injection

NocoBase versions prior to 2.0.39 contain a SQL injection vulnerability in the @nocobase/database package. The queryParentSQL function in eager-loading-tree.ts constructs a recursive CTE query by directly concatenating user-controlled primary key values into the SQL WHERE IN clause without...

8.8CVSS6.1AI score0.01875EPSS

Exploits1References2

Nuclei•added yesterday•41 views

WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting

WordPress amty-thumb-recent-post plugin 8.1.3 contains a cross-site scripting vulnerability via the query string to amtyThumbPostsAdminPg.php. id: CVE-2017-17059 info: name: WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting author: daffainfo severity: medium description: WordPress...

6.1CVSS6.2AI score0.03419EPSS

Exploits1References4

Positive Technologies•added yesterday•7 views

PT-2026-51594

Name of the Vulnerable Software and Affected Versions jackson-databind versions 2.13.0 through 2.13.x Description A potential Denial-of-Service exists when a service reads deeply nested JSON thousands of levels as a JsonNode using the readTree function of ObjectMapper and subsequently writes that...

6.3CVSS5.9AI score

Exploits0References8

CVE•added 2 days ago•62 views

CVE-2026-53539

CVE-2026-53539 (Python-Multipart) affects the Python-Multipart streaming multipart parser. Prior to 0.0.30, parsing application/x-www-form-urlencoded bodies used a two-step field separator lookup, causing an O(B^2) worst-case workload per chunk when semicolon is used as the separator and no amper...

7.5CVSS6.1AI score0.00263EPSS

Exploits0References1

CVE•added 2 days ago•37 views

CVE-2026-54268

The CVE affects Angular’s Date formatting in the @angular/common package. The formatDate utility (and DatePipe) can trigger a Denial of Service when confronted with a maliciously long or attacker-controlled date format string. The root cause is an internal parser that iteratively splits the forma...

8.2CVSS5.9AI score0.00318EPSS

Nuclei•added 2 days ago•12 views

WordPress Contact Form by Supsystic - Server-Side Template Injection

Contact Form by Supsystic WordPress plugin = 1.7.36 contains a server-side template injection caused by unsandboxed TwigLoaderString and cfsPreFill functionality, letting unauthenticated attackers execute arbitrary code remotely via GET parameters. id: CVE-2026-4257 info: name: WordPress Contact...

9.8CVSS6.2AI score0.41475EPSS

Exploits7References3

OSV•added 4 days ago•8 views

DEBIAN-CVE-2026-9265

Crypt::OpenSSL::PKCS12 versions before 1.96 for Perl permits a heap OOB read in printattribute UTF8STRING path. printattribute copies a UTF8STRING ASN.1 attribute value into a heap buffer sized exactly to its declared length via strncpy, leaving no NUL terminator. Downstream callers run strlen on...

9.1CVSS6.1AI score0.00354EPSS

Exploits0References1

NVD•added 4 days ago•9 views

CVE-2026-9265

9.1CVSS0.00354EPSS

EUVD•added 4 days ago•7 views

EUVD-2026-38103

6.1AI score0.00354EPSS

Debian CVE•added 4 days ago•4 views

CVE-2026-9265

9.1CVSS6.1AI score0.00354EPSS

Exploits0

RedHat Linux•added 4 days ago•6 views

kernel: Buffer overflow in drivers/xen/sys-hypervisor.c

A flaw was found in the Linux kernel. A buffer overflow vulnerability exists in the Xen hypervisor driver drivers/xen/sys-hypervisor.c. This flaw occurs because the HYPERVISORxenversionXENVERbuildid function returns a build ID that is not properly null-terminated. When the buildidshow function...

7.8CVSS6.1AI score0.00197EPSS

Exploits0References5

AstraLinux•added 5 days ago•3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ext4: The issue in parseapplysbmountoptions where string copying was corrected. strncpypad cannot be used to copy a non-NUL-terminated string into a NUL-terminated string of possibly larger size. Commit 0efc5990bca5 "string.h:...

7.8CVSS6.3AI score0.00153EPSS