CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added yesterday•5 views

EUVD-2026-34093

Cvelist•added yesterday•20 views

CVE-2026-47324 Stored XSS in Multiple Points in ProjectsAndPrograms school-management-system

5.1CVSS

Vulnrichment•added yesterday•3 views

CVE-2026-47324 Stored XSS in Multiple Points in ProjectsAndPrograms school-management-system

ATTACKERKB•added yesterday•3 views

CVE-2026-47324

Exploits0References3Affected Software1

Positive Technologies•added yesterday•8 views

PT-2026-45942

CVE•added 3 days ago•9 views

Exploits0References3

CVE-2026-10226

CVE-2026-10226 affects the project raisulislamg4 student_management_system_by_php (file delete.php). The issue is a SQL injection that can be triggered by manipulating arguments such as user_id, course_id, teacher_id, student_id, or application_id. The vulnerability is exploitable remotely and ex...

7.5CVSS6.8AI score0.00033EPSS

Exploits0References6

Malwarebytes•added 3 days ago•11 views

Payment apps are watching what you say (Lock and Code S07E11)

This week on the Lock and Code podcast … In the United States today, you can have your bank account closed, your credit cards cancelled, and your online payments revoked for any number of crimes, like funding terrorism, engaging in money laundering, or violating sanctions. Sensible, right? Well,...

5.9AI score

Exploits0

Packet Storm News•added 2026/05/23 12:0 a.m.•9 views

Reasoning As an Attack Surface: Adaptive Evolutionary CoT Jailbreaks for LLMs

Large Reasoning Models LRMs have demonstrated remarkable capabilities in reasoning and generation tasks and are increasingly deployed in real-world applications. However, their explicit chain-of-thought CoT mechanism introduces new security risks, making them particularly vulnerable to jailbreak...

5.8AI score

Exploits0

RedhatCVE•added 2026/05/11 8:26 p.m.•3 views

CVE-2026-8209

Gibbon versions before v30.0.01 are affected by a path traversal vulnerability resulting in DOS by attempting extraction of web application PHP files, failed .zip extraction results in deletion of the file and a DOS condition. Successful exploitation requires Teacher or higher privileges...

RedhatCVE•added 2026/05/11 8:26 p.m.•7 views

Exploits0References1

CVE-2026-8207

Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection vulnerability by abusing the Tracking/graphing https://github.com/GibbonEdu/core/blob/c431e25fdc874adece5d2dc7e408e9aa2d1abadb/modules/Tracking/graphing.phpL145 feature. Successful exploitation requires Teacher or high...

7CVSS5.9AI score0.00036EPSS

Exploits0References1

NVD•added 2026/05/09 4:16 a.m.•6 views

CVE-2026-8209

6.9CVSS0.00075EPSS

NVD•added 2026/05/09 4:16 a.m.•8 views

CVE-2026-8208

Gibbon versions before v30.0.01 are affected by a local file inclusion vulnerability resulting in RCE by changing the report archive directory and forcing interpretation of a user provided .zip as PHP. Successful exploitation requires Teacher or higher privileges. Exploitation could result in...

8.9CVSS0.00051EPSS

EUVD•added 2026/05/09 3:19 a.m.•6 views

EUVD-2026-28899

CVE•added 2026/05/09 3:19 a.m.•4 views

CVE-2026-8209

Gibbon before v30.0.01 is affected by a path traversal vulnerability that can cause denial of service via attempting to extract web application PHP files; failed .zip extraction may delete the file and cause downtime. Exploitation requires Teacher or higher privileges and could lead to loss of we...

Vulnrichment•added 2026/05/09 3:19 a.m.•3 views

CVE-2026-8209

Cvelist•added 2026/05/09 3:19 a.m.•26 views

CVE-2026-8209

6.9CVSS0.00075EPSS