CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 4 days ago•7 views

CVE-2026-7858 Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x through CATIA Magic Release 2026x

ATTACKERKB•added 4 days ago•8 views

CVE-2026-7858

EUVD•added 4 days ago•6 views

EUVD-2026-33583

Cvelist•added 4 days ago•24 views

9.8CVSS0.00343EPSS

CVE•added 4 days ago•13 views

CVE-2026-7858

CVE-2026-7858 involves a Deserialization of Untrusted Data flaw affecting Teamwork Cloud (No Magic Release 2022x–2026x) and Magic Collaboration Studio (CATIA Magic Release 2022x–2026x). The root cause is deserialization of untrusted data enabling unauthenticated remote code execution. The entry h...

Positive Technologies•added 4 days ago•6 views

PT-2026-45386

CNNVD•added 4 days ago•4 views

Dassault Systèmes Teamwork Cloud and Dassault Systèmes Magic Collaboration Studio have security vulnerabilities

Dassault Systèmes Teamwork Cloud and Dassault Systèmes Magic Collaboration Studio are both products of Dassault Systèmes, a French company. Dassault Systèmes Teamwork Cloud is a collaborative model version control and storage platform. Dassault Systèmes Magic Collaboration Studio is a cloud-based...

RedhatCVE•added 2026/04/09 7:23 p.m.•1 views

CVE-2026-35023

Wimi Teamwork On-Premises versions prior to 8.2.0 contain an insecure direct object reference vulnerability in the preview.php endpoint where the itemid parameter lacks proper authorization checks. Attackers can enumerate sequential itemid values to access and retrieve image previews from other...

EUVD•added 2026/04/08 3:31 p.m.•2 views

EUVD-2026-20472

Vulnrichment•added 2026/04/08 12:59 p.m.•1 views

Exploits0References3

CVE-2026-35023 Wimi Teamwork On-Premises < 8.2.0 IDOR via preview.php

Cvelist•added 2026/04/08 12:59 p.m.•14 views

CVE-2026-35023 Wimi Teamwork On-Premises < 8.2.0 IDOR via preview.php

5.3CVSS0.00032EPSS

CVE•added 2026/04/08 12:59 p.m.•12 views

CVE-2026-35023

CVE-2026-35023 concerns Wimi Teamwork On-Premises versions prior to 8.2.0. The issue is an insecure direct object reference (IDOR) in the preview.php endpoint where the item_id parameter lacks proper authorization checks. Attackers can enumerate sequential item_id values to access and retrieve im...

Exploits0References2Affected Software1

CNNVD•added 2026/04/08 12:0 a.m.•5 views

Wimi Teamwork On-Premises 安全漏洞

Wimi Teamwork On-Premises is an enterprise collaboration platform developed by the French company Teamwork. Versions of Wimi Teamwork On-Premises prior to 8.2.0 contained a security vulnerability. This vulnerability stemmed from an insecure direct object reference in the preview.php endpoint, whi...

5.3CVSS5.8AI score0.00032EPSS

Talos Blog•added 2025/12/17 11:0 a.m.•3 views

Lexi DiScola’s guide to global teamwork and overflowing TBRs

Welcome back to Humans of Talos. This month, Amy chats with Senior Cyber Threat Analyst Lexi DiScola from the Strategic Analysis team. Lexi's journey into cybersecurity is anything but traditional -- she brings a background in political science and French to her work tracking global cyber threats...

6.5AI score

Exploits0

RedhatCVE•added 2025/10/28 3:59 p.m.•2 views

CVE-2025-34133

Wimi Teamwork versions prior to 7.38.17 contains a cross-site request forgery CSRF vulnerability in its API. The API accepts any authenticated request that contains a JSON field named 'csrftoken' without validating the field’s value; only the presence of the field is checked. An attacker can craf...

7CVSS7.1AI score0.00026EPSS