CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7198 matches found

CNNVD•added 2026/04/10 12:0 a.m.•2 views

Checkmk 安全漏洞

Checkmk is an IT monitoring platform developed by Checkmk Corporation. Versions of Checkmk prior to 2.5.0b4 and 2.4.0p26 contained security vulnerabilities. These vulnerabilities stemmed from Livestatus injection during notification testing modes, allowing authenticated users to inject arbitrary...

7.6CVSS5.9AI score0.00047EPSS

Exploits0References1

GithubExploit•added 2026/04/09 5:10 p.m.•94 views

Exploit for Path Traversal in Xibosignage Xibo

Xibo CMS CVE-2023-33177 Vulnerability Tester !Python 3.6+...

8.8CVSS7.4AI score0.13271EPSS

Exploits3

OSV•added 2026/04/09 1:30 p.m.•1 views

MAL-2026-2522 Malicious code in st-payment (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5bcf8605142a71ab3977537d339f48dfc102fcb49ce37c8f6b74c6b8af38988d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score

Exploits0References1

Hive Pro Threat Advisories•added 2026/04/09 3:40 a.m.•1 views

What Is Threat Hunting? A Complete Guide for Security Teams

What Is Threat Hunting? A Complete Guide for Security Teams Security tools catch a lot. They do not catch everything. Automated detection systems rely on known signatures, predefined rules, and behavioral baselines. Sophisticated adversaries know this and design their operations to slip through t...

5.9AI score

Exploits0

GithubExploit•added 2026/04/08 1:53 a.m.•102 views

LLMtary

LLMtary Elementary — AI-Powered Penetration Testing Platform...

6AI score

Exploits0

GithubExploit•added 2026/04/07 7:26 p.m.•82 views

penetration-testing-engagement

Internal Network Penetration Test Overview Conducted a ful...

6AI score

Exploits0

Wired Threat Level•added 2026/04/07 6:49 p.m.•4 views

Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything

The AI lab's Project Glasswing will bring together Apple, Google, and more than 45 other organizations. They'll use the new Claude Mythos Preview model to test advancing AI cybersecurity capabilities...

5.9AI score

Exploits0

GithubExploit•added 2026/04/07 3:8 p.m.•76 views

dst-engine

DST: Deterministic Security Testing Static analysis that does...

6.1AI score

Exploits0

Packet Storm News•added 2026/04/07 12:0 a.m.•5 views

FortiClient EMS 7.4.6 Vulnerability Assessment Tool

CVE-2026-35616 is a pre-authentication API bypass in FortiClient EMS 7.4.5 and 7.4.6 that allows remote, unauthenticated attackers to bypass certificate-based authentication through HTTP header spoofing. The Django application trusts user-controllable HTTP headers X-SSL-CLIENT-VERIFY,...

9.8CVSS6.1AI score0.34753EPSS

Exploits7

Packet Storm News•added 2026/04/07 12:0 a.m.•2 views

Hackers or Hallucinators? A Comprehensive Analysis of LLM-Based Automated Penetration Testing

The rapid advancement of Large Language Models LLMs has created new opportunities for Automated Penetration Testing AutoPT, spawning numerous frameworks aimed at achieving end-to-end autonomous attacks. However, despite the proliferation of related studies, existing research generally lacks...

6AI score

Exploits0

NVD•added 2026/04/06 8:16 p.m.•1 views

CVE-2026-35199

SymCrypt is the core cryptographic function library currently used by Windows. From 103.5.0 to before 103.11.0, The SymCryptXmssSign function passes a 64-bit leaf count value to a helper function that accepts a 32-bit parameter. For XMSS^MT parameter sets with total tree height = 32 which include...

6.1CVSS0.00055EPSS

Exploits0References1

GithubExploit•added 2026/04/06 6:55 p.m.•82 views

pentest-agent

Pentest Agent AI-powered penetration testing agent using Clau...

5.9AI score

Exploits0

GithubExploit•added 2026/04/06 6:55 p.m.•84 views

VulnHive-AI

Pentest Agent AI-powered penetration testing agent using Clau...

5.9AI score

Exploits0

GithubExploit•added 2026/04/05 10:8 p.m.•102 views

Exploit for Cross-site Scripting in Exclusiveaddons Exclusive_Addons_For_Elementor

WP-Hunter MCP - Autonomous Bug Bounty Hunting MCP SERVER...

9.8CVSS6.3AI score0.10589EPSS

Exploits14

EUVD•added 2026/04/05 9:30 p.m.•2 views

EUVD-2019-20089

WinRAR 5.61 contains a denial of service vulnerability that allows local attackers to crash the application by placing a malformed winrar.lng language file in the installation directory. Attackers can trigger the crash by opening an archive and pressing the test button, causing an access violatio...

6.9CVSS5.9AI score0.00016EPSS

Exploits1References4

Cvelist•added 2026/04/05 8:45 p.m.•19 views

CVE-2019-25677 WinRAR 5.61 Denial of Service via Malformed Language File

6.9CVSS0.00016EPSS

Exploits1References3

GithubExploit•added 2026/04/05 7:54 a.m.•93 views

wp-hijack

Advanced WordPress Vulnerability Scanner & AI-Powered Exploi...

6AI score

Exploits0

Packet Storm News•added 2026/04/05 12:0 a.m.•2 views

Semantics over Syntax: Uncovering Pre-Authentication 5G Baseband Vulnerabilities

Modern 5G user equipment UE processes Radio Resource Control RRC configuration messages during early control-plane exchanges, before authentication and integrity protection are established. Prior work for testing 5G UEs has largely focused on constructing syntactically invalid inputs. In contrast...

5.8AI score

Exploits0

Positive Technologies•added 2026/04/05 12:0 a.m.•0 views

PT-2026-30485

6.9CVSS5.9AI score0.00016EPSS

Exploits1References4

OSV•added 2026/04/04 5:55 a.m.•1 views

GHSA-J3W3-P6MR-3HRH DynFuture Drop Can Construct a Dangling Reference

DynFuture is unsound because its Drop implementation transmutes a trait-object reference into unrelated reference types, which constructs an invalid reference from trait object metadata. This issue was reproduced against dyn-future 3.0.4 under Miri. The crate is unmaintained...

6.3CVSS5.9AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by