Lucene search
+L

1128 matches found

Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.6 views

PT-2026-27889

Name of the Vulnerable Software and Affected Versions Goldish versions prior to 3.47 Description An issue exists in Goldish that allows for object injection due to deserialization of untrusted data. Recommendations Update Goldish to version 3.47 or later...

9.8CVSS5.9AI score0.00375EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.8 views

PT-2026-27925

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in King-Theme Lumise Product Designer lumise allows Blind SQL Injection.This issue affects Lumise Product Designer: from n/a through 2.0.9...

5.9AI score0.00283EPSS
Exploits0References3
NVD
NVD
added 2026/03/24 9:16 p.m.5 views

CVE-2026-3889

Spoofing issue in Thunderbird. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9...

6.5CVSS0.00202EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/24 12:30 p.m.23 views

CVE-2026-4722 Privilege escalation in the IPC component

Privilege escalation in the IPC component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

0.00313EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/03/24 12:30 p.m.5 views

CVE-2026-4687

Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

9.6CVSS7.2AI score0.00539EPSS
Exploits0References6
CVE
CVE
added 2026/03/21 12:42 a.m.22 views

CVE-2026-32052

OpenClaw is affected in versions prior to 2026.2.24. The vulnerability is a command injection in the system.run shell-wrapper that enables execution of hidden commands by injecting trailing positional argv carriers after inline shell payloads. The attack can be triggered through crafted approval ...

9.8CVSS6.1AI score0.00911EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2026/03/20 8:54 p.m.8 views

WordPress MyDecor theme < 1.5.9 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme MyDecor versions 1.5.9...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/03/20 8:44 p.m.4 views

WordPress Feedy theme < 2.1.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Phat RiO in WordPress Theme Feedy versions 2.1.5...

8.1CVSS5.8AI score0.00403EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/03/20 7:16 a.m.8 views

CVE-2026-33053

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the deleteapikeyroute endpoint accepts an apikeyid path parameter and deletes it with only a generic authentication check getcurrentactiveuser dependency. However, the deleteapikey CRUD...

8.8CVSS0.0039EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/19 6:41 a.m.26 views

CVE-2026-27093 WordPress Tripgo theme < 1.5.6 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ovatheme Tripgo tripgo allows PHP Local File Inclusion.This issue affects Tripgo: from n/a through 1.5.6...

8.1CVSS0.00344EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2026/03/18 3:31 p.m.6 views

CVE-2026-4111 affecting package libarchive for versions less than 3.6.1-9

CVE-2026-4111 affecting package libarchive for versions less than 3.6.1-9. A patched version of the package is available...

7.5CVSS5.8AI score0.00693EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/03/18 1:12 p.m.6 views

CVE-2026-25449

Deserialization of Untrusted Data vulnerability in Shinetheme Traveler allows Object Injection.This issue affects Traveler: from n/a before 3.2.8.1...

9.8CVSS5.8AI score0.00322EPSS
Exploits0References2
NVD
NVD
added 2026/03/13 7:55 p.m.4 views

CVE-2026-32452

Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through 3.15.0...

5.3CVSS0.00182EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2026/03/13 7:1 p.m.12 views

CVE-2026-26018 affecting package coredns for versions less than 1.11.4-15

CVE-2026-26018 affecting package coredns for versions less than 1.11.4-15. A patched version of the package is available...

7.5CVSS5.8AI score0.01093EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/03/13 5:35 p.m.8 views

CVE-2026-26018 affecting package coredns for versions less than 1.11.1-26

CVE-2026-26018 affecting package coredns for versions less than 1.11.1-26. A patched version of the package is available...

7.5CVSS5.8AI score0.01093EPSS
Exploits1
CVE
CVE
added 2026/03/13 3:44 p.m.28 views

CVE-2026-4092

CVE-2026-4092 affects Google clasp prior to 3.2.0. A path traversal in filenames within a Google Apps Script project can lead to remote code execution, enabling an attacker to write arbitrary files on the host. Affected versions:

8.8CVSS6.4AI score0.00465EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/03/13 11:42 a.m.9 views

CVE-2026-32417

CVE-2026-32417 affects the WordPress Pochipp plugin, versions prior to 1.18.9. The issue is a Missing Authorization vulnerability stemming from incorrectly configured access control, allowing unauthorized access according to the description. The affected component is the Pochipp plugin (pochipp) ...

5.4CVSS5.8AI score0.00172EPSS
Exploits0References1
CBLMariner
CBLMariner
added 2026/03/10 10:56 p.m.9 views

CVE-2026-25068 affecting package alsa-lib for versions less than 1.2.9-2

CVE-2026-25068 affecting package alsa-lib for versions less than 1.2.9-2. A patched version of the package is available...

4.6CVSS5.8AI score0.00191EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/03/10 10:56 p.m.5 views

CVE-2025-11065 affecting package opa for versions less than 0.63.0-3

CVE-2025-11065 affecting package opa for versions less than 0.63.0-3. A patched version of the package is available...

5.3CVSS5.8AI score0.00357EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/03/10 10:56 p.m.6 views

CVE-2025-47911 affecting package docker-buildx for versions less than 0.14.0-10

CVE-2025-47911 affecting package docker-buildx for versions less than 0.14.0-10. A patched version of the package is available...

5.3CVSS5.8AI score0.00502EPSS
Exploits0
Rows per page
Query Builder