CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-31634

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00217EPSS

Exploits0References3

RedhatCVE•added 2025/09/30 6:41 p.m.•6 views

CVE-2025-57266

An issue was discovered in file AssistantController.java in ThriveX Blogging Framework 2.5.9 thru 3.1.3 allowing unauthenticated attackers to gain sensitive information such as API Keys via the /api/assistant/list endpoint...

9.8CVSS7AI score0.00217EPSS

Exploits0References1

OSV•added 2025/09/29 9:15 p.m.•0 views

CVE-2025-57266

9.8CVSS5.8AI score

Exploits0References2

CVE•added 2025/09/29 12:0 a.m.•12 views

CVE-2025-57266

ThriveX Blogging Framework versions 2.5.9 through 3.1.3 contain an unauthenticated information disclosure in AssistantController.java, exposing sensitive data (e.g., API Keys) via the /api/assistant/list endpoint. Publicly available documents (NVD, Red Hat, CVE listings) corroborate the issue and...

9.8CVSS6.6AI score0.00217EPSS

Exploits0References2