Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

266110 matches found

Nuclei
Nucleiadded yesterday12 views

WordPress Post Timeline Plugin < 2.2.6 - Cross-Site Scripting

The Post Timeline WordPress plugin before version 2.2.6 contains a reflected cross-site scripting vulnerability. The plugin does not properly sanitize and escape an invalid nonce before outputting it back in an AJAX response, which could allow attackers to execute arbitrary JavaScript code in an...

6.1CVSS7AI score0.00709EPSS
Exploits1References2
NVD
NVDadded 2 days ago6 views

CVE-2026-11943

Akaunting 3.1.21 contains an authenticated stored cross-site scripting vulnerability in the document timeline shown on invoice and bill detail pages. An authenticated user can store HTML/JavaScript in their own profile name...

4.8CVSS0.00261EPSS
Exploits0References2
EUVD
EUVDadded 2 days ago6 views

EUVD-2026-38270

Akaunting 3.1.21 contains an authenticated stored cross-site scripting vulnerability in the document timeline shown on invoice and bill detail pages. An authenticated user can store HTML/JavaScript in their own profile name...

4.8CVSS5.7AI score0.00261EPSS
Exploits0References2
CVE
CVEadded 2 days ago10 views

CVE-2026-11943

CVE-2026-11943 affects Akaunting 3.1.21 and is an authenticated stored cross-site scripting vulnerability in the document timeline shown on invoice and bill detail pages. An authenticated user can store HTML/JavaScript in their own profile name, which can be reflected in the UI. The CVSS4 vector ...

4.8CVSS5.7AI score0.00261EPSS
Exploits0References2
Cvelist
Cvelistadded 2 days ago27 views

CVE-2026-11943 Akaunting 3.1.21 - Authenticated stored XSS in document timeline

Akaunting 3.1.21 contains an authenticated stored cross-site scripting vulnerability in the document timeline shown on invoice and bill detail pages. An authenticated user can store HTML/JavaScript in their own profile name...

4.8CVSS0.00261EPSS
Exploits0References2
Circl
Circladded 2 days ago4 views

CVE-2026-6645

creationtimestamp| type| source ---|---|--- 2026-06-22 04:30:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116791877623901189 2026-06-22 04:30:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mou2gzwtck2t 2026-06-22 04:37:44+00:00| seen|...

7.3CVSS5.8AI score0.00136EPSS
Exploits0References6
Circl
Circladded 3 days ago5 views

CVE-2026-12805

creationtimestamp| type| source ---|---|--- 2026-06-21 21:54:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3motedaxnnf23...

7.5CVSS5.8AI score0.00279EPSS
Exploits0References1
Circl
Circladded 3 days ago6 views

CVE-2026-12786

creationtimestamp| type| source ---|---|--- 2026-06-21 09:00:27+00:00| seen| https://infosec.exchange/users/offseq/statuses/116787277091790305 2026-06-21 11:45:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moscbep5rm2n...

8.5CVSS7.1AI score0.00113EPSS
Exploits0References2
Circl
Circladded 5 days ago7 views

CVE-2026-49230

creationtimestamp| type| source ---|---|--- 2026-06-19 15:47:18+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3monoullf4522...

6.3CVSS5.8AI score0.0023EPSS
Exploits0References1
Circl
Circladded last week7 views

CVE-2026-20190

creationtimestamp| type| source ---|---|--- 2026-06-17 18:24:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moiwpw3s7724 2026-06-17 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1928 2026-06-18 13:15:12+00:00| seen|...

7.5CVSS5.8AI score0.00407EPSS
Exploits0References5
Circl
Circladded last week8 views

CVE-2026-35306

creationtimestamp| type| source ---|---|--- 2026-06-17 05:04:25+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mohjz6m67e2e 2026-06-17 05:31:59+00:00| seen| https://www.acn.gov.it/portale/w/critical-patch-update-di-oracle-8 2026-06-18 13:37:06+00:00| seen|...

9.3CVSS4.9AI score0.00353EPSS
Exploits0References3
Circl
Circladded 2026/06/15 10:40 p.m.7 views

CVE-2026-11850

creationtimestamp| type| source ---|---|--- 2026-06-15 22:40:51+00:00| seen| https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3moee4eyg372o...

5CVSS4.9AI score0.00261EPSS
Exploits0References1
Circl
Circladded 2026/06/15 10:11 p.m.9 views

CVE-2026-50560

creationtimestamp| type| source ---|---|--- 2026-06-15 22:11:13+00:00| seen| https://gist.github.com/alon710/b74444b3a1d431dd08f4a234b8c8a8c9...

6.9CVSS5AI score0.00302EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/11 8:59 a.m.9 views

CVE-2026-8613

The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'titletag' Widget Setting in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.7AI score0.002EPSS
Exploits0References1
Circl
Circladded 2026/06/11 8:0 a.m.7 views

CVE-2026-41856

creationtimestamp| type| source ---|---|--- 2026-06-11 08:00:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnyr3dgend2x 2026-06-11 09:00:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116730653982449979 2026-06-11 09:00:29+00:00| seen|...

7.5CVSS5AI score0.00352EPSS
Exploits0References4
Circl
Circladded 2026/06/11 12:31 a.m.8 views

CVE-2026-46669

creationtimestamp| type| source ---|---|--- 2026-06-11 00:31:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnxxy6qthc2m...

8.7CVSS5.3AI score0.00226EPSS
Exploits0References1
Circl
Circladded 2026/06/10 8:6 p.m.7 views

CVE-2026-47939

creationtimestamp| type| source ---|---|--- 2026-06-10 20:06:05+00:00| seen| https://bsky.app/profile/experiencedigest.bsky.social/post/3mnxj4zowxe2u...

5.4CVSS5.3AI score0.00307EPSS
Exploits0References1
Circl
Circladded 2026/06/10 7:3 p.m.7 views

CVE-2026-0270

creationtimestamp| type| source ---|---|--- 2026-06-10 19:03:20+00:00| seen| https://bsky.app/profile/ripjyr.bsky.social/post/3mnxfmtixdo25 2026-06-10 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1917...

7.5CVSS5.3AI score0.00156EPSS
Exploits0References2
Circl
Circladded 2026/06/10 10:54 a.m.7 views

CVE-2026-8071

creationtimestamp| type| source ---|---|--- 2026-06-10 10:54:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnwkcoeuvv2r 2026-06-10 12:00:21+00:00| seen| https://bsky.app/profile/pulse-wp.com/post/3mnwnyiff372t 2026-06-10 12:00:36+00:00| seen|...

8.8CVSS5.3AI score0.00296EPSS
Exploits0References3
NVD
NVDadded 2026/06/10 8:16 a.m.10 views

CVE-2026-8613

The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'titletag' Widget Setting in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.002EPSS
Exploits0References8
Rows per page
Query Builder