CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

43 matches found

GithubExploit•added 3 days ago•52 views

Exploit for CVE-2026-8732

CVE-2026-8732 - WordPress WP Google Map Pro Mass Scanner & Aut...

9.8CVSS6.2AI score0.00074EPSS

Exploits5

RedhatCVE•added 2026/05/27 9:5 p.m.•6 views

CVE-2026-46010

A flaw was found in the Linux kernel's rxrpc component. Missing error handling in the rxgkextracttoken function, specifically when rxgkdecryptskb returns an out-of-memory error -ENOMEM, could lead to an unexpected system abort. This vulnerability could allow a local attacker to cause a Denial of...

8.1CVSS5.8AI score0.00053EPSS

Exploits0References4

NVD•added 2026/05/27 2:17 p.m.•6 views

CVE-2026-46010

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix error handling in rxgkextracttoken Fix a missing bit of error handling in rxgkextracttoken: in the event that rxgkdecryptskb returns -ENOMEM, it should just return that rather than continuing on for anything else, it...

8.1CVSS0.00053EPSS

Exploits0References3

OSV•added 2026/05/27 2:17 p.m.•1 views

UBUNTU-CVE-2026-46010

8.1CVSS5.7AI score0.00053EPSS

Exploits0References3

EUVD•added 2026/05/27 12:56 p.m.•3 views

EUVD-2026-32307

5.8AI score0.00053EPSS

Exploits0References3

CNNVD•added 2026/05/27 12:0 a.m.•5 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of error handling in the rxgxkextracttoken function. When rxgxkdecryptskb returns -ENOME...

8.1CVSS5.8AI score0.00053EPSS

Exploits0References3

Veracode•added 2026/05/16 5:20 a.m.•6 views

Information Disclosure

strapi/strapi is vulnerable to information disclosure. The vulnerability is due to insufficient sanitization of relational query parameters in the where filter, which allows an unauthenticated attacker to perform a boolean-oracle attack against restricted adminusers table fields and potentially...

9.2CVSS5.8AI score0.00054EPSS

Exploits2References2Affected Software1

Vulnrichment•added 2026/05/12 12:12 a.m.•5 views

CVE-2026-45321 Malware in 42 @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys

On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/ packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself...

9.6CVSS6AI score0.17051EPSS

Exploits3References4

GithubExploit•added 2026/04/30 3:49 a.m.•39 views

wendor_labs_exploitation

Wendor Vending Machine Exploitation & Security Research Lab T...

6.2AI score

Exploits0

EUVD•added 2026/03/19 10:1 p.m.•2 views

EUVD-2026-13251

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to both 24.10.6 and 25.12.1, the jpgettoken function, which performs lexical analysis by breaking input expressions into tokens, contains a memory leak vulnerability when extracting string literals, field...

2.4CVSS5.7AI score0.00025EPSS

Exploits0References3

Positive Technologies•added 2026/03/10 12:0 a.m.•0 views

PT-2026-24227

Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 8.6.14 Parse Server versions prior to 9.5.2-alpha.1 Description Parse Server, an open-source backend deployable on Node.js infrastructures, contains a NoSQL injection issue. An unauthenticated attacker can inject...

8.7CVSS5.8AI score0.00059EPSS

Exploits0References11

Packet Storm•added 2026/03/04 12:0 a.m.•118 views

📄 WordPress AI Engine 3.1.3 Mass Enumeration

This advisory documents a fully automated PHP-based exploitation framework designed to perform mass enumeration, plugin detection, token extraction, and automated account creation targeting vulnerable WordPress MCP-related REST API endpoints...

9.8CVSS5.9AI score0.85391EPSS

Exploits5

OSV•added 2025/11/07 1:15 a.m.•2 views

CVE-2025-52662

A vulnerability in Nuxt DevTools has been fixed in version 2.6.4. This issue may have allowed Nuxt auth token extraction via XSS under certain configurations. All users are encouraged to upgrade. More details: https://vercel.com/changelog/cve-2025-52662-xss-on-nuxt-devtools...

6.1CVSS6.4AI score0.00025EPSS

Exploits1References2

Vulnrichment•added 2025/11/07 12:43 a.m.•1 views

CVE-2025-52662

6.9CVSS6AI score0.00025EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-18726

Malware in sbrugna...

6.1CVSS6.3AI score0.00783EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views