CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

VulnCheck KEV•added 2026/05/12 12:0 a.m.•25 views

VulnCheck KEV: CVE-2026-44338

PraisonAI is a multi-agent teams system. From version 2.5.6 to before version 4.6.34, PraisonAI ships a legacy Flask API server with authentication disabled by default. When that server is used, any caller that can reach it can access /agents and trigger the configured agents.yaml workflow throug...

7.3CVSS5.7AI score0.19037EPSS

In wildExploits3References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-54903

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00616EPSS

Exploits0References3

RedhatCVE•added 2025/08/24 12:13 a.m.•6 views

CVE-2024-50644

zhisheng17 blog 3.0.1-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this vulnerability to access API without any token...

9.8CVSS7.4AI score0.00481EPSS

Exploits0References1

RedhatCVE•added 2025/08/24 12:13 a.m.•4 views

CVE-2024-50645

MallChat v1.0-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this vulnerability to access API without any token...

9.8CVSS7.4AI score0.00616EPSS

Exploits0References1

NVD•added 2025/08/22 6:15 p.m.•5 views

CVE-2024-50645

MallChat v1.0-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this vulnerability to access API without any token...

9.8CVSS0.00616EPSS

Exploits0References3

Vulnrichment•added 2025/08/22 12:0 a.m.•3 views

CVE-2024-50645

MallChat v1.0-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this vulnerability to access API without any token...

6.8AI score0.00616EPSS

Exploits0References3

NVD•added 2025/08/21 6:15 p.m.•38 views

CVE-2024-50641

An authentication bypass vulnerability in PandoraNext-TokensTool v0.6.8 and before. An attacker can exploit this vulnerability to access API without any token...

8.1CVSS0.00403EPSS

Exploits0References1

OSV•added 2025/08/20 5:15 p.m.•4 views

CVE-2025-50904

There is an authentication bypass vulnerability in WinterChenS my-site thru commit 6c79286 2025-06-11. An attacker can exploit this vulnerability to access /admin/ API without any token...

9.8CVSS5.8AI score0.00415EPSS

Exploits1References1

OSV•added 2025/08/20 3:15 p.m.•2 views

CVE-2024-57491

Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...

8.8CVSS5.7AI score0.00328EPSS

Exploits0References1

NVD•added 2025/08/20 3:15 p.m.•17 views

CVE-2024-57491

Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit this vulnerability to access sensitive API without any token via the preHandle function...

8.8CVSS0.00328EPSS

Exploits0References1

Vulnrichment•added 2025/08/20 12:0 a.m.•3 views

CVE-2024-57157

Incorrect access control in Jantent v1.1 allows attackers to bypass authentication and access sensitive APIs without a token...

7.3AI score0.00397EPSS

Exploits0References1

RedHat Linux•added 2017/11/28 9:34 p.m.•2 views

3: authentication bypass for elasticsearch with external routes

An attacker with knowledge of the given name used to authenticate and access Elasticsearch can later access it without the token, bypassing authentication. This attack also requires that the Elasticsearch be configured with an external route, and the data accessed is limited to the indices...

6.5CVSS5.8AI score0.01387EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by