CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 3 hours ago•2 views

CVE-2026-49185

The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec, allowing command/instruction injection...

10CVSS

EUVD•added 4 hours ago•3 views

EUVD-2026-34200

CVE•added 4 hours ago•7 views

CVE-2026-49186

CVE-2026-49186 affects local MQTT brokers where topic-level ACLs are not enforced. This permits any client to subscribe with wildcard topics (# or +) to enumerate hidden devices or publish rogue control commands, enabling potential information disclosure and unauthorized actions. The provided doc...

Cvelist•added 4 hours ago•5 views

CVE-2026-49186 Lack of MQTT Broker Topic Access Control Lists

8.6CVSS

ATTACKERKB•added 4 hours ago•2 views

CVE-2026-49186

ATTACKERKB•added 5 hours ago•1 views

CVE-2026-49185

The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec, allowing command/instruction injection...

10CVSS5.8AI score

EUVD•added 5 hours ago•3 views

EUVD-2026-34199

The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec, allowing command/instruction injection...

10CVSS5.8AI score

Positive Technologies•added 8 hours ago•3 views

PT-2026-46141

RedhatCVE•added yesterday•2 views

CVE-2026-10258

A weakness has been identified in itsourcecode Content Management System 1.0. Impacted is an unknown function of the file /admin/addsubtopic.php. This manipulation of the argument topicid causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available ...

6.5CVSS5.7AI score0.00033EPSS

NVD•added 2 days ago•9 views

CVE-2026-35443

NamelessMC is website software for Minecraft servers. In version 2.2.4, modules/Forum/classes/ForumPostReactionContext.php only verifies that the caller can view the forum, but it does not re-enforce topic-level viewothertopics authorization. As a result, in forums where users may enter the forum...

5.3CVSS0.00038EPSS

NVD•added 2 days ago•3 views

CVE-2026-45080

Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, improper access control allows disclosure of password hash. This issue has been patched in version 2.10.4...

6.9CVSS0.00041EPSS

RedhatCVE•added 2 days ago•4 views

CVE-2026-10257

A security flaw has been discovered in itsourcecode Content Management System 1.0. This issue affects some unknown processing of the file /admin/updatessimg.php. The manipulation of the argument topicid results in sql injection. The attack can be executed remotely. The exploit has been released t...

6.5CVSS5.7AI score0.00033EPSS

EUVD•added 2 days ago•4 views

EUVD-2026-33975

Vulnrichment•added 2 days ago•4 views

CVE-2026-35443 NamelessMC: Forum reactions bypass the "view own topics only" restriction

ATTACKERKB•added 2 days ago•3 views

CVE-2026-35443

Positive Technologies•added 2 days ago•3 views

PT-2026-45782

6.9CVSS5.7AI score0.00041EPSS

Exploits0References3

Positive Technologies•added 2 days ago•4 views

PT-2026-45800

NamelessMC is website software for Minecraft servers. In version 2.2.4, modules/Forum/classes/ForumPostReactionContext.php only verifies that the caller can view the forum, but it does not re-enforce topic-level view other topics authorization. As a result, in forums where users may enter the for...