Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3663 matches found

Nuclei
Nucleiadded yesterday50 views

Microweber < 1.2.11 - CRLF Injection

CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11. id: CVE-2022-0666 info: name: Microweber 1.2.11 - CRLF Injection author: ritikchaddha severity: high description: | CRLF Injection leads to Sta...

7.6CVSS7.1AI score0.44259EPSS
Exploits1References3
Nuclei
Nucleiadded 2 days ago9 views

MLflow < 3.10.0 - Authentication Bypass on FastAPI Routes

A vulnerability in mlflow/mlflow versions 3.9.0 and earlier allows unauthenticated access to certain FastAPI routes when the server is started with authentication enabled --app-name basic-auth and served via uvicorn ASGI. The FastAPI permission middleware only enforces authentication on /gateway/...

8.6CVSS7.5AI score0.01502EPSS
Exploits1References2
NVD
NVDadded 2 days ago9 views

CVE-2026-12823

A security flaw has been discovered in Browserbase up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default permissions. The attack requires a local approach. The exploit has been released to the public and...

4.8CVSS0.00115EPSS
Exploits0References6
Cvelist
Cvelistadded 3 days ago32 views

CVE-2026-12823 Browserbase Autobrowse Trace Artifact default permission

A security flaw has been discovered in Browserbase up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default permissions. The attack requires a local approach. The exploit has been released to the public and...

4.8CVSS0.00115EPSS
Exploits0References6
CVE
CVEadded 3 days ago12 views

CVE-2026-12823

Technical details about CVE-2026-12823 (affected product, vulnerable component, impact, remediation) are not publicly provided in the supplied documents. Monitor for updates.

4.8CVSS5.3AI score0.00115EPSS
Exploits0References6
OSV
OSVadded 5 days ago12 views

GHSA-F4XH-W4CJ-QXQ8 LangSmith SDK TracingMiddleware: Arbitrary server-side file read

Summary An attacker who can send an HTTP request to a server running the LangSmith SDK's TracingMiddleware can cause that server to read an arbitrary file from its local filesystem and upload the contents to LangSmith as a trace attachment. Depending on how the distributed trace system is deploye...

7.7CVSS6AI score
Exploits0References2
AstraLinux
AstraLinuxadded 5 days ago3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: - BPF: The rcureadlockTraceheld function in bpfmaplookuppercpuelem needs to be checked. The bpfmaplookuppercpuelem helper function is also available for sleepable BPF programs. When BPF JIT is disabled or on a 32-bit host,...

5.5CVSS6.4AI score0.00147EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 5 days ago4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rvcv: fixed an oops caused by the irqsoff latency tracer. The tracehardirqson,off functions require the caller to properly set up the frame pointer. This is because these two functions use the macro CALLERADDR1 also known as...

5.5CVSS5.4AI score0.00207EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 5 days ago2 views

Astra Linux – Vulnerabilities in Linux-6.1, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: tracing: Fixed an out-of-bounds write in traceseqtobuffer. syzbot reported this bug: ================================================================== Bug: KASAN: Out-of-bounds access in traceseqtobuffer in...

7.8CVSS6.6AI score0.00183EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 5 days ago4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: Fixed a sleeping function called from an invalid context in the RT kernel. When setting bootparams="traceevent=initcall:initcallstart tpprintk=1" in the cmdline, the outputprintk function was called, and spinlockirqsave...

5.5CVSS5.4AI score0.00205EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 5 days ago1 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: In the ftrace function, a potential warning was fixed in traceprintkseq during ftracedump. When ftracedumpone is called concurrently with reading from tracepipe, a WARNONONCE message can be triggered due to a race condition. The...

4.7CVSS6.8AI score0.0011EPSS
Exploits0References2
Packet Storm News
Packet Storm Newsadded 2026/06/10 12:0 a.m.9 views

Runtime Skill Audit: Targeted Runtime Probing for Agent Skill Security

Agent skills let LLM agents reuse instructions, resources, tools, and workflows, but they also create a new place for malicious behavior to hide. A skill may look benign in its documentation or code while becoming harmful only when it is invoked with particular user requests, local assets,...

5.7AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/06/05 7:51 p.m.8 views

CVE-2025-52611

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

4.3CVSS5.5AI score0.00157EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/05 7:36 p.m.7 views

CVE-2026-41004

A flaw was found in Spring Cloud Config Server. When trace logging is enabled, sensitive information is inadvertently written in plain text to the logs. A highly privileged local user could exploit this vulnerability to gain unauthorized access to confidential data, leading to information...

4.4CVSS5AI score0.00168EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/06/05 7:15 p.m.6 views

CVE-2026-2652

A vulnerability in mlflow/mlflow versions 3.9.0 and earlier allows unauthenticated access to certain FastAPI routes when the server is started with authentication enabled --app-name basic-auth and served via uvicorn ASGI. The FastAPI permission middleware only enforces authentication on /gateway/...

8.6CVSS7.8AI score0.01502EPSS
Exploits1References1
EUVD
EUVDadded 2026/06/04 11:41 a.m.7 views

EUVD-2025-210059

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

4.3CVSS5.9AI score0.00157EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/06/04 11:41 a.m.5 views

CVE-2025-52611

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

3.1CVSS5.9AI score0.00157EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2026/06/04 11:41 a.m.40 views

CVE-2025-52611 HCL iControl was affected by Unhandled Exception - Stack Trace Disclosure vulnerability

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

3.1CVSS0.00157EPSS
Exploits0References1
CVE
CVEadded 2026/06/04 11:41 a.m.14 views

CVE-2025-52611

CVE-2025-52611 concerns HCL iControl v4.0.0, where an unhandled exception leads to stack trace disclosure. The root cause is described as accessing an undefined object’s property, specifically the dashboard key, within the application's JavaScript code. This missing/improperly initialized object ...

4.3CVSS5.9AI score0.00157EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/04 11:41 a.m.8 views

CVE-2025-52611 HCL iControl was affected by Unhandled Exception - Stack Trace Disclosure vulnerability

HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Specifically, the code attempts to read the property dashboard key from an object that is undefined...

3.1CVSS5.9AI score0.00157EPSS
Exploits0References1
Rows per page
Query Builder