Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2026/05/29 10:15 p.m.3 views

GHSA-9PC9-4CRJ-MHPJ stigmem-node's Postgres schema identifier handling required defensive quoting

Impact Postgres backend schema identifiers were interpolated into SQL strings. In the reviewed code path the schema value is operator-controlled, but the pattern was unsafe if future call sites allowed tenant or request-controlled schema names. Impacted users are operators using the Postgres...

7.5CVSS5.9AI score
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/04/07 9:1 p.m.3 views

CVE-2026-35533 mise has a local settings bypass config trust checks

mise manages dev tools like node, python, cmake, and terraform. From 2026.2.18 through 2026.4.5, mise loads trust-control settings from a local project .mise.toml before the trust check runs. An attacker who can place a malicious .mise.toml in a repository can make that same file appear trusted a...

7.7CVSS5.9AI score0.00006EPSS
Exploits1References1
OSV
OSVadded 2026/03/02 11:37 p.m.6 views

GHSA-WW6V-V748-X7G9 OpenClaw has a sandbox network isolation bypass via docker.network=container:<id>

Summary In [email protected], sandbox network hardening blocks network=host but still allows network=container:. This can let a sandbox join another container's network namespace and reach services available in that namespace. Preconditions and Trust Model Context This issue requires a...

9CVSS6AI score0.00065EPSS
Exploits0References6
OSV
OSVadded 2025/08/01 11:8 p.m.2 views

CVE-2025-54136 Cursor's Modification of MCP Server Definitions Bypasses Manual Re-approvals

Cursor is a code editor built for programming with AI. In versions 1.2.4 and below, attackers can achieve remote and persistent code execution by modifying an already trusted MCP configuration file inside a shared GitHub repository or editing the file locally on the target's machine. Once a...

7.2CVSS8.4AI score0.00774EPSS
Exploits2References3
CNNVD
CNNVDadded 2025/01/27 12:0 a.m.1 views

Apache Solr 安全漏洞

Apache Solr is a search server based on Lucene a full-text search engine from the Apache Foundation USA. The product supports dimensional search, vertical search, and highlighting of search results. A security vulnerability exists in Apache Solr version 9.7 and earlier versions, which stems from ...

5.5CVSS5.8AI score0.00777EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2004/06/29 12:0 a.m.254 views

Global variable settings

This plugin configures miscellaneous global variables for Nessus plugins. It does not perform any security checks but may disable or change the behavior of others. TRUSTED...

5.7AI score
Exploits0
Tenable Nessus
Tenable Nessusadded 2001/06/15 12:0 a.m.114 views

Cisco CatOS VACM read-write Community String Device Configuration Manipulation

It is possible to obtain the remote private community strings using the View-Based Access Control MIB VACM of the remote Cisco router. An attacker may use this flaw to gain read/write SNMP access on this router. Note that a value in this table does not necessarily mean that an instance with the...

5CVSS8.4AI score0.04007EPSS
Exploits0References3
Rows per page
Query Builder