CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2 days ago•1 views

ROOT-OS-DEBIAN-13-CVE-2022-1247 CVE-2022-1247 in rootio-linux - Patched by Root

Root has patched CVE-2022-1247 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

7CVSS5.4AI score0.00027EPSS

OSV•added 3 days ago•5 views

ROOT-OS-UBUNTU-2204-CVE-2026-4438 CVE-2026-4438 in rootio-glibc - Patched by Root

Root has patched CVE-2026-4438 in the rootio-glibc package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.4CVSS5.8AI score0.00066EPSS

OSV•added 3 days ago•5 views

ROOT-OS-UBUNTU-2204-CVE-2026-4437 CVE-2026-4437 in rootio-glibc - Patched by Root

Root has patched CVE-2026-4437 in the rootio-glibc package for Root:Ubuntu:22.04. Multiple fixed versions available...

7.5CVSS5.8AI score0.00089EPSS

UbuntuCve•added 3 days ago•2 views

CVE-2026-37712

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-al...

7.3CVSS5.8AI score0.00328EPSS

Exploits0References1

OSV•added 4 days ago•2 views

ROOT-OS-DEBIAN-11-CVE-2022-21546 CVE-2022-21546 in rootio-linux - Patched by Root

Root has patched CVE-2022-21546 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

7.8CVSS7.8AI score0.00068EPSS

EUVD•added 6 days ago•4 views

EUVD-2026-33297

FreePBX is an open source IP PBX. Prior to 16.0.22 and 17.0.5, the Dashboard module's getcontent AJAX handler includes PHP files based on user-supplied input without path sanitization. The $REQUEST'rawname' parameter is concatenated into an include call with a .class.php suffix, allowing path...

7.6CVSS6AI score0.00047EPSS

Exploits0References1

RedhatCVE•added last week•5 views

CVE-2026-37713

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/core/class/commonobject.class.php...

7.3CVSS6.2AI score0.00328EPSS

Exploits0References1

CVE•added last week•13 views

CVE-2026-8979

CVE-2026-8979 affects the Mennekes Amtron series firmware versions ≤ 5.22.3. The vulnerability is an authentication bypass where an unauthenticated remote attacker can change a user account password by sending a crafted POST to the /operator/operator endpoint. The CVSS data indicates a critical i...

10CVSS5.8AI score0.00118EPSS

Exploits1References1

Cvelist•added last week•25 views

CVE-2026-8979 Authentication Bypass

The Mennekes Amtron series firmware versions ≤ 5.22.3 is vulnerable to an authentication bypass. An unauthenticated remote attacker can change the password of the user account via a crafted POST request to the /operator/operator endpoint...

10CVSS0.00118EPSS

Exploits1References1

Positive Technologies•added 2026/05/28 12:0 a.m.•4 views

PT-2026-44213

Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do...

5.1CVSS6AI score0.00217EPSS

OSV•added 2026/05/27 9:35 p.m.•1 views

GHSA-G794-3FMP-753H AsyncSSH `AuthorizedKeysFile %u` path traversal allows attacker-selected authorized keys to authenticate a traversal username

Summary AsyncSSH 2.22.0 expands the OpenSSH-compatible AuthorizedKeysFile %u token with the raw SSH username during pre-authentication server config reload. A server configured with a documented per-user key pattern such as AuthorizedKeysFile authorizedkeys/%u can be made to read an authorized-ke...

8.2CVSS5.8AI score

CVE•added 2026/05/27 12:2 a.m.•20 views

CVE-2026-9312

CVE-2026-9312 – GitHub Enterprise Server SSRF : An unauthenticated attacker could exploit insufficient input validation in an upload endpoint to inject path traversal and redirect internal API calls, potentially accessing internal services and sensitive credentials. Affected: all GitHub Enterpris...

9.2CVSS5.8AI score0.00053EPSS

Exploits0References6Affected Software1

CNNVD•added 2026/05/27 12:0 a.m.•6 views

Dolibarr ERP/CRM 安全漏洞

Dolibarr ERP/CRM is a web-based enterprise resource planning ERP and customer relationship management CRM system developed by the Dolibarr Foundation in France. This system can be used to manage products, inventory, invoices, orders, etc. Versions of Dolibarr ERP/CRM from 22.0.0 to 22.0.4, as wel...

7.3CVSS6.1AI score0.00328EPSS

CNNVD•added 2026/05/27 12:0 a.m.•8 views

Dolibarr ERP/CRM 安全漏洞

7.3CVSS6.1AI score0.00328EPSS

Exploits0References3

Cvelist•added 2026/05/27 12:0 a.m.•32 views

CVE-2026-37712

An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-alpha allows a remote attacker to execute arbitrary code via the htdocs/cron/class/cronjob.class.php, calluserfuncarray in function job type...

0.00328EPSS

OSV•added 2026/05/26 7:25 a.m.•2 views

ROOT-OS-UBUNTU-2204-CVE-2024-41031 CVE-2024-41031 in rootio-linux - Patched by Root

Root has patched CVE-2024-41031 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.5CVSS7.8AI score0.00018EPSS

OSV•added 2026/05/26 7:25 a.m.•4 views

ROOT-OS-UBUNTU-2204-CVE-2025-38174 CVE-2025-38174 in rootio-linux - Patched by Root

Root has patched CVE-2025-38174 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.5CVSS7.8AI score0.00114EPSS

OSV•added 2026/05/26 7:25 a.m.•3 views

ROOT-OS-UBUNTU-2204-CVE-2022-50070 CVE-2022-50070 in rootio-linux - Patched by Root

Root has patched CVE-2022-50070 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

7.8CVSS7.6AI score0.00052EPSS

OSV•added 2026/05/26 7:25 a.m.•4 views

ROOT-OS-UBUNTU-2204-CVE-2025-68184 CVE-2025-68184 in rootio-linux - Patched by Root

Root has patched CVE-2025-68184 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.4AI score0.00028EPSS