CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

196 matches found

CVE•added 2 days ago•12 views

CVE-2026-9242

The CVE covers RegistrationMagic for WordPress (all versions up to 6.0.8.6) with an AUTHENTICATION BYPASS via forged PayPal IPN requests. The PayPal IPN callback is registered as a nopriv AJAX action with no authentication or nonce, and the handler writes attacker-controlled POST data (including ...

5.3CVSS5.8AI score0.00232EPSS

Exploits0References14

CVE•added 5 days ago•11 views

CVE-2026-56245

Summary (MODE C): Supabase Capgo before 12.128.2 contains an authorization bypass in the SECURITY DEFINER record_build_time RPC, allowing unauthenticated attackers to insert arbitrary build-time records. Exploitation path: POST /rest/v1/rpc/record_build_time with a public API key. Impact: cross‑t...

8.8CVSS6AI score0.00269EPSS

Exploits0References2

CVE•added 6 days ago•40 views

CVE-2026-48020

Traefik CVE-2026-48020 describes an authentication bypass via StripPrefix Route-Level Auth Bypass. Prior to fixes, when a public router uses PathPrefix with StripPrefix, requests containing .. or %2e%2e could match the public route, then after prefix stripping and path normalization, resolve to a...

10CVSS5.9AI score0.00468EPSS

Exploits2References4Affected Software1

Cvelist•added 2026/06/22 6:0 a.m.•31 views

CVE-2026-10530 Pie Register < 3.8.4.10 - Unauthenticated Email Verification Bypass via Predictable Token

The Pie Register WordPress plugin before 3.8.4.10 does not use sufficiently random values when generating its account verification tokens, allowing unauthenticated attackers to predict a valid token and activate an account without access to the associated email inbox...

Exploits0References1

NVD•added 2026/06/21 2:16 p.m.•11 views

CVE-2026-56299

Capgo before 12.128.2 contains an authentication bypass vulnerability in the /build/upload/:jobId/ endpoint that allows unauthenticated attackers to trigger consistent 500 errors. Remote attackers can send OPTIONS requests to bypass authentication middleware and invoke tusProxy logic with invalid...

6.9CVSS0.00391EPSS

Exploits0References2

EUVD•added 2026/06/15 9:30 p.m.•11 views

EUVD-2026-36914

Unauthenticated Bypass Vulnerability in WpTravelly = 2.1.7 versions...

7.5CVSS5.2AI score0.00267EPSS

Exploits0References2

NVD•added 2026/06/15 9:16 p.m.•6 views

CVE-2026-42752

Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...

6.5CVSS0.00222EPSS

Exploits0References1

NVD•added 2026/06/15 9:16 p.m.•6 views

CVE-2026-42655

Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP = 4.6.19 versions...

5.9CVSS0.00249EPSS

Exploits0References1

NVD•added 2026/06/15 9:16 p.m.•7 views

CVE-2026-42662

Unauthenticated Bypass Vulnerability in Event Tickets = 5.27.5 versions...

6.5CVSS0.00316EPSS

Exploits0References1

NVD•added 2026/06/15 9:16 p.m.•7 views

CVE-2026-27089

Unauthenticated Bypass Vulnerability in WpTravelly = 2.1.7 versions...

7.5CVSS0.00267EPSS

Exploits0References1

Cvelist•added 2026/06/15 8:18 p.m.•26 views

CVE-2026-42752 WordPress Stripe Payments plugin <= 2.0.98 - Bypass Vulnerability vulnerability

Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...

6.5CVSS0.00222EPSS

Exploits0References1

EUVD•added 2026/06/15 8:18 p.m.•5 views

EUVD-2026-36838

Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...

6.5CVSS5.2AI score0.00222EPSS

Exploits0References1

EUVD•added 2026/06/15 8:18 p.m.•6 views

EUVD-2026-36827

Unauthenticated Bypass Vulnerability in Event Tickets = 5.27.5 versions...

6.5CVSS5.2AI score0.00316EPSS

Exploits0References1

Cvelist•added 2026/06/15 8:18 p.m.•26 views

CVE-2026-42662 WordPress Event Tickets plugin <= 5.27.5 - Bypass Vulnerability vulnerability

Unauthenticated Bypass Vulnerability in Event Tickets = 5.27.5 versions...

6.5CVSS0.00316EPSS

Exploits0References1

Cvelist•added 2026/06/15 8:18 p.m.•27 views

CVE-2026-42655 WordPress Best Payments Plugin for WP plugin <= 4.6.19 - Payment Bypass vulnerability

Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP = 4.6.19 versions...

5.9CVSS0.00249EPSS

Exploits0References1

CVE•added 2026/06/15 8:17 p.m.•13 views

CVE-2026-27089

WPTravelly plugin for WordPress, versions

7.5CVSS5.2AI score0.00267EPSS

Exploits0References1

GithubExploit•added 2026/06/15 5:6 a.m.•120 views

Exploit for CVE-2026-10795

CVE Lab: CVE-2026-10795 - UpdraftPlus UpdraftCentral RPC Authe...

8.1CVSS6.6AI score0.0298EPSS

Positive Technologies•added 2026/06/15 12:0 a.m.•7 views

PT-2026-49453

Unauthenticated Bypass Vulnerability in Event Tickets = 5.27.5 versions...

6.5CVSS5.2AI score0.00316EPSS

Exploits0References2

Positive Technologies•added 2026/06/15 12:0 a.m.•8 views

PT-2026-49464

Unauthenticated Bypass Vulnerability in Stripe Payments = 2.0.98 versions...

6.5CVSS5.2AI score0.00222EPSS

Exploits0References2

Positive Technologies•added 2026/06/15 12:0 a.m.•8 views

PT-2026-49359

Unauthenticated Bypass Vulnerability in WpTravelly = 2.1.7 versions...

7.5CVSS5.2AI score0.00267EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by