Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/04/02 12:0 a.m.2 views

Kiro IDE 安全漏洞

Kiro IDE is an integrated development environment developed by Kiro as open source. Versions of Kiro IDE prior to 0.8.140 contained security vulnerabilities. These vulnerabilities stemmed from uncleaned inputs during the webview generation in the Kiro Agent, which could allow remote, unverified...

7.8CVSS6.2AI score0.00027EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/01/19 12:0 a.m.1 views

SiYuan cross-site scripting vulnerabilities

SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan itself. Versions of SiYuan prior to 3.5.4 contained a cross-site scripting vulnerability. This vulnerability stemmed from the /api/icon/getDynamicIcon endpoint’s improper handling of uncleaned SVG inputs, which...

6.1CVSS5.7AI score0.00065EPSS
Exploits1References4
CNNVD
CNNVDadded 2025/12/19 12:0 a.m.1 views

Foxit PDF Editor 安全漏洞

Foxit PDF Editor is a PDF editor from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Editor that stems from improperly cleaned inputs in the page template feature, which could lead to stored cross-site scripting...

6.3CVSS6.1AI score0.00026EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/07/07 12:0 a.m.3 views

Lunary 跨站脚本漏洞

Lunary is a production toolkit for LLMs open sourced by Lunary. A cross-site scripting vulnerability exists in Lunary versions prior to 1.9.24, which stems from uncleaned v1/runs/ingest endpoint inputs, and could lead to a stored cross-site scripting attack...

9.1CVSS8.6AI score0.0056EPSS
Exploits1References3
CNNVD
CNNVDadded 2025/03/06 12:0 a.m.1 views

EPICOR Prophet 21 安全漏洞

EPICOR Prophet 21 is an enterprise resource planning software from EPICOR, Inc. that is used for enterprise resource management, pricing, and other operations. A security vulnerability exists in EPICOR Prophet 21 version 23.2.5232 and prior versions, which stems from uncleaned user input fields a...

8.1CVSS7.3AI score0.00082EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/01/20 12:0 a.m.1 views

act 路径遍历漏洞

github act is a tool for running GitHub Actions locally. act suffers from a path traversal vulnerability that stems from the fact that path inputs are not cleaned up, leading to privilege escalation...

8.8CVSS7.9AI score0.01488EPSS
Exploits1References8
CNNVD
CNNVDadded 2023/01/13 12:0 a.m.1 views

gatsby 跨站脚本漏洞

gatsby is a software application. A free open source framework based on React that helps developers build extremely fast websites and applications. A cross-site scripting vulnerability exists in gatsby versions prior to 5.25.1 and 6.x prior to 6.3.2, which stems from a lack of cleanup of inputs a...

8.1CVSS6.3AI score0.00309EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/08/22 12:0 a.m.2 views

WordPress plugin Feed Them Social 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.1CVSS5.8AI score0.06392EPSS
Exploits2References2
Rows per page
Query Builder