CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Markdown Explorer 0.1.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious code through file uploads and editor inputs. Attackers can upload markdown files with embedded JavaScript payloads to execute remote commands and potentially gain system access...

6.1CVSS6.5AI score0.00019EPSS

Exploits0References5

EUVD•added 2026/01/16 12:30 a.m.•1 views

EUVD-2026-3008

EUVD-2026-3008...

9.8CVSS6.4AI score0.00077EPSS

Exploits0References5

EUVD•added 2026/01/16 12:0 a.m.•2 views

EUVD-2026-2924

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub4C408 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.1AI score0.00125EPSS

Exploits1References2

EUVD•added 2026/01/06 4:31 a.m.•2 views

EUVD-2026-1079

The BuddyPress Xprofile Custom Field Types plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'deletefield' function in all versions up to, and including, 1.2.8. This makes it possible for authenticated attackers, with Subscriber-level...

7.2CVSS6.8AI score0.00374EPSS

Exploits0References4

EUVD•added 2026/01/06 12:0 a.m.•0 views

EUVD-2026-1012

DwyerOmega Isensix Advanced Remote Monitoring System ARMS 1.5.7 allows an attacker to retrieve sensitive information from the underlying SQL database via Blind SQL Injection through the user parameter in the login page. This allows an attacker to steal credentials, which may be cleartext, from...

7.5CVSS7AI score0.00025EPSS

Exploits0References5

OSV•added 2025/06/01 1:46 p.m.•1 views

MINI-73QH-2HQ7-VR8M

Bulletin has no description...

7.5CVSS8.9AI score0.00953EPSS

Exploits1

OSV•added 2025/05/29 1:8 a.m.•1 views

MINI-59C2-F442-HWVH

Bulletin has no description...

7.1CVSS8.1AI score0.00017EPSS

Exploits0