Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/04/23 7:33 p.m.1 views

EUVD-2026-25291

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the password reset functionality on cloud.flowiseai.com sends a reset password link over the unsecured HTTP protocol instead of HTTPS. This behavior introduces the risk of a man-in-the-middle...

7.5CVSS5.8AI score0.00028EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/04/23 7:33 p.m.23 views

CVE-2026-41275 Flowise: Password Reset Link Sent Over Unsecured HTTP

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the password reset functionality on cloud.flowiseai.com sends a reset password link over the unsecured HTTP protocol instead of HTTPS. This behavior introduces the risk of a man-in-the-middle...

7.5CVSS0.00028EPSS
Exploits1References2
Github Security Blog
Github Security Blogadded 2026/04/16 9:53 p.m.2 views

Flowise: Password Reset Link Sent Over Unsecured HTTP

Summary: The password reset functionality on cloud.flowiseai.com sends a reset password link over the unsecured HTTP protocol instead of HTTPS. This behavior introduces the risk of a man-in-the-middle MITM attack, where an attacker on the same network as the user e.g., public Wi-Fi can intercept...

7.5CVSS5.8AI score0.00028EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2025/12/16 6:16 a.m.5 views

CVE-2025-62330

CVE-2025-62330 affects HCL DevOps Deploy. The vulnerability arises from cleartext transmission due to the HTTP port remaining accessible and not redirecting to HTTPS, enabling an attacker with network access to intercept or modify user credentials and session data via passive monitoring or MITM-s...

5.9CVSS6.2AI score0.00016EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2025/10/22 8:14 a.m.2 views

EUVD-2025-35344

The communication protocol implemented in Ghost Robotics Vision 60 v0.27.2 could allow an attacker to send commands to the robot from an external attack station, impersonating the control station tablet and gaining unauthorised full control of the robot. The absence of encryption and authenticati...

9.2CVSS6.8AI score0.00037EPSS
Exploits0References2
OpenVAS
OpenVASadded 2020/08/27 12:0 a.m.33 views

Chargen Service Detection (UDP)

UDP based detection of a SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.108894";...

7AI score0.00918EPSS
Exploits0
OpenVAS
OpenVASadded 2009/03/12 12:0 a.m.40 views

RPC Portmapper Service Detection (UDP)

UDP based detection of a RPC portmapper service. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3CVSS6.5AI score0.00875EPSS
Exploits0References2
Rows per page
Query Builder