Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

180 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.7 views

EUVD-2023-1803

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.0014EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-1697

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00189EPSS
Exploits0References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2024-1203

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00202EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2025-27271

Malicious code in bioql PyPI...

8.6CVSS6.3AI score0.00054EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-55657

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00343EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2024-54665

Malicious code in bioql PyPI...

5.4CVSS6.3AI score0.00481EPSS
Exploits3References4
CVE
CVEadded 2025/10/03 8:3 p.m.12 views

CVE-2025-59829

CVE-2025-59829 affects Claude Code (Anthropic) prior to version 1.0.120. The root cause is improper handling of symbolic links when evaluating permission-deny rules, enabling a user-denied file to be accessed via a symlink pointing to that file. The issue is fixed in 1.0.120. Impact is exposure o...

6.5CVSS6.4AI score0.00064EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/10/03 8:3 p.m.4 views

CVE-2025-59829 Claude Code: Permission deny bypass is possible through symlink

Claude Code is an agentic coding tool. Versions below 1.0.120 failed to account for symlinks when checking permission deny rules. If a user explicitly denied Claude Code access to a file and Claude Code had access to a symlink pointing to that file, it was possible for Claude Code to access the...

2.3CVSS6.4AI score0.00064EPSS
Exploits0References1
Amazon
Amazonadded 2025/09/29 12:0 a.m.2 views

Medium: perl-JSON-XS

Issue Overview: JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact CVE-2025-40928 Affected Packages: perl-JSON-XS Issue Correction: Run dnf update perl-JSON-XS --releasev...

7.5CVSS7.3AI score0.00209EPSS
Exploits0
Github Security Blog
Github Security Blogadded 2025/09/24 6:57 p.m.7 views

Claude Code Vulnerable to Arbitrary Code Execution via Plugin Autoloading with Specific Yarn Versions

When using Claude Code with Yarn installed, Yarn config files can trigger code execution when running yarn --version. This could lead to a bypass of the directory trust dialog in Claude Code, as plugins and yarnPath could be executed prior to the user accepting the risks of working in an untruste...

9.8CVSS7.3AI score0.00098EPSS
Exploits0References6Affected Software1
Amazon
Amazonadded 2025/09/15 12:0 a.m.3 views

Important: kernel-livepatch-6.1.141-155.222

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ACPICA: Refuse to evaluate a method if arguments are missing CVE-2025-38386 Affected Packages: kernel-livepatch-6.1.141-155.222 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

5.5CVSS6.4AI score0.00051EPSS
Exploits0
Amazon
Amazonadded 2025/09/15 12:0 a.m.4 views

Medium: gstreamer1-plugins-base

Issue Overview: In GStreamer through 1.26.1, the subparse plugin's parsesubriptime function may write data past the bounds of a stack buffer, leading to a crash. CVE-2025-47806 In GStreamer through 1.26.1, the subparse plugin's subripunescapeformatting function may dereference a NULL pointer whil...

5.6CVSS6.9AI score0.00448EPSS
Exploits3
Positive Technologies
Positive Technologiesadded 2025/09/10 12:0 a.m.2 views

PT-2025-37055

Name of the Vulnerable Software and Affected Versions: Claude Code versions prior to 1.0.105 Description: Claude Code is an agentic coding tool. A flaw in command parsing allowed a bypass of the Claude Code confirmation prompt, potentially triggering the execution of untrusted commands...

8.7CVSS6.7AI score0.00683EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2025/09/09 12:0 a.m.4 views

PT-2025-36567

Name of the Vulnerable Software and Affected Versions: Tautulli versions prior to 2.16.0 Description: Tautulli is a Python-based monitoring and tracking tool for Plex Media Server. The /image API endpoint is vulnerable to path traversal, allowing unauthenticated attackers to read arbitrary files...

8.6CVSS6.4AI score0.00178EPSS
Exploits1References7
OpenVAS
OpenVASadded 2025/08/27 12:0 a.m.2 views

Google Chrome Security Update (stable-channel-update-for-desktop_26-2025-08) - Windows

Google Chrome is prone to an use after free vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

8.8CVSS7AI score0.00216EPSS
Exploits1References1
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-21704

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - log4js-node is a port of log4js to node.js. In affected versions default file permissions for log files created by the file, fileSync and dateFile appenders are...

5.5CVSS6.4AI score0.00143EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2025/08/20 12:0 a.m.8 views

JVN#76729865: Multiple vulnerabilities in Movable Type

Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below. Use of less trusted source(CWE-348) CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 6.9 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score 5.3 CVE-2025-53522 Open...

6.9CVSS7.8AI score0.0005EPSS
Exploits0
Amazon
Amazonadded 2025/08/19 12:0 a.m.3 views

Important: kernel-livepatch-4.14.355-280.652

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later CVE-2022-49935 Affected Packages: kernel-livepatch-4.14.355-280.652 Issue Correction: Please ensure you have live patching enabled. Run yum update...

7.8CVSS6.7AI score0.00078EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2025/08/14 8:53 a.m.5 views

Security Bulletin: Multiple security vulnerabilities have been identified in IBM Db2 shipped with IBM Security Guardium Key Lifecycle Manager

Summary IBM Db2 is shipped as a component of IBM Security Key Lifecycle Manager SKLM/GKLM. Information about multiple security vulnerabilities affecting IBM Db2 has been published in security bulletins. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

9.8CVSS8.1AI score0.00953EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologiesadded 2025/08/14 12:0 a.m.4 views

PT-2025-33381 · Unknown · Bplugins B Blocks

Name of the Vulnerable Software and Affected Versions: bPlugins B Blocks versions through 2.0.5 Description: The software contains a DOM-Based Cross-site Scripting issue due to Improper Neutralization of Input During Web Page Generation. Recommendations: Update bPlugins B Blocks to a version late...

6.5CVSS6.8AI score0.00143EPSS
Exploits0References3
Rows per page
Query Builder