CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

77 matches found

CVE•added 2026/02/19 12:0 a.m.•8 views

CVE-2026-26744

FormaLMS 4.1.18 and earlier is affected by a user-enumeration flaw in the password-recovery endpoint (/lostpwd). The app returns different error messages for valid versus invalid usernames, enabling unauthenticated attackers to determine registered usernames via observable responses. The descript...

5.3CVSS5.5AI score0.00043EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2026/01/09 12:41 p.m.•5 views

CVE-2023-25192

AMI MegaRAC SPX devices allow User Enumeration through Redfish. The fixed versions are SPx12-update-7.00 and SPx13-update-5.00...

5.3CVSS7AI score0.00363EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:31 p.m.•6 views

CVE-2023-40765

User enumeration is found in PHPJabbers Event Booking Calendar v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

9.8CVSS7AI score0.00134EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:30 p.m.•7 views

CVE-2023-40761

User enumeration is found in PHPJabbers Yacht Listing Script v2.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

9.8CVSS7AI score0.00123EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:29 p.m.•7 views

CVE-2023-40757

User enumeration is found in PHPJabbers Food Delivery Script v3.1. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

9.8CVSS7AI score0.00123EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:48 a.m.•6 views

CVE-2020-24008

Umanni RH 1.0 has a user enumeration vulnerability. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

5.3CVSS7AI score0.00198EPSS

Exploits1References1