CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

103 matches found

CVE-2026-50701

A Reflected Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the dashboard-view component...

5.1CVSS

Exploits0References2

NVD•added 2 hours ago•5 views

CVE-2026-50704

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the File View breadcrumb renderer...

4.6CVSS

Exploits0References2

CVE•added 6 days ago•15 views

CVE-2026-54221

UBB.threads is affected by a Reflected XSS vulnerability (CVE-2026-54221). The issue is confirmed in version 7.7.5 and may affect other versions. The vulnerability allows an attacker to execute arbitrary JavaScript in a victim’s browser when the user clicks a crafted link, with user interaction r...

5.1CVSS5.8AI score0.00293EPSS

Exploits0References2

RedhatCVE•added 2026/06/05 7:17 p.m.•6 views

CVE-2026-6865

CWE-22: Improper Limitation of a Pathname to a Restricted Directory “Path Traversal” vulnerability that could cause unauthorized access to sensitive files when user-supplied input is improperly handled during server-side file path processing...

7.1CVSS5.5AI score0.00303EPSS

Exploits0References1

ATTACKERKB•added 2026/05/12 12:29 p.m.•4 views

CVE-2026-6865

7.1CVSS5.8AI score0.00303EPSS

Exploits0References2Affected Software2

CVE•added 2026/01/23 12:0 a.m.•13 views

CVE-2025-70458

CVE-2025-70458 affects Sourcecodester Domain Availability Checker v1.0. The DOM-based XSS exists in DomainCheckerApp (domain/script.js) where createResultElement uses unsafe innerHTML to render domain search results, enabling injection. CVSS 3.1 base score 5.4 (MEDIUM). Remediation: update to a f...

5.4CVSS5.5AI score0.00195EPSS

Exploits1References2Affected Software1

OSV•added 2025/12/16 2:8 p.m.•3 views

CVE-2025-68237 mtdchar: fix integer overflow in read/write ioctls

In the Linux kernel, the following vulnerability has been resolved: mtdchar: fix integer overflow in read/write ioctls The "req.start" and "req.len" variables are u64 values that come from the user at the start of the function. We mask away the high 32 bits of "req.len" so that's capped at U32MAX...

6.6AI score0.00156EPSS

Exploits0References8

EUVD•added 2025/12/09 6:30 p.m.•3 views

EUVD-2025-201950

SQL Injection in Frappe HelpDesk in the dashboard getdashboarddata due to unsafe concatenation of user-controlled parameters into dynamic SQL statements.This issue affects Frappe HelpDesk: 1.14.0...

8.6CVSS7.4AI score0.00468EPSS

Exploits1References4

RedhatCVE•added 2025/12/09 12:11 a.m.•3 views

CVE-2025-65540

Multiple Cross-Site Scripting XSS vulnerabilities exist in xmall v1.1 due to improper handling of user-supplied data. User input fields such as username and description are directly rendered into HTML without proper sanitization or encoding, allowing attackers to inject and execute malicious...

6.1CVSS6.1AI score0.00153EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2020-3078

Malware in sbrugna...

6.1CVSS6.3AI score0.00687EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2016-2989

Malware in sbrugna...

6.5CVSS6.6AI score0.0147EPSS

Exploits0References2