CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6477 matches found

Gradio - Open Redirect

An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The vulnerability allows an attacker to redirect users to arbitrary websites, which can be exploited for phishing attacks, Cross-site Scripting XSS, Server-Side Request Forgery SSRF, amongst others. This...

6.1CVSS6.2AI score0.01021EPSS

Exploits1References1

Nuclei•added 2026/06/16 7:13 a.m.•47 views

Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution

Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because the software improperly validates user-supplied input. An...

10CVSS8.5AI score0.98092EPSS

Exploits12References5

Ubuntu•added 2026/06/11 3:20 p.m.•6 views

USN-8424-1: Ubuntu Kylin Software Center vulnerability

It was discovered that Ubuntu Kylin Software Center incorrectly handled user-supplied input in its D-Bus service. A local attacker could possibly use this issue to gain administrative privileges...

5.5AI score

Exploits0References1

CNNVD•added 2026/06/09 12:0 a.m.•10 views

Spring Framework 安全漏洞

The Spring Framework is an application development framework developed by Spring in a open-source manner. Versions of the Spring Framework such as 7.0.0 and earlier, 6.2.0 and earlier, 6.1.0 and earlier, and 5.3.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the...

7.5CVSS5.3AI score0.0036EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:13 p.m.•5 views

CVE-2026-40383

An improper validation of user-supplied input leads to a local file inclusion vulnerability...

9.8CVSS5.4AI score0.00482EPSS

Exploits0References1

Positive Technologies•added 2026/05/26 12:0 a.m.•11 views

PT-2026-43295

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Improper validation of user-supplied input leads to a local file inclusion, which allows an attacker to include files on the local server. Recommendations At the...

9.8CVSS5.8AI score0.00482EPSS

Exploits0References4

Snyk•added 2026/04/29 8:23 p.m.•4 views

Cross-site Scripting (XSS)

Overview phpoffice/phpspreadsheet is a Spreadsheet engine that Read, Create and Write Spreadsheet documents in PHP . Affected versions of this package are vulnerable to Cross-site Scripting XSS through the Reader\Xml process when processing SpreadsheetML XML files containing a crafted ss:Index...

8.7CVSS5.5AI score0.00395EPSS

Exploits1References2

Positive Technologies•added 2026/03/19 12:0 a.m.•11 views

PT-2026-26477

Name of the Vulnerable Software and Affected Versions DiceBear versions prior to 5.4.4 DiceBear versions 6.1.4 and earlier DiceBear versions 7.1.4 and earlier DiceBear versions 8.0.3 and earlier DiceBear versions 9.4.1 and earlier Description The software does not properly escape SVG attribute...

4.7CVSS5.8AI score0.00181EPSS

Exploits0References4