Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2026/04/29 12:30 a.m.1 views

GHSA-R727-5PF6-47R2 Elastic Package Registry has Improper Verification of Cryptographic Signature

Improper Verification of Cryptographic Signature CWE-347 in Elastic Package Registry could allow an attacker positioned to intercept network traffic, or to otherwise influence the contents served to a self-hosted registry, to substitute a tampered package without the integrity check failing close...

5.9CVSS5.8AI score0.00124EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/01/22 12:0 a.m.5 views

sm-crypto data forgery vulnerability

sm-crypto is an encryption algorithm developed by June01, a personal developer. Versions of sm-crypto prior to 0.4.0 had a data forgery vulnerability. This vulnerability stemmed from defects in the SM2 signature verification logic, which could lead to signature forgery...

7.5CVSS5.8AI score0.00194EPSS
Exploits0References2
Cvelist
Cvelistadded 2024/07/25 1:26 p.m.26 views

CVE-2024-36111 KubePi's JWT token validation has a defect

KubePi is a K8s panel. Starting in version 1.6.3 and prior to version 1.8.0, there is a defect in the KubePi JWT token verification. The JWT key in the default configuration file is empty. Although a random 32-bit string will be generated to overwrite the key in the configuration file when the ke...

6.3CVSS0.08388EPSS
Exploits0References1
Rows per page
Query Builder