Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/06/05 7:20 p.m.7 views

CVE-2026-41886

locize is a localization platform that connects code and i18n setup. Prior to version 4.0.21, the locize client SDK registers a window.addEventListener"message", … handler that dispatches to registered internal handlers editKey, commitKey, commitKeys, isLocizeEnabled, requestInitialize, … without...

7.5CVSS5.5AI score0.00101EPSS
Exploits0References1
Patchstack
Patchstackadded 2026/03/18 1:6 p.m.5 views

WordPress Ultimate Post Kit plugin <= 4.0.21 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Ultimate Post Kit versions = 4.0.21...

6.4CVSS5.8AI score0.00245EPSS
Exploits0Affected Software1
NVD
NVDadded 2025/10/31 12:15 a.m.6 views

CVE-2025-52665

A malicious actor with access to the management network could exploit a misconfiguration in UniFi’s door access application, UniFi Access, that exposed a management API without proper authentication. This vulnerability was introduced in Version 3.3.22 and was fixed in Version 4.0.21 and later. ...

10CVSS0.39824EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/10/23 12:0 a.m.6 views

PT-2025-43553

Name of the Vulnerable Software and Affected Versions UniFi Access Application versions 3.3.22 through 3.4.31 Description A misconfiguration in the UniFi Access application exposes a management API without proper authentication. An attacker with access to the management network could exploit this...

10CVSS9.3AI score0.39824EPSS
Exploits0References31
Positive Technologies
Positive Technologiesadded 2021/04/12 12:0 a.m.3 views

PT-2021-2652 · Mongodb · Mongodb Database Tools

Name of the Vulnerable Software and Affected Versions: MongoDB Database Tools versions 3.6.6 through 3.6.20 MongoDB Database Tools versions prior to 3.6.21 MongoDB Database Tools versions prior to 4.0.21 MongoDB Database Tools versions prior to 4.2.11 MongoDB Database Tools 100 versions prior to...

6.5CVSS7.3AI score0.00691EPSS
Exploits0References12
Packet Storm
Packet Stormadded 2018/01/11 12:0 a.m.62 views

Joomla! Easydiscuss Cross Site Scripting

Exploit Title: Joomla Plugin Easydiscuss inside the body, everything after the will be executed in the useras browser. Works with every version up to 4.0.20 2. Proof of Concept Login with permissions to post a message, insert in the body and add any html code after that, whenever a user tries to...

5.9AI score0.01611EPSS
Exploits5
OpenVAS
OpenVASadded 2008/09/24 12:0 a.m.20 views

Gentoo Security Advisory GLSA 200410-22 (MySQL)

The remote host is missing updates announced in advisory GLSA 200410-22. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.5AI score0.22352EPSS
Exploits3References4
Rows per page
Query Builder