Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Snyk
Snykadded 2026/03/23 6:14 p.m.1 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization due to missing enforcement of organization scopes in the zitadel process. An attacker can gain unauthorized access to resources or perform actions outside their permitted organization by exploiting this lack of sco...

6.9CVSS6.4AI score0.00077EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/03/11 6:45 a.m.2 views

CVE-2026-3534

The Astra theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ast-page-background-meta and ast-content-background-meta post meta fields in all versions up to, and including, 4.12.3. This is due to insufficient input sanitization on meta registration and missing output escapin...

6.4CVSS5.9AI score0.00054EPSS
Exploits0References7
CNNVD
CNNVDadded 2026/03/11 12:0 a.m.4 views

WordPress plugin Astra 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.7AI score0.00054EPSS
Exploits0References6
OSV
OSVadded 2026/03/04 10:9 p.m.2 views

CVE-2026-29086 Hono: Cookie Attribute Injection via Unsanitized domain and path in setCookie()

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to version 4.12.4, the setCookie utility did not validate semicolons ;, carriage returns \r, or newline characters \n in the domain and path options when constructing the Set-Cookie header. Because cookie...

5.4CVSS5.8AI score0.0004EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2026/01/16 12:0 a.m.1 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001226)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001226 advisory. The ip6find1stfragopt function in net/ipv6/outputcore.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service integer overflow and...

5.5CVSS6.5AI score0.00072EPSS
Exploits0References15
OPENSUSE Linux
OPENSUSE Linuxadded 2020/06/16 12:0 a.m.59 views

Security update for xen (important)

openSUSE Security Update: Security update for xen Announcement ID: openSUSE-SU-2020:0818-1 Rating: important References: 1027519 1157490 1167007 1172205 Cross-References: CVE-2020-0543 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has three fixes is now...

5.5CVSS6.3AI score0.00481EPSS
Exploits0References4
Rows per page
Query Builder