CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/05/30 2:55 p.m.•15 views

CVE-2018-25419

AiOPMSD Final 1.0.0 is affected by an SQL injection in genre.php. The vulnerability allows unauthenticated attackers to send crafted SQL payloads via the genre parameter in GET requests to extract sensitive data (usernames, databases, version details). CVSS metrics are provided (3.1: 8.2 High; 4....

8.8CVSS6.1AI score0.0009EPSS

Exploits0References4

EUVD•added 2026/05/30 2:55 p.m.•6 views

EUVD-2018-21935

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'q' parameter. Attackers can send GET requests to search.php with crafted SQL payloads to extract sensitive database informati...

8.8CVSS6.1AI score0.0009EPSS

Exploits0References4

CNNVD•added 2026/05/22 12:0 a.m.•6 views

authentik 安全漏洞

Authentik is an open-source identity provisioning application developed by Authentik. Versions of Authentik prior to 2025.12.5, as well as versions from 2026.2.0-rc1 to 2026.2.2, contained security vulnerabilities. These vulnerabilities stemmed from the fact that the API response for GET...

7.1CVSS5.8AI score0.00011EPSS

Cvelist•added 2026/05/14 5:37 a.m.•34 views

CVE-2025-14870 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted JSON payloads due to insufficient input validation...

7.5CVSS0.0005EPSS

CNNVD•added 2026/04/23 12:0 a.m.•6 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.31 contained security vulnerabilities. These vulnerabilities stemmed from a flaw in the bootstrap JSON data used as a control interface, which allowed information leakage. This...

6.9CVSS5.8AI score0.00041EPSS

ATTACKERKB•added 2026/03/26 12:55 p.m.•0 views

CVE-2025-55272

HCL Aftermarket DPC is affected by Banner Disclosure vulnerability where attackers gain insights into the system’s software and version details which would allow them to craft software specific attacks...

3.1CVSS5.8AI score0.00013EPSS

Exploits0References2Affected Software1

OSV•added 2026/02/09 4:15 a.m.•1 views

CVE-2025-66604

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. The library version could be displayed on the web page. This information could be exploited by an attacker for other attacks. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN,...

5.3CVSS5.7AI score

Vulnrichment•added 2026/02/09 3:14 a.m.•3 views

CVE-2025-66604

2.1CVSS5.3AI score0.00018EPSS

ATTACKERKB•added 2026/02/09 3:14 a.m.•3 views

CVE-2025-66604

2.1CVSS5.3AI score0.00018EPSS

CNNVD•added 2026/02/09 12:0 a.m.•3 views

Yokogawa FAST/TOOLS 安全漏洞

Yokogawa FAST/TOOLS is a real-time operation management and visualization software developed by Yokogawa Electric Corporation. There are security vulnerabilities in the Yokogawa FAST/TOOLS R9.01 version up to R10.04. These vulnerabilities stem from the possibility of the library version being...

5.3CVSS5.7AI score0.00018EPSS

Positive Technologies•added 2026/02/09 12:0 a.m.•4 views

PT-2026-7052

2.1CVSS5.3AI score0.00018EPSS

NVD•added 2025/10/31 6:15 a.m.•1 views

CVE-2025-58152

FutureNet MA and IP-K series provided by Century Systems Co., Ltd. put the firmware version and the garbage collection information on the internal web page. With some crafted HTTP request, they can be accessed without authentication...

6.9CVSS0.00069EPSS

CNNVD•added 2025/10/27 12:0 a.m.•5 views

PILOS 安全漏洞

PILOS is an open source front-end software from THM. A security vulnerability exists in PILOS versions prior to 4.8.0, which stems from exposing PHP version information that could lead to server fingerprinting and information disclosure...

5.3CVSS6.4AI score0.00042EPSS

OSV•added 2025/10/13 9:33 p.m.•3 views

CVE-2025-62362 Name and e-mail of employee that has done a publication is discoverable in gpp-burgerportaal

gpp-burgerportaal is a Dutch government citizen portal application. In versions before 2.0.3, 3.0.2, and 4.0.1, the name and email address of employees who publish content are exposed in network responses and can be discovered by viewing the browser's developer tools network tab. This information...

6.9CVSS6.3AI score0.00062EPSS

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-26188

Malware in sbrugna...

4.3CVSS4.8AI score0.00119EPSS