CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

9.8CVSS6.3AI score0.0026EPSS

CVE-2026-8633

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to remote code execution in the Web Server Plug-ins, through a specially crafted request...

8.8CVSS5.5AI score0.00017EPSS

CVE-2026-8604

In ScadaBR version 1.2.0, a CSRF vulnerability could allow an attacker to trigger any authenticated action through a victim's session by luring any logged-in user to a malicious webpage...

RedhatCVE•added 3 days ago•7 views

CVE-2026-8178

An issue exists in Amazon Redshift JDBC Driver versions prior to 2.2.2. Under certain conditions, the driver could load and execute arbitrary classes when processing JDBC connection URL parameters. An actor who can influence the connection URL could potentially execute code in the application...

9.2CVSS5.9AI score0.00029EPSS

7.2CVSS5.8AI score0.01456EPSS

CVE-2026-8051

OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

RedhatCVE•added 3 days ago•4 views

CVE-2026-8671

Insertion of sensitive information into log file vulnerability in syslink software AG Avantra on Linux, Windows allows Resource Leak Exposure. This issue affects Avantra: before 25.3.0...

7.5CVSS5.4AI score0.00032EPSS

7.5CVSS5.5AI score0.0041EPSS

CVE-2026-35485

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in loadgrammar allows reading any file on the server filesystem with no extension restriction. Gradio does not server-side validate dropdown value...

8.8CVSS5.3AI score0.00027EPSS

CVE-2026-8428

Concrete CMS 9.5.0 and below emits a CSRF token in the localavailableupdate.php view $token-output'doupdate' but the corresponding doupdate method in concrete/controllers/singlepage/dashboard/system/update/update.php never calls $this-token-validate'doupdate'. The form is rendered as a POST form,...

7.5CVSS7.1AI score0.00028EPSS

CVE-2026-35230

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

9.3CVSS5.5AI score0.00087EPSS

CVE-2026-35087

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command. This issue was fixed in versions below: - NCP: version 1.24.0250 - IPx series: version 6.61.0040 - CCT-1668: version...

7.2CVSS5.5AI score0.00035EPSS

CVE-2026-35476

InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, a non-staff authenticated user can elevate their account to a staff level via a POST request against their user account endpoint. The write permissions on the API endpoint are improperly configured, allowing any us...

7.5CVSS7.3AI score0.00028EPSS

CVE-2026-35246

8.8CVSS5.5AI score0.00058EPSS

CVE-2026-35397

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authenticated user to escape the configured rootdir and access sibling directories whose names begin with the same prefix as the rootdir. For exampl...

Exploits2References1

8.7CVSS5.5AI score0.00098EPSS

CVE-2026-35672

phpMyFAQ before 4.1.3 contains an authentication bypass vulnerability in API v4.0 where the default empty api.apiClientToken allows unauthenticated users to create and modify FAQ entries. Attackers can send an empty x-pmf-token header to bypass token validation and inject malicious content via PO...

7.5CVSS7.3AI score0.00028EPSS

CVE-2026-35242

9.3CVSS5.5AI score0.0003EPSS

CVE-2026-35589

nanobot is a personal AI assistant. Versions prior to 0.1.5 contain a Cross-Site WebSocket Hijacking CSWSH vulnerability exists in the bridge's WebSocket server in bridge/src/server.ts, resulting from an incomplete remediation of CVE-2026-2577. The original fix changed the binding from 0.0.0.0 to...

RedhatCVE•added 3 days ago•7 views

CVE-2026-35033

Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain an unauthenticated arbitrary file read vulnerability via ffmpeg argument injection through the StreamOptions query parameter parsing mechanism. The ParseStreamOptions method in StreamingHelpers.cs adds any...

9.3CVSS5.5AI score0.0011EPSS

8.8CVSS5.9AI score0.00261EPSS

CVE-2026-35196

Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an OS Command Injection vulnerability exists in the main/inc/ajax/gradebook.ajax.php endpoint within the exportallcertificates action, where the course code retrieved from the session variable $SESSION'cid'...

8.7CVSS5.9AI score0.00038EPSS

CVE-2026-35574

ChurchCRM is an open-source church management system. Prior to 6.5.3, a stored Cross-Site Scripting XSS vulnerability in ChurchCRM's Note Editor allows authenticated users with note-adding permissions to execute arbitrary JavaScript code in the context of other users' browsers, including...

8.2CVSS5.4AI score0.00069EPSS

CVE-2026-35604

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.1, when an admin revokes a user's Share and Download permissions, existing share links created by that user remain fully accessible to...