CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

102 matches found

Positive Technologies•added 2026/05/28 12:0 a.m.•5 views

PT-2026-44173

The Rocket.Chat DDP method autoTranslate.translateMessage in versions 8.5.0, 8.4.2, 8.3.4, 8.2.4, 8.1.5, 8.0.5, 7.13.8, and 7.10.12 accepts a client-supplied IMessage object and passes it directly to translateMessage without checking Meteor.userId or verifying room membership. Any authenticated D...

7.5CVSS7.1AI score0.00042EPSS

Exploits0References3

CNNVD•added 2026/05/28 12:0 a.m.•4 views

AutoGPT 安全漏洞

AutoGPT is an open-source tool developed by AutoGPT. It aims to make AI accessible and usable for everyone. Versions of AutoGPT prior to 0.6.59 contained a security vulnerability. This vulnerability stemmed from the POST /api/blocks/blockid/execute endpoint, which allowed unlimited free execution...

5.4CVSS5.9AI score0.00065EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 3:2 p.m.•3 views

CVE-2026-32238

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.2 contain a Command injection vulnerability in the backup functionality that can be exploited by authenticated attackers. The vulnerability exists due to insufficient...

9.1CVSS5.8AI score0.00101EPSS

Exploits3References1

Vulnrichment•added 2026/03/26 12:45 p.m.•1 views

CVE-2025-55277 HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability

HCL Aftermarket DPC is affected by Use of Vulnerable/Outdated Versions vulnerability using which an attacker may make use of the exploits available across the internet and craft attacks against the application...

2.6CVSS5.8AI score0.00023EPSS

Exploits0References1

CNNVD•added 2026/02/19 12:0 a.m.•3 views

WordPress plugin GDPR Cookie Consent 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.5CVSS5.8AI score0.00059EPSS

Exploits0References3

Vulnrichment•added 2025/12/15 8:21 p.m.•1 views

CVE-2025-64725 Weblate has improper validation upon invitation acceptance

Weblate is a web based localization tool. In versions prior to 5.15, it was possible to accept an invitation opened by a different user. Version 5.15. contains a patch. As a workaround, avoid leaving one's Weblate sessions with an invitation opened unattended...

1CVSS6.4AI score0.00013EPSS

Exploits0References4

CNNVD•added 2025/11/26 12:0 a.m.•1 views

DB Electronica Mozart FM Transmitter 安全漏洞

The DB Electronica Mozart FM Transmitter is a line of professional-grade FM radio transmitters from the Italian company DB Electronica. A security vulnerability exists in DB Electronica Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, and 7000 that originates fr...

9.9CVSS7.7AI score0.00553EPSS

Exploits1References2

CNNVD•added 2025/11/08 12:0 a.m.•2 views

Soft Serve 安全漏洞

Soft Serve is a self-hostable command-line Git server from Charm Open Source. A security vulnerability exists in Soft Serve versions prior to 0.10.0, which stems from not removing ANSI escape sequences and not cleaning up git messages, which could lead to a fake alert attack...

4.6CVSS6.3AI score0.00032EPSS

Exploits0References3