Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8731 matches found

Positive Technologies
Positive Technologiesadded 2026/03/25 12:0 a.m.3 views

PT-2026-28051

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in nK Visual Portfolio, Photo Gallery & Post Grid visual-portfolio allows PHP Local File Inclusion.This issue affects Visual Portfolio, Photo Gallery & Post Grid: from n/a through =...

5.8AI score0.003EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/03/25 12:0 a.m.3 views

WordPress plugin Visual Portfolio, Photo Gallery & Post Grid 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

7.5CVSS5.8AI score0.003EPSS
Exploits0References1
GithubExploit
GithubExploitadded 2026/03/24 2:49 p.m.145 views

ide-task-rce

⚡ IDE Folder-Open RCE: Automatic Task Execution Vulnerability...

6.6AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/24 7:29 a.m.6 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/crypto which is vulnerable to CVE-2025-47914, CVE-2025-58181

Summary IBM Maximo Application Suite - Visual Inspection component uses golang.org/x/crypto which is vulnerable to CVE-2025-47914, CVE-2025-58181 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-47914 DESCRIPTION: SSH Agent...

5.3CVSS6.7AI score0.00512EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/24 7:28 a.m.1 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.2.tgz which is vulnerable to CVE-2026-23950

Summary IBM Maximo Application Suite - Visual Inspection component uses tar-7.5.2.tgz which is vulnerable to CVE-2026-23950. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-23950 DESCRIPTION: node-tar,a Tar for Node.js, has ...

8.8CVSS6.1AI score0.00153EPSS
Exploits1Affected Software1
Packet Storm News
Packet Storm Newsadded 2026/03/24 12:0 a.m.2 views

Agent Audit: A Security Analysis System for LLM Agent Applications

What should a developer inspect before deploying an LLM agent: the model, the tool code, the deployment configuration, or all three? In practice, many security failures in agent systems arise not from model weights alone, but from the surrounding software stack: tool functions that pass untrusted...

5.9AI score
Exploits0
The Hacker News
The Hacker Newsadded 2026/03/23 6:9 p.m.2 views

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious Microsoft Visual Studio Code VS Code projects. The use of VS Code "tasks.json" to distribute malware...

6.3AI score
Exploits0
Packet Storm News
Packet Storm Newsadded 2026/03/22 12:0 a.m.4 views

When the Abyss Looks Back: Unveiling Evolving Dark Patterns in Cookie Consent Banners

To comply with data protection regulations such as the EU General Data Protection Regulation GDPR and the California Consumer Privacy Act CCPA, websites widely deploy cookie consent banners to collect users' privacy preferences. In practice, however, these interfaces often embed dark patterns tha...

5.8AI score
Exploits0
Patchstack
Patchstackadded 2026/03/20 2:16 p.m.5 views

WordPress Visual Portfolio, Photo Gallery & Post Grid plugin <= 3.5.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Visual Portfolio, Photo Gallery & Post Grid versions = 3.5.1...

7.5CVSS5.8AI score0.003EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/20 11:43 a.m.9 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses node-tar which is vulnerable to CVE-2026-23745

Summary IBM Maximo Application Suite - Visual Inspection component uses node-tar which is vulnerable to CVE-2026-23745, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-23745 DESCRIPTION: node-tar is a Tar for Node.js. The...

8.2CVSS6.7AI score0.00308EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/20 10:42 a.m.7 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses filelock which is vulnerable to CVE-2025-68146

Summary IBM Maximo Application Suite - Visual Inspection component uses filelock which is vulnerable to CVE-2025-68146, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-68146 DESCRIPTION: filelock is a platform-independent fi...

6.5CVSS7.4AI score0.00184EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/20 10:10 a.m.6 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pyasn1 which is vulnerable to CVE-2026-23490

Summary IBM Maximo Application Suite - Visual Inspection component uses pyasn1 which is vulnerable to CVE-2026-23490 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-23490 DESCRIPTION: pyasn1 is a generic ASN.1 library for...

7.5CVSS6.9AI score0.00491EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/17 12:0 p.m.7 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection Component uses urllib3 dependency which is vulnerable to CVE-2026-21441.

Summary IBM Maximo Application Suite - Visual Inspection Component uses urllib3 dependency which is vulnerable to CVE-2026-21441.This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-21441 DESCRIPTION: urllib3 is an HTTP client...

8.9CVSS7.4AI score0.00524EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/17 11:59 a.m.12 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection Component uses fontTools dependency which is vulnerable to CVE-2025-66034.

Summary IBM Maximo Application Suite - Visual Inspection Component uses fontTools dependency which is vulnerable to CVE-2025-66034. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-66034 DESCRIPTION: fontTools is a library fo...

9.8CVSS6.4AI score0.00487EPSS
Exploits9Affected Software1
IBM Security Bulletins
IBM Security Bulletinsadded 2026/03/17 6:42 a.m.3 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection Component uses Starlette dependency which is vulnerable to CVE-2025-62727.

Summary IBM Maximo Application Suite - Visual Inspection Component uses Starlette dependency which is vulnerable to CVE-2025-62727. This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2025-62727 DESCRIPTION: Starlette is a lightweigh...

7.5CVSS5.9AI score0.00597EPSS
Exploits0Affected Software1
GithubExploit
GithubExploitadded 2026/03/15 4:36 p.m.121 views

Exploit for Type Confusion in Apple Ipados

🛡️ corunaanalysis - Understand Malware Exploit Behavior Simpl...

8.8CVSS5.8AI score0.10593EPSS
Exploits6
Tenable Nessus
Tenable Nessusadded 2026/03/15 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: vim (UTSA-2026-006151)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006151 advisory. When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end...

5.5CVSS6.1AI score0.00367EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/03/13 9:43 p.m.33 views

CVE-2026-32732 XSS in @leanprover/unicode-input-component

Lean 4 VS Code Extension is a Visual Studio Code extension for the Lean 4 proof assistant. Projects that use @leanprover/unicode-input-component are vulnerable to an XSS exploit in 0.1.9 of the package and lower. The component re-inserted text in the input element back into the input element as...

0.00327EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/03/13 9:43 p.m.5 views

CVE-2026-32732 XSS in @leanprover/unicode-input-component

Lean 4 VS Code Extension is a Visual Studio Code extension for the Lean 4 proof assistant. Projects that use @leanprover/unicode-input-component are vulnerable to an XSS exploit in 0.1.9 of the package and lower. The component re-inserted text in the input element back into the input element as...

5.7AI score0.00327EPSS
Exploits0References3
CVE
CVEadded 2026/03/13 9:43 p.m.20 views

CVE-2026-32732

CVE-2026-32732 describes an XSS issue in Lean 4 VS Code Extension caused by the @leanprover/unicode-input-component. The component re-inserted text into the input element as unescaped HTML, making versions 0.1.9 and earlier vulnerable. The issue affects projects using the affected component and c...

5.7AI score0.00327EPSS
Exploits0References3
Rows per page
Query Builder