Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

235 matches found

EUVD
EUVDadded 2026/05/06 12:30 p.m.3 views

EUVD-2025-209680

In the Linux kernel, the following vulnerability has been resolved: misc: bcmvk: Fix possible null-pointer dereferences in bcmvkread In the function bcmvkread, the pointer entry is checked, indicating that it can be NULL. If entry is NULL and rc is set to -EMSGSIZE, the following code may cause...

5.8AI score0.00013EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/05/06 12:0 a.m.5 views

PT-2026-37456

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null-pointer dereference can occur in the bcm vk read function. When the entry pointer is NULL and the rc variable is set to -EMSGSIZE, the system attempts to access to h msg, usr msg...

5.5CVSS5.4AI score0.00013EPSS
Exploits0References16
RedhatCVE
RedhatCVEadded 2026/04/13 7:24 p.m.0 views

CVE-2026-39483

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hidekazu Ishikawa VK All in One Expansion Unit vk-all-in-one-expansion-unit allows Stored XSS.This issue affects VK All in One Expansion Unit: from n/a through = 9.113.3...

6.5CVSS5.8AI score0.00039EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/08 9:31 a.m.1 views

EUVD-2026-20150

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hidekazu Ishikawa VK All in One Expansion Unit vk-all-in-one-expansion-unit allows Stored XSS.This issue affects VK All in One Expansion Unit: from n/a through = 9.113.3...

5.9AI score0.00039EPSS
Exploits0References2
NVD
NVDadded 2026/04/08 9:16 a.m.0 views

CVE-2026-39483

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hidekazu Ishikawa VK All in One Expansion Unit vk-all-in-one-expansion-unit allows Stored XSS.This issue affects VK All in One Expansion Unit: from n/a through = 9.113.3...

6.5CVSS0.00039EPSS
Exploits0References1
CVE
CVEadded 2026/04/08 8:30 a.m.6 views

CVE-2026-39483

CVE-2026-39483 pertains to the WordPress VK All in One Expansion Unit plugin (versions up to 9.113.3). The Red Hat/NVD/EUVD/NVD-style records describe an stored XSS vulnerability caused by improper neutralization of user input during web page generation. Affected component is VK All in One Expans...

6.5CVSS5.9AI score0.00039EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/04/08 12:0 a.m.3 views

WordPress plugin VK All in One Expansion Unit 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

6.5CVSS5.7AI score0.00039EPSS
Exploits0References1
Snyk
Snykadded 2026/03/03 1:35 p.m.2 views

Malicious Package

Overview @vk-cloud-billing/common is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/03/03 1:35 p.m.4 views

Malicious code in @vk-cloud-billing/common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78b5a4d83fe25260e7b73b7d40a2d8827f8ebe841ace75e3f03140b4861eb836 The package @vk-cloud-billing/common was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSVadded 2026/03/03 1:35 p.m.1 views

MAL-2026-1217 Malicious code in @vk-cloud-billing/common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78b5a4d83fe25260e7b73b7d40a2d8827f8ebe841ace75e3f03140b4861eb836 The package @vk-cloud-billing/common was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
Patchstack
Patchstackadded 2026/01/24 12:15 a.m.9 views

WordPress VK Google Job Posting Manager plugin <= 1.2.20 - Authenticated (Author+) Stored Cross-Site Scripting via Job Description Field vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Job Description Field vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin VK Google Job Posting Manager versions = 1.2.20...

6.4CVSS5.4AI score0.00012EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2025/12/16 9:31 a.m.2 views

EUVD-2025-203544

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vektor,Inc. VK Google Job Posting Manager vk-google-job-posting-manager allows Stored XSS.This issue affects VK Google Job Posting Manager: from n/a through = 1.2.21...

5.5AI score0.00029EPSS
Exploits0References2
CVE
CVEadded 2025/12/16 8:13 a.m.6 views

CVE-2025-68070

CVE-2025-68070 affects VK Google Job Posting Manager plugin for WordPress (

6.5CVSS5.9AI score0.00029EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/12/16 12:0 a.m.2 views

WordPress plugin VK Google Job Posting Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.5CVSS5.9AI score0.00029EPSS
Exploits0References1
NVD
NVDadded 2025/11/18 8:15 a.m.4 views

CVE-2025-11267

The VK All in One Expansion Unit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'veucustomcss' parameter in all versions up to, and including, 9.112.1. This is due to insufficient input sanitization and output escaping on the user-supplied Custom CSS value. This makes i...

6.4CVSS0.00037EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2014-5709

Malware in sbrugna...

5.4CVSS6.4AI score0.00134EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2014-5807

Malware in sbrugna...

5.4CVSS6.4AI score0.00134EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-12623

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00096EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-45832

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.00543EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-31652

Malicious code in bioql PyPI...

5.4CVSS5.9AI score0.00547EPSS
Exploits0References2
Rows per page
Query Builder