Lucene search
K

3718 matches found

Nuclei
Nuclei
added 19 hours ago13 views

WordPress Themify Builder < 7.5.8 - Open Redirect

The Themify Builder WordPress plugin before version 7.5.8 contains an open redirect vulnerability. The plugin does not validate the tbredirectfail parameter before redirecting users to its value, which could allow attackers to redirect users to malicious websites. id: CVE-2024-3032 info: name:...

6.1CVSS5.4AI score0.02477EPSS
Exploits2References2
Nuclei
Nuclei
added 19 hours ago204 views

Gitea 1.22.0 - Cross-Site Scripting

Gitea 1.22.0 is vulnerable to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability allows an attacker to inject malicious scripts that get stored on the server and executed in the context of another user's session. id: CVE-2024-6886 info: name: Gitea 1.22.0 - Cross-Site Scripting...

10CVSS7.7AI score0.25195EPSS
Exploits3References2
OSV
OSV
added yesterday3 views

ROOT-OS-DEBIAN-11-CVE-2026-46187 CVE-2026-46187 in rootio-linux - Patched by Root

Root has patched CVE-2026-46187 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

4.7CVSS5.8AI score0.00032EPSS
Exploits0
Circl
Circl
added 2 days ago5 views

CVE-2026-42914

creationtimestamp| type| source ---|---|--- 2026-06-09 15:44:28+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0181 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review...

5.3CVSS5.3AI score0.00061EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 3 days ago2 views

aiidalab (>=22.6.0 <=26.5.2), aiidalab-chemshell (>=0.0.1 <=0.1.1) +137 more potentially affected by CVE-2026-47712 via dulwich (>=0.24.1 <=1.0.0)

dulwich PYPI version =0.24.1, =22.6.0, =0.0.1, =0.1.0, =1.3.4, =0.12.0, =0.1.0, =0.2.0, =0.2.0, =0.2.1, =0.2.1, =0.1.0, =0.1.6 - artificial-detection =0.1.0 - attp =0.1.0a0 and more Source cves: CVE-2026-47712 Source advisory: OSV:GHSA-555P-6GRF-MH7F...

5.5AI score
Exploits0
OSV
OSV
added 3 days ago3 views

ROOT-OS-UBUNTU-2204-CVE-2025-71289 CVE-2025-71289 in rootio-linux - Patched by Root

Root has patched CVE-2025-71289 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

5.5CVSS5.8AI score0.00015EPSS
Exploits0
RedhatCVE
RedhatCVE
added 6 days ago5 views

CVE-2026-8784

A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function changefilestatus of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named...

4.6CVSS5.1AI score0.00027EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 6 days ago5 views

CVE-2026-45776 Open XDMoD has Broken Access Control via Client-Controlled Session Variable

OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Prior to version 11.0.3, a flaw in Open XDMoD's access control logic allows an attacker to submit a crafted HTTPS POST request that sets a session variable used for authorization decisions. If an installation of Open XDMoD...

5.3CVSS5.4AI score0.00054EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 6 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-11192

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via...

4.3CVSS5.6AI score0.00048EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/06/04 2:25 p.m.2 views

@beemstream/keystone-document-gallery (>=2.0.0 <=2.0.6), @k6js/admin-ui (>=0.3.0-20250618-02 <=0.4.7) +19 more potentially affected by CVE-2026-10802 via @keystone-6/core (>=1.1.1 <=6.5.2)

@keystone-6/core NPM version =1.1.1, =2.0.0, =0.3.0-20250618-02, =1.0.17, =1.0.19, =0.0.1, =2.1.0, =2.1.0-beta.0, =0.0.1-alpha.1, =1.0.0, =6.0.21, =1.0.0, =1.0.3, =1.0.12 and more Source cves: CVE-2026-10802 Source advisory: SNYK:JS-KEYSTONE6CORE-17179719...

5.3CVSS5.5AI score0.00051EPSS
Exploits0
OSV
OSV
added 2026/06/04 12:0 a.m.4 views

UBUNTU-CVE-2026-46270

In the Linux kernel, the following vulnerability has been resolved: p...

8.4CVSS5.7AI score0.00016EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/06/03 2:16 p.m.2 views

1zlab-emp-ide (=0.0.3), 1zlab-homepage (>=0.0.2 <=0.0.3) +11108 more potentially affected by CVE-2026-48587 via django (>=6.0.0 <=6.0.5)

django PYPI version =6.0.0, =0.0.2, =2.2.0, =0.1.0, =0.1.0.1, =0.1.1, =0.2.0, =0.0.4a0, =0.0.7, =0.1.10 and more Source cves: CVE-2026-48587 Source advisory: OSV:PYSEC-2026-198...

5.3CVSS5.4AI score0.0004EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2025-71313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may le...

5.5CVSS5.5AI score0.00014EPSS
Exploits0References4
Circl
Circl
added 2026/05/29 12:23 a.m.8 views

CVE-2026-44881

creationtimestamp| type| source ---|---|--- 2026-05-29 00:23:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmxbhnzpaf2w 2026-06-11 19:22:45+00:00| seen| https://bsky.app/profile/securitycyberuk.bsky.social/post/3mnzx6hyanz2x 2026-06-11 19:27:32+00:00| seen|...

9.9CVSS5.3AI score0.0008EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-46135

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp...

9.8CVSS5.5AI score0.00074EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/05/28 4:50 p.m.4 views

17fe-ui23 (>=0.0.0 <=0.0.24), @2kog/pkg-editor (>=0.0.1 <=0.1.3) +553 more potentially affected by CVE-2026-47760 via tinymce (>=6.8.1 <=7.0.1)

tinymce NPM version =6.8.1, =0.0.0, =0.0.1, =12.1.0, =4.1.0, =1.0.0-beta.1, =4.1.2-rc, =1.0.0, =0.1.0, =0.1.0, =0.1.1, =0.1.7 - @arkxos/arkos-example =0.1.0 and more Source cves: CVE-2026-47760 Source advisory: SNYK:JS-TINYMCE-17056157...

8.7CVSS5.4AI score0.00033EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/28 4:50 p.m.3 views

5mghost-rover (>=0.0.1 <=0.0.3), ace-framework (>=0.6.0 <=0.7.3) +94 more potentially affected by CVE-2026-48156 via pypdf (>=6.0.0 <=6.11.0)

pypdf PYPI version =6.0.0, =0.0.1, =0.6.0, =0.1.0, =0.0.2, =0.1.0, =0.0.24, =1.45.0, =0.1.2, =0.0.1.dev0, =0.0.1, =0.0.2, =0.0.5 - autopattern =0.2.0 and more Source cves: CVE-2026-48156 Source advisory: SNYK:PYTHON-PYPDF-17054920...

5.1CVSS5.4AI score0.00012EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/28 4:19 p.m.6 views

CVE-2026-9091

Casdoor versions 2.362.0 and earlier contain a logic flaw in the social‑login binding flow that allows users to bypass configured MFA requirements. The binding‑rule code path in controllers/auth.go calls HandleLoggedIn directly without invoking checkMfaEnable. Any user authenticating via this pat...

5.9AI score0.00037EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/26 11:38 p.m.2 views

@fedify/cli (>=2.2.0 <=2.2.3-dev.1098) potentially affected by CVE-2026-42462 via @fedify/fedify (>=2.2.0 <=2.2.3-dev.1098)

@fedify/fedify NPM version =2.2.0, =2.2.0, =2.2.3-dev.1098 Source cves: CVE-2026-42462 Source advisory: OSV:GHSA-9RFG-V8G9-9367...

7CVSS5.4AI score
Exploits0
Cvelist
Cvelist
added 2026/05/25 2:0 p.m.31 views

CVE-2026-47073 Unbounded memory consumption in WebSocket client in hackney

Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Flooding. The WebSocket client in src/hackneyws.erl imposes no upper bound on memory consumption in three code paths. First, readhandshakeresponse/3 accumulates received bytes into a growing buffer with n...

8.7CVSS0.00153EPSS
Exploits1References4
Rows per page
Query Builder