Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

The Hacker News
The Hacker Newsadded 2026/05/11 11:30 a.m.23 views

Your Purple Team Isn't Purple — It's Just Red and Blue in the Same Room

Defending a network at 2 am looks a lot like this: an analyst copy-pasting a hash from a PDF into a SIEM query. A red team script is being rewritten by hand so the blue team can use it. A patch waiting on a change-approval window that's longer than the exploitation window itself. Nobody in that...

5.9AI score
Exploits0
EUVD
EUVDadded 2026/04/16 3:31 a.m.1 views

EUVD-2026-23161

radare2 before 9236f44, when configured on UNIX without SSL, allows command injection via a PDB name to rabin2 -PP. NOTE: although users are supposed to use the latest version from git not a release, the date range for the vulnerable code was less than a week, occurring after 6.1.2 but before 6.1...

7.4CVSS5.9AI score0.01156EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/02/26 12:0 a.m.9 views

PT-2026-22149

A vulnerability in Google Cloud Vertex AI Workbench from 7/21/2025 to 01/30/2026 allows an attacker to exfiltrate valid Google Cloud access tokens of other users via abuse of a built-in startup script. All instances after January 30th, 2026 have been patched to protect from this vulnerability. No...

8.4CVSS5.5AI score0.00247EPSS
Exploits0References2
CVE
CVEadded 2026/01/22 7:6 p.m.7 views

CVE-2025-68609

The connected records confirm CVE-2025-68609 affects Palantir’s Aries service running on Apollo instances, with unauthenticated access to log viewing/management when default configuration is used. The root issue is a bypass of authentication and authorization checks, potentially enabling any netw...

6.6CVSS5.6AI score0.00368EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.4 views

EUVD-2015-4522

Malware in sbrugna...

4.3CVSS9.2AI score0.02155EPSS
Exploits0References16
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2020-27586

Malware in sbrugna...

8.8CVSS8.6AI score0.01593EPSS
Exploits0References13
EUVD
EUVDadded 2025/10/03 8:7 p.m.4 views

EUVD-2024-25087

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00319EPSS
Exploits0References2
Cvelist
Cvelistadded 2025/09/19 7:58 a.m.25 views

CVE-2025-7702 Open Redirect in PUSULA's Manageable Email Sending System

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Pusula Communication Information Internet Industry and Trade Ltd. Co. Manageable Email Sending System allows Exploiting Trust in Client. This issue affects Manageable Email Sending System: from =2025.06 before 2025.08.06...

4.7CVSS0.0021EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2020/04/21 11:7 a.m.1 views

tomcat: Session fixation when using FORM authentication

It was found that tomcat's FORM authentication allowed a very small period in which an attacker could possibly force a victim to use a valid user session, or Session Fixation. While practical exploit of this issue is deemed highly improbable, an abundance of caution merits it be considered a flaw...

7.5CVSS7.1AI score0.10687EPSS
Exploits0References8
NVD
NVDadded 2003/03/03 5:0 a.m.25 views

CVE-2003-0064

The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitra...

7.5CVSS7.2AI score0.02712EPSS
Exploits0References5
Rows per page
Query Builder