CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1370 matches found

Positive Technologies•added 2026/05/11 12:0 a.m.•5 views

PT-2026-39776

A denial of service issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to modify protected parts of the file system...

5.8AI score0.00052EPSS

Exploits0References3

GithubExploit•added 2026/05/08 6:5 a.m.•49 views

vulnerability-lab

🔐 Vulnerability Lab Buffer Overflow + SQLi ⚠️ FOR EDUCATI...

5.9AI score

Exploits0

GithubExploit•added 2026/04/30 9:50 a.m.•50 views

Exploit for Embedded Malicious Code in Tukaani Xz

Security Review: CVE-2024-3094 XZ Utils Backdoor Автор:...

10CVSS8.9AI score0.85058EPSS

Exploits38

OSV•added 2026/04/27 6:33 p.m.•3 views

JLSEC-2026-268 Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of...

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...

5.9CVSS6.8AI score0.00069EPSS

Exploits0References9

Snyk•added 2026/04/20 6:14 a.m.•3 views

Server-side Request Forgery (SSRF)

Overview agentscope is an AgentScope: A Flexible yet Robust Multi-Agent Platform. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the processaudioblock function. An attacker can make unauthorized requests to internal or external systems by supplying crafte...

7.5CVSS7.3AI score0.00054EPSS

Exploits0References2

Github Security Blog•added 2026/04/14 6:17 p.m.•5 views

Hack the AI agent: Build agentic AI security skills with the GitHub Secure Code Game

I was scrolling through my feed one evening when I came across OpenClaw, an open source personal AI assistant that people were calling everything from "Jarvis" to "a portal to a new reality." The idea is beautiful: an AI that lives on your machine or in the cloud, talks to you over WhatsApp or...

8.8CVSS7.3AI score0.00121EPSS

Exploits5

OSV•added 2026/04/10 7:27 p.m.•0 views

GHSA-99G3-W8GR-X37C PraisonAI vulnerable to arbitrary file write via path traversal in `praisonai recipe unpack`

| Field | Value | |---|---| | Severity | Critical | | Type | Path traversal -- arbitrary file write via tar.extract without member validation | | Affected | src/praisonai/praisonai/cli/features/recipe.py:1170-1172 | Summary cmdunpack in the recipe CLI extracts .praison tar archives using raw...

9.4CVSS6AI score0.00084EPSS

Exploits1References4

Github Security Blog•added 2026/04/03 9:57 p.m.•8 views

OpenSTAManager has a SQL Injection via righe Parameter in confronta_righe Modals

Description Six confrontarighe.php files across different modules in OpenSTAManager fetchArray 'SELECT mgarticolilang.title, mgarticoli.codice, inrigheinterventi. FROM inrigheinterventi INNER JOIN...

8.8CVSS6.2AI score0.00014EPSS

Exploits1References3Affected Software1

RedhatCVE•added 2026/03/26 3:16 p.m.•1 views

CVE-2026-28892

A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system...

5.5CVSS5.7AI score0.00012EPSS

Exploits0References1

EUVD•added 2026/03/25 3:31 a.m.•2 views

EUVD-2026-15171

5.8AI score0.00012EPSS

Exploits0References4

EUVD•added 2026/03/25 3:31 a.m.•0 views

EUVD-2026-15099

A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data...

5.3CVSS5.8AI score0.00045EPSS

Exploits0References4

NVD•added 2026/03/25 1:17 a.m.•1 views

CVE-2026-28892

5.5CVSS0.00012EPSS

Exploits0References3

ATTACKERKB•added 2026/03/25 12:32 a.m.•1 views

CVE-2026-28828

5.8AI score0.00045EPSS

Exploits0References4

CVE•added 2026/03/25 12:32 a.m.•8 views

CVE-2026-28828

CVE-2026-28828 concerns a permissions issue that could allow an app to access sensitive user data. Concrete details across connected sources indicate the vulnerability was mitigated by removing the vulnerable code, with fixes implemented in macOS updates: Sequoia 15.7.5, Sonoma 14.8.5, and Tahoe ...

5.3CVSS5.8AI score0.00045EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/03/25 12:32 a.m.•1 views

CVE-2026-28828

5.8AI score0.00045EPSS

Exploits0References3

Cvelist•added 2026/03/25 12:31 a.m.•21 views

CVE-2026-28892

0.00012EPSS

Exploits0References3

ATTACKERKB•added 2026/03/25 12:31 a.m.•2 views

CVE-2026-28892

5.8AI score0.00012EPSS

Exploits0References4

Positive Technologies•added 2026/03/24 12:0 a.m.•1 views

PT-2026-27564

Name of the Vulnerable Software and Affected Versions macOS versions prior to Sequoia 15.7.5 macOS versions prior to Sonoma 14.8.5 macOS versions prior to Tahoe 26.4 Description A permissions issue existed where an application could potentially access sensitive user data. The issue was resolved b...

5.3CVSS5.8AI score0.00045EPSS

Exploits0References6

GithubExploit•added 2026/03/13 9:33 p.m.•103 views

vulnerable_php_code

...

5.8AI score

Exploits0

GithubExploit•added 2026/03/09 3:46 p.m.•121 views

Double-Free-Heap-Exploit

Double-Free Heap Exploit Author Created by 0x5da Toa...

6.2AI score

Exploits0