Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/03/10 9:36 p.m.0 views

CVE-2026-23868

A flaw was found in giflib. This double-free vulnerability, caused by a shallow copy in GifMakeSavedImage and incorrect error handling, may allow an attacker to corrupt memory. While difficult to trigger, successful exploitation could potentially lead to arbitrary code execution or a denial of...

7CVSS6.1AI score0.00019EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/03/10 6:28 a.m.1 views

CVE-2026-28691

A flaw was found in ImageMagick. This vulnerability, an uninitialized pointer dereference, exists in the JBIG decoder due to a missing check. A remote attacker could exploit this by providing a specially crafted image file, leading to a denial of service. This could make the ImageMagick applicati...

7.5CVSS5.7AI score0.00063EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/02/25 11:29 p.m.0 views

CVE-2026-27950

A flaw was found in FreeRDP. An incomplete fix for a heap-use-after-free vulnerability CVE-2026-24680 in the SDL2 implementation allows a remote attacker to trigger a denial of service. The pointer is not nulled after being freed, which can lead to memory corruption. This issue means that...

8.7CVSS5.7AI score0.00115EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2025/12/10 12:17 a.m.2 views

CVE-2025-66491

Traefik is an HTTP reverse proxy and load balancer. Versions 3.5.0 through 3.6.2 have inverted TLS verification logic in the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. Setting the annotation to "on" intending to enable backend TLS certificate verification actually disables...

5.9CVSS6.1AI score0.00012EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2025/10/22 8:28 p.m.6 views

CVE-2025-62611

aiomysql is a library for accessing a MySQL database from the asyncio. Prior to version 0.3.0, the client-side settings are not checked before sending local files to MySQL server, which allows obtaining arbitrary files from the client using a rogue server. It is possible to create a rogue MySQL...

8.2CVSS6.3AI score0.00067EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/10/21 5:25 p.m.9 views

CVE-2025-41254

STOMP over WebSocket applications may be vulnerable to a security bypass that allows an attacker to send unauthorized messages. Affected Spring Products and VersionsSpring Framework: 6.2.0 - 6.2.11 6.1.0 - 6.1.23 6.0.x - 6.0.29 5.3.0 - 5.3.45 Older, unsupported versions are also affected...

4.3CVSS6.3AI score0.00062EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/09/04 6:22 a.m.6 views

CVE-2025-9866

An inappropriate implementation in extensions flaw was found in Google Chrome. This vulnerability allows a remote attacker to bypass the content security policy via a crafted HTML page. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the...

8.8CVSS5.8AI score0.00105EPSS
Exploits0References2
Rows per page
Query Builder