Lucene search
K
AttackerkbRecent

74775 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/09 5:5 p.m.2 views

CVE-2026-48573

No cwe for this issue in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...

7.9CVSS7.1AI score0.01029EPSS
Exploits0References2Affected Software19
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:5 p.m.3 views

CVE-2026-47654

Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

7.5CVSS7.2AI score0.0055EPSS
Exploits0References2Affected Software7
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:5 p.m.3 views

CVE-2026-48563

Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

7.5CVSS7.2AI score0.0055EPSS
Exploits0References2Affected Software12
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:5 p.m.4 views

CVE-2026-47652

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally...

8.2CVSS7.5AI score0.00341EPSS
Exploits0References2Affected Software7
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:5 p.m.3 views

CVE-2026-47653

Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

8.8CVSS7.2AI score0.00602EPSS
Exploits0References2Affected Software19
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:5 p.m.2 views

CVE-2026-47641

Improper input validation in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS6.4AI score0.00505EPSS
Exploits0References2Affected Software3
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:5 p.m.2 views

CVE-2026-47639

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network...

5.4CVSS6.6AI score0.0051EPSS
Exploits0References2Affected Software3
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:5 p.m.2 views

CVE-2026-47635

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

8.4CVSS7.5AI score0.00333EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:5 p.m.4 views

CVE-2026-47636

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network...

5.4CVSS6.6AI score0.0051EPSS
Exploits0References2Affected Software3
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.5 views

CVE-2026-45649

Improper access control in Office for Android allows an unauthorized attacker to perform spoofing locally...

7.1CVSS5.8AI score0.00419EPSS
Exploits0References2Affected Software3
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.10 views

CVE-2026-45645

Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally...

7.8CVSS7.2AI score0.00372EPSS
Exploits0References2Affected Software8
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.4 views

CVE-2026-45643

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...

7.8CVSS5.9AI score0.00372EPSS
Exploits0References2Affected Software6
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.2 views

CVE-2026-45641

Access of resource using incompatible type 'type confusion' in Windows Hyper-V allows an unauthorized attacker to execute code locally...

8.4CVSS7.3AI score0.00307EPSS
Exploits0References2Affected Software9
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.5 views

CVE-2026-45503

Improper authorization in Microsoft Exchange Server allows an authorized attacker to disclose information over a network...

8.1CVSS7.1AI score0.00454EPSS
Exploits0References2Affected Software4
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.2 views

CVE-2026-45501

Server-side request forgery ssrf in Microsoft Exchange Server allows an authorized attacker to perform spoofing over a network...

6.5CVSS6.6AI score0.00308EPSS
Exploits0References2Affected Software4
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.4 views

CVE-2026-45466

Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally...

3.3CVSS6AI score0.00371EPSS
Exploits0References2Affected Software6
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.4 views

CVE-2026-45461

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

8.4CVSS7.3AI score0.00364EPSS
Exploits0References2Affected Software9
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.5 views

CVE-2026-45460

Buffer over-read in Microsoft Office allows an unauthorized attacker to disclose information locally...

4.7CVSS5.8AI score0.00357EPSS
Exploits0References2Affected Software8
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.5 views

CVE-2026-45458

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

8.4CVSS7.2AI score0.0044EPSS
Exploits0References2Affected Software11
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.5 views

CVE-2026-45456

Access of resource using incompatible type 'type confusion' in Microsoft Office allows an unauthorized attacker to execute code locally...

8.4CVSS7.2AI score0.0044EPSS
Exploits0References2Affected Software11
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.2 views

CVE-2026-45453

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network...

5.4CVSS6.6AI score0.0051EPSS
Exploits0References2Affected Software3
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.4 views

CVE-2026-44824

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

7.8CVSS7.4AI score0.00457EPSS
Exploits0References2Affected Software11
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.3 views

CVE-2026-44823

Numeric truncation error in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS7.2AI score0.00372EPSS
Exploits0References2Affected Software9
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.5 views

CVE-2026-44821

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally...

5.5CVSS7AI score0.00467EPSS
Exploits0References2Affected Software11
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.3 views

CVE-2026-44820

Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS7.1AI score0.00372EPSS
Exploits0References2Affected Software9
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.3 views

CVE-2026-44818

Concurrent execution using shared resource with improper synchronization 'race condition' in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7CVSS7.2AI score0.00263EPSS
Exploits0References2Affected Software9
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.4 views

CVE-2026-44819

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

7.8CVSS7.4AI score0.00457EPSS
Exploits0References2Affected Software11
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.4 views

CVE-2026-44817

Access of resource using incompatible type 'type confusion' in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS7.2AI score0.00372EPSS
Exploits0References2Affected Software9
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.3 views

CVE-2026-45485

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally...

3.3CVSS7AI score0.00439EPSS
Exploits0References2Affected Software11
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.3 views

CVE-2026-45486

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally...

7.8CVSS7.2AI score0.00372EPSS
Exploits0References2Affected Software4
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.4 views

CVE-2026-45474

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

8.4CVSS7.3AI score0.00364EPSS
Exploits0References2Affected Software9
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.4 views

CVE-2026-45471

Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally...

7.8CVSS7.2AI score0.00457EPSS
Exploits0References2Affected Software11
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.3 views

CVE-2026-45472

Use after free in Microsoft Office allows an unauthorized attacker to execute code locally...

8.4CVSS7.3AI score0.00339EPSS
Exploits0References2Affected Software9
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.4 views

CVE-2026-45475

Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally...

7.8CVSS7.4AI score0.00457EPSS
Exploits0References2Affected Software11
ATTACKERKB
ATTACKERKB
added 2026/06/09 5:4 p.m.3 views

CVE-2026-45469

Integer underflow wrap or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally...

7.8CVSS5.9AI score0.00372EPSS
Exploits0References2Affected Software9
ATTACKERKB
ATTACKERKB
added 2026/06/09 12:11 p.m.4 views

CVE-2026-46323

In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skbgroreceive can currently copy frags between the source and GRO skb, without checking the zerocopy status, and in particular the SKBFLMANAGEDFRAGREFS flag. When SKBFLMANAGEDFRAGREFS is set, the...

7.8CVSS5.6AI score0.00137EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/09 12:11 p.m.5 views

CVE-2026-46322

In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...

7.1CVSS5.7AI score0.00129EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/09 12:11 p.m.4 views

CVE-2026-46321

In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp allocated for it. tunsendmsg discards that -EINVAL and still returns...

7.1CVSS5.7AI score0.00129EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/09 12:11 p.m.5 views

CVE-2026-46320

In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...

7.4CVSS5.7AI score0.00235EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/09 7:49 a.m.5 views

CVE-2026-7542

The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Disclosure in versions 7.0 to 7.0.10. This is due to three compounding design flaws: 1 the plugin leaks a valid backend AJAX nonce revslideractions to all authenticated users including Subscribers via the adminfoote...

6.5CVSS5.3AI score0.00252EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/09 3:50 a.m.4 views

CVE-2026-41840

Spring WebFlux applications are vulnerable to Denial of Service DoS attacks when processing multipart requests. Affected versions: Spring Framework 7.0.0 through 7.0.7, 6.2.0 through 6.2.18, 6.1.0 through 6.1.27, 5.3.0 through 5.3.48...

5.9CVSS5.8AI score0.00247EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/09 3:0 a.m.29 views

CVE-2026-11621

A weakness has been identified in Dcat-Admin up to 2.2.3-beta. This impacts the function editorMDUpload of the file /admin/dcat-api/editor-md/upload of the component User Setting Page. This manipulation of the argument editormd-image-file causes unrestricted upload. The attack can be initiated...

5.8CVSS5.1AI score0.00218EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/09 2:45 a.m.15 views

CVE-2026-11620

A security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation results in least privilege violation. It is possible to launch the attack remotely. The exploit has been released to the publi...

6.9CVSS5.1AI score0.00285EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/09 2:30 a.m.13 views

CVE-2026-11619

A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2. The impacted element is an unknown function of the file htdocs/core/filemanagerdol/connectors/php/config.inc.php of the component Legacy Filemanager. The manipulation leads to improper authorization. It is possible to initiate the...

6.5CVSS5AI score0.00209EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/09 2:28 a.m.11 views

CVE-2026-7556

The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the comment text in all versions up to, and including, 7.5.49.7212 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

7.2CVSS5.7AI score0.00241EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/09 2:28 a.m.14 views

CVE-2026-5714

The Enable Media Replace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘locationdir’ parameter in all versions up to, and including, 4.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level...

6.4CVSS5.7AI score0.00181EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/09 2:15 a.m.9 views

CVE-2026-11618

A vulnerability was determined in DTStack Taier up to 1.4.0. The affected element is the function preHandle of the file taier-data-develop/src/main/java/com/dtstack/taier/develop/interceptor/LoginInterceptor.java of the component Source Connection Test Endpoint. Executing a manipulation can lead ...

7.5CVSS5AI score0.00401EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/09 1:27 a.m.7 views

CVE-2026-10862

The Accordions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Accordion body field in all versions up to, and including, 2.3.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Custom-level access and...

6.4CVSS5.7AI score0.00155EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/09 1:4 a.m.7 views

CVE-2026-8795

A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in clientinfo.json inside a collection ZIP is inserted into a YAML template via Go's text/template without escaping. An attacker providing a crafted...

7.8CVSS5.6AI score0.00148EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/09 12:21 a.m.8 views

CVE-2026-44757

SAP Wily Introscope Enterprise Manager allows an unauthenticated attacker to craft a specially crafted URL. Under certain conditions, when accessed by a victim, the injected script could execute in the user�s browser within the context of the application. This issue has a low impact on the...

4.7CVSS5.6AI score0.00154EPSS
Exploits0References3
Total number of security vulnerabilities74775