Lucene search
K
CvelistMost viewed

364873 matches found

Cvelist
Cvelist
added 2026/06/03 1:28 p.m.53 views

CVE-2026-47325 Weak password policy in ProjectsAndPrograms school-management-system

ProjectsAndPrograms school-management-system uses predictable credentials by generating student's and teacher's passwords solely from the user’s date of birth e.g., 12072000 for 12 July 2000. The application does not require or prompt users to change the password upon first login. This behavior...

6.9CVSS0.00249EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/30 12:13 p.m.53 views

CVE-2026-46242 eventpoll: fix ep_remove struct eventpoll / struct file UAF

In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix epremove struct eventpoll / struct file UAF epremove via epremovefile cleared file-fep under file-flock but then kept using @file inside the critical section isfileepoll, hlistdelrcu through the head, spinunlock. A...

7.8CVSS0.00125EPSS
Exploits2References5
Cvelist
Cvelist
added 2026/05/29 3:10 p.m.53 views

CVE-2026-35630 OpenClaw < 2026.5.18 - QQBot Missing Approver Identity Enforcement in Native Approval Buttons

OpenClaw before 2026.5.18 contains an authorization bypass vulnerability in QQBot native approval buttons that fails to enforce configured approver identity. Non-approver users can click approval buttons to resolve pending exec or plugin approval requests without proper authorization...

8CVSS0.00199EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 3:46 p.m.53 views

CVE-2026-44322 free5GC: NEF 3gpp-pfd-management PATCH applications/{appId} panics on UDR access failure due to nil ProblemDetails dereference

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF PATCH /3gpp-pfd-management/v1/afId/transactions/transId/applications/appId handler panics with a nil-pointer dereference when the upstream UDR call fails AND the consumer wrapper returns err != nil...

7.5CVSS0.0039EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/05/27 3:20 p.m.53 views

CVE-2026-44483 RVF: Prototype pollution in @rvf/set-get reachable via @rvf/core preprocessFormData (HTTP form data)

RVF formerly Remix Validated Form provides easy form validation and state management for React. From 6.0.0 to before 6.0.4 and 7.0.2, setPath in @rvf/set-get used by @rvf/core to flatten incoming form data into a nested object does not block the keys proto, constructor, or prototype when walking ...

8.2CVSS0.00271EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 12:18 p.m.53 views

CVE-2026-45961 gfs2: fix memory leaks in gfs2_fill_super error path

In the Linux kernel, the following vulnerability has been resolved: gfs2: fix memory leaks in gfs2fillsuper error path Fix two memory leaks in the gfs2fillsuper error handling path when transitioning a filesystem to read-write mode fails. First leak: kthread objects threadstruct, taskstruct, etc...

0.00143EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/26 5:7 p.m.53 views

CVE-2026-44706 Chatwoot: SQL Injection in Conversation/Contact Filter API via Custom Attribute Values

Chatwoot is a customer engagement suite. From 2.2.0 to before 4.11.2, a SQL injection vulnerability exists in the conversation and contact filter APIs. When filtering by a custom attribute of type date or number using the isgreaterthan or islessthan operators, user-supplied values in the values...

8.5CVSS0.00227EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/21 1:1 p.m.53 views

CVE-2025-71210

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via...

9.8CVSS0.03811EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/21 12:12 p.m.53 views

CVE-2026-43495 net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

8.8CVSS0.00272EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/21 4:28 a.m.53 views

CVE-2026-1543 Avada (Fusion) Builder <= 3.15.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Multiple Shortcodes

The Avada Fusion Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in all versions up to, and including, 3.15.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level...

6.4CVSS0.00337EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/20 1:9 p.m.53 views

CVE-2026-3593 Heap use-after-free vulnerability in BIND 9 DNS-over-HTTPS implementation

A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through 9.20.22-S1. BIND 9 versions 9.18.0 through 9.18.48 and 9.18.11-S1 through 9.18.48-S1 are NOT affected...

7.4CVSS0.01844EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/20 9:17 a.m.53 views

CVE-2026-32792 Packet of death with DNSCrypt

NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A malicious actor can exploit...

8.2CVSS0.00337EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/20 1:25 a.m.53 views

CVE-2026-6452 Bigfishgames Syndicate <= 1.2 - Cross-Site Request Forgery to Settings Reset and Update

The Bigfishgames Syndicate plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing or incorrect nonce validation on the bigfishgamessyndicatesubmenu function. This makes it possible for unauthenticated attackers to reset...

4.3CVSS0.00158EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/19 9:3 p.m.53 views

CVE-2026-34234 CtrlPanel: Unauthenticated RCE using installer script

CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the web-based installer public/installer/index.php is vulnerable to unauthenticated Remote Code Execution RCE because it performs the install.lock check only after including and executing form handler...

10CVSS0.00821EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/05/19 5:8 p.m.53 views

CVE-2026-8605 Use of Hard-coded Credentials in ScadaBR

In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin...

5.1CVSS0.00387EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/19 9:25 a.m.53 views

CVE-2026-46725 Remote Code Execution in extension "Content Element Selector" (ceselector)

The extension passes an attacker-controlled cookie directly to PHP's unserialize without safely processing the input. A remote, unauthenticated attacker can supply a crafted serialized payload to trigger PHP Object Injection, leading to Remote Code Execution on the TYPO3 server. Exploitation...

9.2CVSS0.02306EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/19 6:4 a.m.53 views

CVE-2026-8830 Keycloak: org.keycloak/keycloak-services: keycloak: policy bypass during webauthn credential registration via client-side javascript manipulation

A flaw was found in Keycloak. An authenticated user can bypass configured WebAuthn policies during credential registration by manipulating client-side JavaScript. This occurs because the server-side processAction fails to validate that the newly created credential's parameters, such as public key...

4.3CVSS0.00392EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/18 5:3 p.m.53 views

CVE-2026-45492 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

...

5.4CVSS0.00302EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/18 3:40 p.m.53 views

CVE-2026-8843 Calling createIndex with certain index types can crash mongod

Creating a "2dspherebucket" index on a non-timeseries bucket collection will succeed, but any subsequent attempt to insert a document which triggers updating that index will crash the server. A similar issue occurs when creating "queryableencryptedrange" indices. This issue affects MongoDB Server...

7.1CVSS0.00235EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/18 1:52 p.m.53 views

CVE-2026-41949 Dify < 1.14.2 Authorization Bypass via File Preview Endpoint

Dify before version 1.14.2 contains an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces using only the file's UUID. Attackers can access the...

8.2CVSS0.00435EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/05/18 8:9 a.m.53 views

CVE-2026-3117 Instance and webhook GitLab plugin commands were able to be run by non-admin users

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to properly check for permissions when processing commands in the Gitlab plugin which allows normal users to uninstall instances or setup webhook connections via the gitlab instance option or the /gitlab webhook option commands...

6.5CVSS0.00228EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/17 6:51 p.m.53 views

CVE-2026-8721 Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates passwords with embedded NULLs. Password parameters in PKCS12.xs are declared char , which routes through Perl's default typemap to SvPVnolen. The Perl length is discarded. The C code or OpenSSL internally calls strlen on the buffer...

0.00447EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 10:18 p.m.53 views

CVE-2026-8704 Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified

Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified...

0.00318EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/15 9:31 a.m.53 views

CVE-2026-41969

Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.2CVSS0.00096EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 3:6 a.m.53 views

CVE-2025-54518

Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation...

7.3CVSS0.00258EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 2:58 a.m.53 views

CVE-2024-36334

Improper verification of cryptographic signature in the Radeon RGB tool could allow a malicious file placed in the installation directory to be run with elevated privileges potentially leading to arbitrary code execution...

7CVSS0.00082EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 2:37 a.m.53 views

CVE-2025-48516

Insecure default configuration state of DDR5 memory module by AGESA Bootloader Firmware could allow an attacker with local user privilege to abuse the unprotected PMIC interface to create a permanent denial of service condition or affect the integrity of the memory module...

6.9CVSS0.00091EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 1:45 a.m.53 views

CVE-2025-48521

Improper input validation in the AMD Secure Processor ASP PCI driver could allow a local attacker to trigger a Use-After-Free UAF condition, potentially resulting in a loss of platform integrity or crash...

6.9CVSS0.00101EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/14 6:44 p.m.53 views

CVE-2026-44522 Note Mark: Arbitrary File Write via Path Traversal in Asset Names Leading to Remote Code Execution

Note Mark is an open-source note-taking application. From 0.13.0 to before 0.19.4, the Note Mark application allows authenticated users to upload assets to notes via POST /api/notes/noteID/assets, where the asset filename is provided through the X-Name HTTP request header. This value is stored...

8.6CVSS0.00495EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 6:31 p.m.53 views

CVE-2026-41315 mdserver-web: Missing Authorization and Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

mdserver-web is a simple Linux panel. From 0.18.0 to 0.18.4, mdserver-web has a front-end unauthorized remote command execution vulnerability. Due to the lack of authentication on the /modifycrond and /starttask interfaces, it is possible to modify the default built-in scheduled tasks and start...

9.3CVSS0.01032EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/14 2:51 p.m.53 views

CVE-2026-44482 soundcloud-rpc: Remote Code Execution via XSS in Track Title

soundcloud-rpc is a SoundCloud Client with Discord Rich Presence, Dark Mode, Last.fm and AdBlock support. Prior to 0.1.8, a track title containing an HTML payload executed locally in the Electron app. This means attacker-controlled SoundCloud track metadata can lead to local command execution on...

9.6CVSS0.00336EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 12:59 p.m.53 views

CVE-2025-15025 IDOR in Yordam Informatics' Library Automation System

Authorization bypass through User-Controlled key vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploitation of Trusted Identifiers. This issue affects Library Automation System: from v.21.6 befor...

8.8CVSS0.00298EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 6:18 p.m.53 views

CVE-2026-0256 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface

A stored cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS® software enables a malicious authenticated administrator to store a JavaScript payload using the web interface. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama virtual an...

6.9CVSS0.0028EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 5:57 p.m.53 views

CVE-2026-42578 Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation

Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's HttpProxyHandler constructs HTTP CONNECT requests with header validation explicitly disabled. The newInitialMessage method creates headers using...

6.3CVSS0.00952EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/13 5:17 p.m.53 views

CVE-2026-43997 vm2: Sandbox Escape

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, it is possible to obtain the host Object. There are various ways to use the host Object, to escape the sandbox, one example would be using HostObject.getOwnPropertySymbols to obtain Symbolnodejs.util.inspect.custom. This vulnerability...

10CVSS0.00976EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/13 12:2 p.m.53 views

CVE-2026-42948

Stored cross-site scripting vulnerability exists in ELECOM wireless LAN access point devices. If one of the administrators input malicious data, an arbitrary script may be executed in another administrative user's web browser...

4.8CVSS0.00161EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 8:27 a.m.53 views

CVE-2026-5773 wrong reuse of SMB connection

libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...

0.00549EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/13 4:56 a.m.53 views

CVE-2026-21024

Improper privilege management in Samsung System Support Service prior to version 8.0.8.0 allows local attackers to trigger privileged functions...

6.3CVSS0.00091EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 7:9 p.m.53 views

CVE-2026-44863 Authenticated Remote Code Execution via SQL Injection in AOS-8 and AOS-10 Operating Systems

SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into...

7.2CVSS0.00315EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 4:58 p.m.53 views

CVE-2026-41101 Microsoft Word for Android Spoofing Vulnerability

...

7.1CVSS0.00292EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 12:29 p.m.53 views

CVE-2026-6865 Improper Limitation of a Pathname to a Restricted Directory Vulnerability on Multiple Products

CWE-22: Improper Limitation of a Pathname to a Restricted Directory “Path Traversal” vulnerability that could cause unauthorized access to sensitive files when user-supplied input is improperly handled during server-side file path processing...

7.1CVSS0.00303EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 11:2 a.m.53 views

CVE-2026-45212 WordPress Asset CleanUp: Page Speed Booster plugin <= 1.4.0.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS0.00225EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 8:21 a.m.53 views

CVE-2026-33862

A vulnerability has been identified in Teamcenter V2312 All versions V2312.0014, Teamcenter V2406 All versions V2406.0012, Teamcenter V2412 All versions V2412.0009, Teamcenter V2506 All versions V2506.0005, Teamcenter V2512 All versions. The affected application does not properly encode or filter...

8.5CVSS0.00192EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 7:48 a.m.53 views

CVE-2026-5340 Fancy Image Show <= 9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Fancy Image Show plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's fancy-img-show shortcode in all versions up to, and including, 9.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat...

6.4CVSS0.00243EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/11 4:48 p.m.54 views

CVE-2026-4893 CVE-2026-4893

An information disclosure vulnerability in dnsmasq allows remote attackers to bypass source checks via a crafted DNS packet with RFC 7871 client subnet information...

0.02681EPSS
Exploits2References6
Cvelist
Cvelist
added 2026/05/11 4:47 p.m.53 views

CVE-2026-4892 CVE-2026-4892

A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6 packet...

0.00812EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/05/11 9:40 a.m.53 views

CVE-2026-6909 Reflected XSS in ATutor

ATutor is vulnerable to Reflected XSS in /install/upgrade.php endpoint. An attacker can provide a specially crafted URL that, when opened, results in arbitrary JavaScript execution in the victim's browser. Product is no longer actively supported. Maintainers of this project were notified early...

5.1CVSS0.00391EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/11 9:32 a.m.53 views

CVE-2026-41951

Path traversal vulnerability exists in GROWI v7.5.0 and earlier, which may allow an attacker to execute arbitrary EJS templates on the server when an email server is running in GROWI...

8.6CVSS0.00495EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/11 4:15 a.m.53 views

CVE-2026-8272 D-Link DNS-320 webfile_mgr.cgi chown os command injection

A security flaw has been discovered in D-Link DNS-320 2.06B01. This affects the function delete/rename/copy/move/chmod/chown of the file /cgi-bin/webfilemgr.cgi. The manipulation results in os command injection. The attack may be performed from remote. The exploit has been released to the public...

5.8CVSS0.05587EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/05/10 12:12 p.m.53 views

CVE-2022-50965 uBidAuction 2.0.1 posts manage Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the posts/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET requests...

6.1CVSS0.00252EPSS
Exploits0References4
Total number of security vulnerabilities5000