Euvd - Most Viewed Vulnerabilities List

EUVD•added 2025/10/03 8:7 p.m.•84 views

EUVD-2025-9230

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.00174EPSS

EUVD•added 2026/04/24 2:35 p.m.•70 views

EUVD-2026-25450

In the Linux kernel, the following vulnerability has been resolved: nvmet: move async event work off nvmet-wq For target nvmetctrlfree flushes ctrl-asynceventwork. If nvmetctrlfree runs on nvmet-wq, the flush re-enters workqueue completion for the same worker:- A. Async event work queued on...

5.4AI score0.00441EPSS

EUVD•added 2026/05/12 6:30 p.m.•69 views

EUVD-2026-29658

Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.00249EPSS

EUVD•added 2026/06/11 10:49 p.m.•66 views

EUVD-2026-36367

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - 140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly...

9.8CVSS5.7AI score0.00603EPSS

EUVD•added 2025/10/03 8:7 p.m.•63 views

EUVD-2023-25265

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00199EPSS

EUVD•added 2026/06/11 5:13 p.m.•62 views

EUVD-2026-36269

MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with wsrepnotifycmd enabled would execute shell commands embedded in the name of the joiner node. This is fixed in...

10CVSS5.6AI score0.00668EPSS

EUVD•added 2025/12/18 6:30 a.m.•60 views

EUVD-2025-204037

Biopython is vulnerable to doctype XML external entity XXE injection through Bio.Entrez...

4.9CVSS6.7AI score0.00293EPSS

EUVD•added 2025/10/03 8:7 p.m.•61 views

EUVD-2023-40615

Malicious code in bioql PyPI...

5.7CVSS5.7AI score0.00681EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•60 views

EUVD-2024-46576

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00769EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•60 views

EUVD-2024-54770

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00278EPSS

EUVD•added 2025/10/03 8:7 p.m.•59 views

EUVD-2025-23677

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00295EPSS

EUVD•added 2025/10/03 8:7 p.m.•59 views

EUVD-2023-0955

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.01158EPSS

Exploits1References8

EUVD•added 2026/06/09 5:6 p.m.•58 views

EUVD-2026-35723

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

7CVSS5.4AI score0.00191EPSS

EUVD•added 2026/03/04 6:31 p.m.•58 views

EUVD-2026-9462

Multiple Cisco products are affected by vulnerabilities in the Snort 3 VBA feature that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to crash. These vulnerabilities are due to improper error checking when decompressing VBA data. An attacker could exploit...

5.8CVSS6AI score0.0039EPSS

EUVD•added 2026/05/14 4:26 p.m.•57 views

EUVD-2026-30334

Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variant...

8.8CVSS6.5AI score0.00685EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•57 views

EUVD-2025-13411

Malicious code in bioql PyPI...

6.4CVSS6.3AI score0.00287EPSS

EUVD•added 2025/10/03 8:7 p.m.•56 views

EUVD-2023-28856

Malicious code in bioql PyPI...

6.5CVSS6.8AI score0.01532EPSS

EUVD•added 2025/10/03 8:7 p.m.•57 views

EUVD-2021-30685

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01005EPSS

EUVD•added 2025/10/03 8:7 p.m.•56 views

EUVD-2025-24265

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.00359EPSS

EUVD•added 2025/10/03 8:7 p.m.•55 views

EUVD-2025-24062

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00377EPSS

Exploits1References5

EUVD•added 2026/05/10 3:31 p.m.•54 views

EUVD-2021-34809

CyberPanel 2.1 contains a command execution vulnerability that allows authenticated attackers to read arbitrary files and execute remote code by exploiting symlink attacks through the filemanager controller endpoint. Attackers can manipulate the completeStartingPath parameter in POST requests to...

8.8CVSS6.4AI score0.00533EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•53 views

EUVD-2022-6755

Malicious code in bioql PyPI...

6.5CVSS5.5AI score0.0069EPSS

Exploits0References8

EUVD•added 2025/10/03 8:7 p.m.•53 views

EUVD-2022-6811

Malicious code in bioql PyPI...

3.7CVSS4.8AI score0.00455EPSS

Exploits0References5

EUVD•added 2026/05/12 6:30 p.m.•51 views

EUVD-2026-29666

Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network...

7.5CVSS5.8AI score0.00931EPSS

EUVD•added 2026/05/10 3:33 a.m.•51 views

EUVD-2026-28952

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI Session Management. Such manipulation leads to improper authentication. The attack can be launched remotely. The vendo...

7.5CVSS6.9AI score0.00391EPSS

EUVD•added 2025/10/07 12:30 a.m.•52 views

EUVD-2021-0927

Malware in sbrugna...

9.8CVSS9.3AI score0.02774EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•51 views

EUVD-2022-29573

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.07159EPSS

Exploits5References4

EUVD•added 2026/03/12 6:31 a.m.•50 views

EUVD-2026-11519

A flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function jsiteratorconcatreturn of the file quickjs.c. This manipulation causes use after free. The attack requires local access. The exploit has been published and may be used. Patch name:...

5.3CVSS5.4AI score0.00112EPSS

Exploits0References9

EUVD•added 2026/05/10 3:31 p.m.•49 views

EUVD-2021-34805

Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem...

8.5CVSS5.8AI score0.00109EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•49 views

EUVD-2025-27203

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00218EPSS

EUVD•added 2025/10/03 8:7 p.m.•49 views

EUVD-2025-24030

Malicious code in bioql PyPI...

7.1CVSS6.3AI score0.00342EPSS

Exploits0References6

EUVD•added 2026/05/28 3:49 a.m.•48 views

EUVD-2026-32710

A flaw was found in Keycloak's Fine-Grained Admin Permissions FGAPv2 feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, including highly privileged roles, to a client's scope mapping. This bypasses intended security...

7.3CVSS5.7AI score0.00223EPSS

EUVD•added 2026/03/10 6:31 p.m.•48 views

EUVD-2026-10520

An Improper Control of Interaction Frequency vulnerability CWE-799 vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.2, FortiWeb 7.6.0 through 7.6.5, FortiWeb 7.4.0 through 7.4.10, FortiWeb 7.2.0 through 7.2.11, FortiWeb 7.0.0 through 7.0.11 may allow a remote unauthenticated attacker to bypas...

8.1CVSS5.8AI score0.00764EPSS

EUVD•added 2026/01/10 1:32 p.m.•48 views

EUVD-2026-1846

A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function jstypedarraysort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The...

7.5CVSS6.4AI score0.0041EPSS

Exploits1References8

EUVD•added 2025/10/07 12:30 a.m.•48 views

EUVD-2021-2577

Malware in sbrugna...

7.8CVSS7.6AI score0.00195EPSS

EUVD•added 2025/10/07 12:30 a.m.•49 views

EUVD-2021-1660

Malware in sbrugna...

9.8CVSS9.4AI score0.04115EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•48 views

EUVD-2024-2911

Malicious code in bioql PyPI...

8.2CVSS7.9AI score0.00634EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•48 views

EUVD-2025-25062

Malicious code in bioql PyPI...

9.8CVSS6.3AI score0.35302EPSS

Exploits8References2

EUVD•added 2026/05/11 5:52 a.m.•47 views

EUVD-2026-29033

Zephyr sockets created with IPPROTOTLS13 can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS e.g. via mbedtlssslconfmintlsversion. The ClientHello advertises both versions and the peer can...

5.3CVSS5.8AI score0.00197EPSS

5.9CVSS5.8AI score0.00415EPSS

EUVD-2024-31886

Malicious code in bioql PyPI...

5.8CVSS6.4AI score0.00537EPSS

EUVD-2025-27485

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.03088EPSS

EUVD-2022-3861

Malicious code in bioql PyPI...

Exploits1References23

7.5CVSS7.4AI score0.00596EPSS

EUVD-2023-0759

Malicious code in bioql PyPI...

Exploits0References12

7.8CVSS7.6AI score0.00203EPSS

EUVD-2025-22224

Malicious code in bioql PyPI...

EUVD•added 2026/06/11 6:28 p.m.•46 views

EUVD-2026-36300

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.3, the repository has a privileged deploy workflow that runs after the unprivileged build workflow completes. The build workflow runs on pull requests, and the deploy workflow checks ou...

9.5CVSS5.5AI score0.00324EPSS

EUVD•added 2026/03/13 3:40 p.m.•46 views

EUVD-2026-11645

Poseidon V1 variable-length input collision via implicit zero-padding...

8.7CVSS5.8AI score0.00221EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•46 views

EUVD-2025-5025

Malicious code in bioql PyPI...

6.6AI score