Lucene search
+L
Vulncheck KevMost viewed

4985 matches found

VulnCheck KEV
VulnCheck KEV
added 2026/05/07 12:0 a.m.47 views

VulnCheck KEV: CVE-2026-40466

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. An authenticated attacker may bypass the fix in CVE-2026-34197 by adding a connector using an HTTP Discovery transport...

8.8CVSS6.4AI score0.04783EPSS
Exploits14References19
VulnCheck KEV
VulnCheck KEV
added 2026/05/29 12:0 a.m.45 views

VulnCheck KEV: CVE-2026-41089

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network...

9.8CVSS6.3AI score0.72253EPSS
Exploits32References2
VulnCheck KEV
VulnCheck KEV
added 2026/01/05 12:0 a.m.45 views

VulnCheck KEV: CVE-2026-0625

Multiple D-Link DSL/DIR/DNS devices contain an authentication bypass and improper access control vulnerability in the dnscfg.cgi endpoint that allows an unauthenticated attacker to access DNS configuration functionality. By directly requesting this endpoint, an attacker can modify the device’s DN...

9.3CVSS5.8AI score0.00964EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2025/10/17 12:0 a.m.45 views

VulnCheck KEV: CVE-2022-0342

An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware...

9.8CVSS5.8AI score0.84839EPSS
Exploits0References30
VulnCheck KEV
VulnCheck KEV
added 2026/06/08 12:0 a.m.44 views

VulnCheck KEV: CVE-2026-42271

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. From version 1.74.2 to before version 1.83.7, two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full server configuration i...

8.8CVSS5.6AI score0.80188EPSS
Exploits2References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/13 12:0 a.m.44 views

VulnCheck KEV: CVE-2026-41176

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint options/set is exposed without AuthRequired: true, but it can mutate global runtime configuration, including the RC option block itself. Starting in version 1.45.0 and pri...

9.8CVSS5.8AI score0.34734EPSS
Exploits1References21
VulnCheck KEV
VulnCheck KEV
added 2026/03/19 12:0 a.m.44 views

VulnCheck KEV: CVE-2026-33017

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/buildpublictmp/flowid/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses...

9.8CVSS6.2AI score0.9999EPSS
Exploits53References8
VulnCheck KEV
VulnCheck KEV
added 2025/10/24 12:0 a.m.44 views

VulnCheck KEV: CVE-2025-51482

Remote Code Execution in letta.server.restapi.routers.v1.tools.runtoolfromsource in letta-ai Letta 0.7.12 allows remote attackers to execute arbitrary Python code and system commands via crafted payloads to the /v1/tools/run endpoint, bypassing intended sandbox restrictions...

8.8CVSS6.3AI score0.01862EPSS
Exploits2References75
VulnCheck KEV
VulnCheck KEV
added 2026/02/09 12:0 a.m.43 views

VulnCheck KEV: CVE-2009-3547

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service NULL pointer dereference and system crash or gain privileges by attempting to open an anonymous pipe via a /proc//fd/ pathname...

7CVSS7.2AI score0.0489EPSS
Exploits7References2
VulnCheck KEV
VulnCheck KEV
added 2026/04/13 12:0 a.m.42 views

VulnCheck KEV: CVE-2026-33032

Nginx UI is a web user interface for the Nginx web server. In versions 2.3.5 and prior, the nginx-ui MCP Model Context Protocol integration exposes two HTTP endpoints: /mcp and /mcpmessage. While /mcp requires both IP whitelisting and authentication AuthRequired middleware, the /mcpmessage endpoi...

9.8CVSS5.8AI score0.38477EPSS
Exploits4References3
VulnCheck KEV
VulnCheck KEV
added 2026/03/31 12:0 a.m.42 views

VulnCheck KEV: CVE-2025-8266

A vulnerability has been found in yanyutao0402 ChanCMS up to 3.1.2 and classified as critical. Affected by this vulnerability is the function getArticle of the file app/modules/cms/controller/collect.js. The manipulation of the argument targetUrl leads to deserialization. The attack can be launch...

6.5CVSS5.4AI score0.00971EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/06/15 12:0 a.m.41 views

VulnCheck KEV: CVE-2026-20262

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does not properly validate...

6.5CVSS5.5AI score0.07683EPSS
Exploits2References4
VulnCheck KEV
VulnCheck KEV
added 2026/06/05 12:0 a.m.41 views

VulnCheck KEV: CVE-2026-31816

Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.31.4 and earlier, the Budibase server's authorized middleware that protects every server-side API endpoint can be completely bypassed by appending a webhook path pattern to the query string of any...

9.1CVSS5.6AI score0.15339EPSS
Exploits2References6
VulnCheck KEV
VulnCheck KEV
added 2026/04/22 12:0 a.m.39 views

VulnCheck KEV: CVE-2026-33626

LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Server-Side Request Forgery SSRF vulnerability in LMDeploy's vision-language module. The loadimage function in lmdeploy/vl/utils.py fetches arbitrary URLs without validating...

7.5CVSS5.9AI score0.4525EPSS
Exploits2References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/14 12:0 a.m.38 views

VulnCheck KEV: CVE-2026-28515

openDCIM version 23.04, through commit 4467e9c4, contains a missing authorization vulnerability in install.php and container-install.php. The installer and upgrade handler expose LDAP configuration functionality without enforcing application role checks. Any authenticated user can access this...

9.3CVSS5.8AI score0.01157EPSS
Exploits3References3
VulnCheck KEV
VulnCheck KEV
added 2026/01/14 12:0 a.m.38 views

VulnCheck KEV: CVE-2017-17762

XML external entity XXE vulnerability in Episerver 7 patch 4 and earlier allows remote attackers to read arbitrary files via a crafted DTD in an XML request involving util/xmlrpc/Handler.ashx...

7.5CVSS5.9AI score0.04648EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2025/07/29 12:0 a.m.38 views

VulnCheck KEV: CVE-2025-5394

The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the aloneimportpackinstallplugin function in all versions up to, and including, 7.8.3. This makes it possible for unauthenticated attackers ...

9.8CVSS6.2AI score0.47809EPSS
Exploits3References4
VulnCheck KEV
VulnCheck KEV
added 2026/04/01 12:0 a.m.37 views

VulnCheck KEV: CVE-2025-59716

ownCloud Guests before 0.12.5 allows unauthenticated user enumeration via the /apps/guests/register/email/token endpoint. Because of insufficient validation of the supplied token in showPasswordForm, the server responds differently when an e-mail address corresponds to a valid pending guest user...

5.3CVSS5.8AI score0.00908EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2025/12/19 12:0 a.m.37 views

VulnCheck KEV: CVE-2024-3408

man-group/dtale version 3.10.0 is vulnerable to an authentication bypass and remote code execution RCE due to improper input validation. The vulnerability arises from a hardcoded SECRETKEY in the flask configuration, allowing attackers to forge a session cookie if authentication is enabled...

9.8CVSS6.7AI score0.77803EPSS
Exploits5References64
VulnCheck KEV
VulnCheck KEV
added 2025/11/19 12:0 a.m.37 views

VulnCheck KEV: CVE-2025-1302

Versions of the package jsonpath-plus before 10.3.0 are vulnerable to Remote Code Execution RCE due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of eval='safe' mode. Note: This is caused by an incomplete fix for...

9.8CVSS6AI score0.10224EPSS
Exploits8References73
VulnCheck KEV
VulnCheck KEV
added 2025/10/31 12:0 a.m.37 views

VulnCheck KEV: CVE-2021-37305

An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: /sys/user/querySysUser?username=admin...

7.5CVSS5.8AI score0.0352EPSS
Exploits0References66
VulnCheck KEV
VulnCheck KEV
added 2026/06/08 12:0 a.m.36 views

VulnCheck KEV: CVE-2026-50751

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...

9.3CVSS5.9AI score0.70099EPSS
Exploits5References4
VulnCheck KEV
VulnCheck KEV
added 2026/05/14 12:0 a.m.36 views

VulnCheck KEV: CVE-2026-8181

The Burst Statistics – Privacy-Friendly WordPress Analytics Google Analytics Alternative plugin for WordPress is vulnerable to Authentication Bypass in versions 3.4.0 to 3.4.1.1. This is due to incorrect return-value handling in the ismainwpauthenticated function when validating application...

9.8CVSS5.8AI score0.14608EPSS
Exploits11References5
VulnCheck KEV
VulnCheck KEV
added 2026/03/31 12:0 a.m.36 views

VulnCheck KEV: CVE-2026-4020

The Gravity SMTP plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.1.4. This is due to a REST API endpoint registered at /wp-json/gravitysmtp/v1/tests/mock-data with a permissioncallback that unconditionally returns true, allowing any...

7.5CVSS5.8AI score0.39704EPSS
Exploits2References8
VulnCheck KEV
VulnCheck KEV
added 2025/10/27 12:0 a.m.36 views

VulnCheck KEV: CVE-2020-36723

The ListingPro - WordPress Directory & Listing Theme for WordPress is vulnerable to Sensitive Data Exposure in versions before 2.6.1 via the /listingpro-plugin/functions.php file. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, full names, email...

5.3CVSS5.8AI score0.01608EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/11 12:0 a.m.35 views

VulnCheck KEV: CVE-2019-13396

FlightPath 4.x and 5.0-x allows directory traversal and Local File Inclusion through the forminclude parameter in an index.php?q=system-handle-form-submit POST request because of an includeonce in systemhandleformsubmit in modules/system/system.module...

5.3CVSS6AI score0.62572EPSS
Exploits5References2
VulnCheck KEV
VulnCheck KEV
added 2010/10/08 12:0 a.m.36 views

VulnCheck KEV: CVE-2010-3889

Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified by Microsoft researchers and other researchers...

7.2CVSS5.8AI score0.01606EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2026/03/20 12:0 a.m.34 views

VulnCheck KEV: CVE-2026-3584

The Kali Forms plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.4.9 via the 'formprocess' function. This is due to the 'preparepostdata' function mapping user-supplied keys directly into internal placeholder storage, combined with the use of...

9.8CVSS6.1AI score0.07239EPSS
Exploits2References3
VulnCheck KEV
VulnCheck KEV
added 2026/01/14 12:0 a.m.34 views

VulnCheck KEV: CVE-2021-25281

An issue was discovered in through SaltStack Salt before 3002.5. salt-api does not honor eauth credentials for the wheelasync client. Thus, an attacker can remotely run any wheel modules on the master...

9.8CVSS5.8AI score0.72945EPSS
Exploits5References2
VulnCheck KEV
VulnCheck KEV
added 2025/12/19 12:0 a.m.34 views

VulnCheck KEV: CVE-2025-32778

Web-Check is an all-in-one OSINT tool for analyzing any website. A command injection vulnerability exists in the screenshot API of the Web Check project Lissy93/web-check. The issue stems from user-controlled input url being passed unsanitized into a shell command using exec, allowing attackers t...

9.3CVSS6.2AI score0.19326EPSS
Exploits4References78
VulnCheck KEV
VulnCheck KEV
added 2025/09/03 12:0 a.m.34 views

VulnCheck KEV: CVE-2022-22957

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities CVE-2022-22957 & CVE-2022-22958. A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI which may result in remote...

7.2CVSS6.4AI score0.23084EPSS
Exploits5References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/19 12:0 a.m.33 views

VulnCheck KEV: CVE-2026-34234

CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the web-based installer public/installer/index.php is vulnerable to unauthenticated Remote Code Execution RCE because it performs the install.lock check only after including and executing form handler...

10CVSS6.2AI score0.00821EPSS
Exploits2References2
VulnCheck KEV
VulnCheck KEV
added 2026/04/13 12:0 a.m.33 views

VulnCheck KEV: CVE-2026-34197

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy permits exec operations o...

8.8CVSS7.8AI score0.96666EPSS
Exploits14References26
VulnCheck KEV
VulnCheck KEV
added 2026/04/04 12:0 a.m.33 views

VulnCheck KEV: CVE-2026-35616

A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests...

9.8CVSS6AI score0.88505EPSS
Exploits8References6
VulnCheck KEV
VulnCheck KEV
added 2025/10/09 12:0 a.m.33 views

VulnCheck KEV: CVE-2025-5504

A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWsc. The manipulation of the argument peerRptPin leads to command injection. The attack can be initiated remotely. The exploit has bee...

6.5CVSS5.5AI score0.15041EPSS
Exploits1References3
VulnCheck KEV
VulnCheck KEV
added 2026/04/07 12:0 a.m.32 views

VulnCheck KEV: CVE-2026-22679

Weaver Fanwei E-cology 10.0 versions prior to 20260312 contain an unauthenticated remote code execution vulnerability in the /papi/esearch/data/devops/dubboApi/debug/method endpoint that allows attackers to execute arbitrary commands by invoking exposed debug functionality. Attackers can craft PO...

9.8CVSS6.7AI score0.2148EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/14 12:0 a.m.31 views

VulnCheck KEV: CVE-2026-20182

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show...

10CVSS6.2AI score0.88496EPSS
Exploits4References6
VulnCheck KEV
VulnCheck KEV
added 2026/05/07 12:0 a.m.31 views

VulnCheck KEV: CVE-2026-44742

Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the wild in May 2026...

7.2CVSS5.8AI score0.00237EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2025/08/15 12:0 a.m.31 views

VulnCheck KEV: CVE-2025-7441

The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.0.42. This vulnerability occurs through the /wp-json/storychief/webhook REST-API endpoint that does not have sufficient filetype validation. This makes it possible for unauthenticat...

9.8CVSS6.5AI score0.39494EPSS
Exploits8References2
VulnCheck KEV
VulnCheck KEV
added 2025/06/28 12:0 a.m.31 views

VulnCheck KEV: CVE-2024-30269

DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the /de2api/engine/getEngine;.js path via a browser reveals that the platform's database configuration is returned. The vulnerability has...

5.3CVSS5.8AI score0.16EPSS
Exploits2References53
VulnCheck KEV
VulnCheck KEV
added 2026/06/26 12:0 a.m.30 views

VulnCheck KEV: CVE-2026-55255

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...

9.9CVSS5.8AI score0.0056EPSS
Exploits2References2
VulnCheck KEV
VulnCheck KEV
added 2026/06/08 12:0 a.m.30 views

VulnCheck KEV: CVE-2026-5027

The 'POST /api/v2/files' endpoint does not sanitize the 'filename' parameter from the multipart form data, allowing an attacker to write files to arbitrary locations on the filesystem using path traversal sequences '../'...

8.8CVSS5.6AI score0.31405EPSS
Exploits4References27
VulnCheck KEV
VulnCheck KEV
added 2026/05/21 12:0 a.m.30 views

VulnCheck KEV: CVE-2026-48172

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation possibly to root, as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpaneljsonapifunc=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2/dev/null in Bash. If you get no output,...

10CVSS5.8AI score0.18914EPSS
Exploits1References5
VulnCheck KEV
VulnCheck KEV
added 2026/05/04 12:0 a.m.30 views

VulnCheck KEV: CVE-2026-3296

The Everest Forms plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.4.3 via deserialization of untrusted input from form entry metadata. This is due to the html-admin-page-entries-view.php file calling PHP's native unserialize on stored entry meta...

9.8CVSS5.8AI score0.00878EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/04/23 12:0 a.m.30 views

VulnCheck KEV: CVE-2026-3844

The Breeze Cache plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fetchgravatarfromremote' function in all versions up to, and including, 2.4.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

9.8CVSS6.6AI score0.36512EPSS
Exploits8References2
VulnCheck KEV
VulnCheck KEV
added 2026/04/07 12:0 a.m.30 views

VulnCheck KEV: CVE-2024-3605

The WP Hotel Booking plugin for WordPress is vulnerable to SQL Injection via the 'roomtype' parameter of the /wphb/v1/rooms/search-rooms REST API endpoint in all versions up to, and including, 2.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on...

10CVSS5.9AI score0.04186EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/02/10 12:0 a.m.30 views

VulnCheck KEV: CVE-2026-21513

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network...

8.8CVSS5.8AI score0.15384EPSS
Exploits0References13
VulnCheck KEV
VulnCheck KEV
added 2025/07/18 12:0 a.m.30 views

VulnCheck KEV: CVE-2024-10586

The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the dbtpullimage function and missing file type validation in all versions up to, and including, 2.2. This makes it possible for unauthenticated attackers to to create arbitrary files...

10CVSS6.1AI score0.02085EPSS
Exploits2References24
VulnCheck KEV
VulnCheck KEV
added 2026/06/27 12:0 a.m.29 views

VulnCheck KEV: CVE-2026-8054

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in the Publish Audit API endpoints /api/auditPublishing/get and /api/auditPublishing/getAll in dotCMS Core 25.11.04-1 through 26.04.28-02 allows remote unauthenticated attackers to read, modify, or destroy arbitrar...

10CVSS6.1AI score0.01584EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/06/26 12:0 a.m.29 views

VulnCheck KEV: CVE-2026-52813

Gogs is an open source self-hosted Git service. Prior to 0.14.3, organization names containing path traversal sequences ../ are accepted by Gogs, and repositories under them are written to paths following these path traversals. This allows storing/retrieving data for repositories at arbitrary...

10CVSS7.6AI score0.01107EPSS
Exploits0References2
Total number of security vulnerabilities4985