Search

Expected end of text, found '.' (at char 16), (line:1, col:17)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (329558 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-24042 1 Appsmith 1 Appsmith 2026-01-22 9.4 Critical
Appsmith is a platform to build admin panels, internal tools, and dashboards. In versions 1.94 and below, publicly accessible apps allow unauthenticated users to execute unpublished (edit-mode) actions by sending viewMode=false (or omitting it) to POST /api/v1/actions/execute. This bypasses the expected publish boundary where public viewers should only execute published actions, not edit-mode versions. An attack can result in sensitive data exposure, execution of edit‑mode queries and APIs, development data access, and the ability to trigger side effect behavior. This issue does not have a released fix at the time of publication.
CVE-2025-71176 1 Pytest 1 Py 2026-01-22 6.8 Medium
pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-{user} name pattern, which allows local users to cause a denial of service or possibly gain privileges.
CVE-2024-3727 1 Redhat 18 Acm, Advanced Cluster Security, Ansible Automation Platform and 15 more 2026-01-22 8.3 High
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
CVE-2025-39483 2 Imithemes, Wordpress 2 Eventer, Wordpress 2026-01-22 6.5 Medium
Improper Control of Generation of Code ('Code Injection') vulnerability in imithemes Eventer allows Code Injection.This issue affects Eventer: from n/a before 3.9.9.1.
CVE-2024-53252 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-53251 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-53250 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-53249 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-53248 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45743 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45742 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45730 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45729 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45728 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45727 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45726 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45725 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-45724 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-36998 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.
CVE-2024-36988 2026-01-22 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. The CVE was never used.