Search Vulnerabilities

Stored Cross-Site Scripting in Altium Workflow Engine Allows Privilege Escalation

Jan 15, 2026

CVE-2026-23477

Rocket.Chat Unauthorized Access to OAuth App Details

CVE-2026-22708

Cursor has a Terminal Tool Allowlist Bypass via Environment Variables

CVE-2026-22238

Administrator Account Creation Vulnerability in BLUVOYIX

CVE-2025-36640

Local Privilege Escalation

Jan 13, 2026

CVE-2026-22804

Termix has a Stored XSS in File Manager leading to Local File Inclusion (LFI) in Electron and Session Hijacking in Browser

Jan 12, 2026

CVE-2025-14736

Frontend Admin by DynamiApps <= 3.28.25 - Unauthenticated Privilege Escalation to Administrator via Role Form Field

CVE-2025-66315

ZTE MF258K Pro Version Server has a Configuration Defect Vulnerability

CVE-2026-22043

RustFS has IAM deny_only Short-Circuit that Allows Privilege Escalation via Service Account Minting

Jan 8, 2026

CVE-2026-22536

PRIVILEGE ESCALATION VIA SUDO COMMAND

Jan 7, 2026

CVE-2025-47411

Apache StreamPipes: Leverage of User ID for Privilege Escalation

Jan 1, 2026

CVE-2025-69257

theshit vulnerable to unsafe loading of user-owned Python rules when running as root.

Dec 30, 2025

CVE-2025-68697

Self-hosted n8n has Legacy Code node that enables arbitrary file read/write

CVE-2025-52599

Inadequate account permissions management

CVE-2025-57840

LOW

Privilege Bypass in ADB

Dec 24, 2025

CVE-2025-13619

Flex Store Users <= 1.1.0 - Unauthenticated Privilege Escalation

Dec 20, 2025

CVE-2025-58053

Galette has a privilege escalation vulnerability

Dec 19, 2025

CVE-2023-53908

HiSecOS 04.0.01 Privilege Escalation via User Role Modification

Dec 17, 2025

CVE-2025-64338

ClipBucket's Manage Photos Feature is Vulnerable to Stored XSS via Collection Name

Dec 15, 2025

CVE-2025-67727

Parse Server GitHub CI workflow vulnerable to RCE through Improper Privilege Management

Dec 12, 2025

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-1010

Stored Cross-Site Scripting in Altium Workflow Engine Allows Privilege Escalation

Jan 15, 2026

CVE-2026-23477

Rocket.Chat Unauthorized Access to OAuth App Details

CVE-2026-22708

Cursor has a Terminal Tool Allowlist Bypass via Environment Variables

CVE-2026-22238

Administrator Account Creation Vulnerability in BLUVOYIX

CVE-2025-36640

Local Privilege Escalation

Jan 13, 2026

CVE-2026-22804

Termix has a Stored XSS in File Manager leading to Local File Inclusion (LFI) in Electron and Session Hijacking in Browser

Jan 12, 2026

CVE-2025-14736

Frontend Admin by DynamiApps <= 3.28.25 - Unauthenticated Privilege Escalation to Administrator via Role Form Field

CVE-2025-66315

ZTE MF258K Pro Version Server has a Configuration Defect Vulnerability

CVE-2026-22043

RustFS has IAM deny_only Short-Circuit that Allows Privilege Escalation via Service Account Minting

Jan 8, 2026

CVE-2026-22536

PRIVILEGE ESCALATION VIA SUDO COMMAND

Jan 7, 2026

CVE-2025-47411

Apache StreamPipes: Leverage of User ID for Privilege Escalation

Jan 1, 2026

CVE-2025-69257

theshit vulnerable to unsafe loading of user-owned Python rules when running as root.

Dec 30, 2025

CVE-2025-68697

Self-hosted n8n has Legacy Code node that enables arbitrary file read/write

CVE-2025-52599

Inadequate account permissions management

CVE-2025-57840

LOW

Privilege Bypass in ADB

Dec 24, 2025

CVE-2025-13619

Flex Store Users <= 1.1.0 - Unauthenticated Privilege Escalation

Dec 20, 2025

CVE-2025-58053

Galette has a privilege escalation vulnerability

Dec 19, 2025

CVE-2023-53908

HiSecOS 04.0.01 Privilege Escalation via User Role Modification

Dec 17, 2025

CVE-2025-64338

ClipBucket's Manage Photos Feature is Vulnerable to Stored XSS via Collection Name

Dec 15, 2025

CVE-2025-67727

Parse Server GitHub CI workflow vulnerable to RCE through Improper Privilege Management