Search Vulnerabilities

Account Takeover via Predictable SSO Ticket Generation

Jun 23, 2026

CVE-2026-50009

Netty QUIC stateless reset token material exposed through header-visible connection IDs

CVE-2026-45673

Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port

CVE-2026-41701

In Spring AMQP sequential correlation IDs enable reply poisoning on fixed reply queues

CVE-2026-41838

Spring Framework Predictable Session ID in WebSocket Module

CVE-2026-41207

netty-incubator-codec-ohttp's HPKEContext operations may produce empty byte[] on failures

CVE-2026-50208

Permissive TrustAllCerts TLS Verification

CVE-2026-44054

Predictable afpd session token

May 21, 2026

CVE-2026-42155

Magento LTS: Weak API Session ID — Predictable MD5 of Time-Derived Inputs

May 15, 2026

CVE-2026-41505

RELATE: Predictable Token Generation in auth.py and exam.py

May 7, 2026

CVE-2026-7847

LOW

chatchat-space Langchain-Chatchat Uploaded File openai_routes.py _get_file_id random values

May 5, 2026

CVE-2026-40975

Values produced by ${random

Apr 27, 2026

CVE-2026-40496

FreeScout has Predictable Attachment Token that Allows Unauthenticated Private File Download via Brute Force

Apr 21, 2026

CVE-2026-40306

DNN has same HostGUID for all new installs

Apr 17, 2026

CVE-2026-33710

Chamilo LMS has Weak REST API Key Generation (Predictable)

Apr 10, 2026

CVE-2026-34511

OpenClaw < 2026.4.2 - PKCE Verifier Exposure via OAuth State Parameter

Apr 3, 2026

CVE-2025-15603

open-webui JWT Key start_windows.bat random values

Mar 9, 2026

CVE-2026-25072

XikeStor SKS8310-8X Predictable Session Identifiers

Mar 7, 2026

CVE-2026-20101

A vulnerability in the SAML 2

Mar 4, 2026

CVE-2026-28415

Gradio has Open Redirect in OAuth Flow

Feb 27, 2026

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-11374

Account Takeover via Predictable SSO Ticket Generation

Jun 23, 2026

CVE-2026-50009

Netty QUIC stateless reset token material exposed through header-visible connection IDs

CVE-2026-45673

Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port

CVE-2026-41701

In Spring AMQP sequential correlation IDs enable reply poisoning on fixed reply queues

CVE-2026-41838

Spring Framework Predictable Session ID in WebSocket Module

CVE-2026-41207

netty-incubator-codec-ohttp's HPKEContext operations may produce empty byte[] on failures

CVE-2026-50208

Permissive TrustAllCerts TLS Verification

CVE-2026-44054

Predictable afpd session token

May 21, 2026

CVE-2026-42155

Magento LTS: Weak API Session ID — Predictable MD5 of Time-Derived Inputs

May 15, 2026

CVE-2026-41505

RELATE: Predictable Token Generation in auth.py and exam.py

May 7, 2026

CVE-2026-7847

LOW

chatchat-space Langchain-Chatchat Uploaded File openai_routes.py _get_file_id random values

May 5, 2026

CVE-2026-40975

Values produced by ${random

Apr 27, 2026

CVE-2026-40496

FreeScout has Predictable Attachment Token that Allows Unauthenticated Private File Download via Brute Force

Apr 21, 2026

CVE-2026-40306

DNN has same HostGUID for all new installs

Apr 17, 2026

CVE-2026-33710

Chamilo LMS has Weak REST API Key Generation (Predictable)

Apr 10, 2026

CVE-2026-34511

OpenClaw < 2026.4.2 - PKCE Verifier Exposure via OAuth State Parameter

Apr 3, 2026

CVE-2025-15603

open-webui JWT Key start_windows.bat random values

Mar 9, 2026

CVE-2026-25072

XikeStor SKS8310-8X Predictable Session Identifiers

Mar 7, 2026

CVE-2026-20101

A vulnerability in the SAML 2

Mar 4, 2026

CVE-2026-28415