Search Vulnerabilities

Cosign verification accepts any valid Rekor entry under certain conditions

Jan 10, 2026

CVE-2025-15385

Insufficient Verification of Data Authenticity vulnerability in TECNO Mobile com

Jan 6, 2026

CVE-2025-66570

cpp-httplib Untrusted HTTP Header Handling: Internal Header Shadowing (REMOTE*/LOCAL*)

Dec 5, 2025

CVE-2025-66225

OrangeHRM is Vulnerable to Account Takeover Through Unvalidated Username in Password Reset Workflow

Nov 29, 2025

CVE-2025-66255

Unauthenticated Arbitrary File Upload (upgrade_contents.php)

Nov 26, 2025

CVE-2025-66016

CGGMP24 is missing a check in the ZK proof used in CGGMP21

Nov 25, 2025

CVE-2025-12752

Subscriptions & Memberships for PayPal <= 1.1.7 - Unauthenticated Fake Payment Creation

Nov 22, 2025

CVE-2025-34337

eGovFramework <= 4.3.1 Unauthenticated Encryption Oracle via Web Editor Image Upload Endpoints

Nov 19, 2025

CVE-2025-12295

D-Link DAP-2695 Firmware Update sub_40C6B8 signature verification

CVE-2025-12080

Intent Abuse in Google Messages for Wear OS for Silent Message Sending

CVE-2025-12245

chatwoot Widget IFrameHelper.js initPostMessageCommunication origin validation

CVE-2024-58267

Rancher CLI SAML authentication is vulnerable to phishing attacks

Oct 2, 2025

CVE-2025-11195

Rapid7 AppSpider Project Name Validation Bypass

Sep 30, 2025

CVE-2025-59934

Formbricks missing JWT signature verification

Sep 26, 2025

CVE-2025-59420

Authlib: JWS/JWT accepts unknown crit headers (RFC violation → possible authz bypass)

Sep 22, 2025

CVE-2025-59160

matrix-js-sdk has insufficient validation when considering a room to be upgraded by another

Sep 16, 2025

CVE-2025-9379

Belkin AX1800 Firmware Update data authenticity

Aug 24, 2025

CVE-2025-8980

Tenda G1 Firmware Update check_upload_file data authenticity

CVE-2025-8979

Tenda AC15 Firmware Update check_fw data authenticity

CVE-2025-8978

D-Link DIR-619L boa FirmwareUpgrade data authenticity

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-22703

Cosign verification accepts any valid Rekor entry under certain conditions

Jan 10, 2026

CVE-2025-15385

Insufficient Verification of Data Authenticity vulnerability in TECNO Mobile com

Jan 6, 2026

CVE-2025-66570

cpp-httplib Untrusted HTTP Header Handling: Internal Header Shadowing (REMOTE*/LOCAL*)

Dec 5, 2025

CVE-2025-66225

OrangeHRM is Vulnerable to Account Takeover Through Unvalidated Username in Password Reset Workflow

Nov 29, 2025

CVE-2025-66255

Unauthenticated Arbitrary File Upload (upgrade_contents.php)

Nov 26, 2025

CVE-2025-66016

CGGMP24 is missing a check in the ZK proof used in CGGMP21

Nov 25, 2025

CVE-2025-12752

Subscriptions & Memberships for PayPal <= 1.1.7 - Unauthenticated Fake Payment Creation

Nov 22, 2025

CVE-2025-34337

eGovFramework <= 4.3.1 Unauthenticated Encryption Oracle via Web Editor Image Upload Endpoints

Nov 19, 2025

CVE-2025-12295

D-Link DAP-2695 Firmware Update sub_40C6B8 signature verification

CVE-2025-12080

Intent Abuse in Google Messages for Wear OS for Silent Message Sending

CVE-2025-12245

chatwoot Widget IFrameHelper.js initPostMessageCommunication origin validation

CVE-2024-58267

Rancher CLI SAML authentication is vulnerable to phishing attacks

Oct 2, 2025

CVE-2025-11195

Rapid7 AppSpider Project Name Validation Bypass

Sep 30, 2025

CVE-2025-59934

Formbricks missing JWT signature verification

Sep 26, 2025

CVE-2025-59420

Authlib: JWS/JWT accepts unknown crit headers (RFC violation → possible authz bypass)

Sep 22, 2025

CVE-2025-59160

matrix-js-sdk has insufficient validation when considering a room to be upgraded by another

Sep 16, 2025

CVE-2025-9379

Belkin AX1800 Firmware Update data authenticity

Aug 24, 2025

CVE-2025-8980

Tenda G1 Firmware Update check_upload_file data authenticity

CVE-2025-8979

Tenda AC15 Firmware Update check_fw data authenticity

CVE-2025-8978

D-Link DIR-619L boa FirmwareUpgrade data authenticity