Beyond security
Language
No results found for ""
Try different keywords or check spelling
Search in CVE database, posts & pages • Press ESC to close
No results found for ""
Try different keywords or check spelling
Search in CVE database, posts & pages • Press ESC to close
Vulnerability Database & Cybersecurity Intelligence Platform
Real-time CVE vulnerability tracking, CVSS scoring, CISA KEV alerts, and EPSS data to protect your infrastructure from emerging threats.
Highest priority threats requiring immediate attention
DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, a Cross-Site Scripting (XSS) vulnerability exists due to a discrepancy between the backend…
DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, An incomplete mitigation for CVE-2025-55733 leaves DeepChat vulnerable to an arbitrary protocol execution…
oxyno-zeta/s3-proxy is an aws s3 proxy written in go. Prior to 5.0.0, s3-proxy contains an authentication bypass caused by inconsistent URL path interpretation between the authentication middleware and the bucket…
SOCFortress CoPilot focuses on providing a single pane of glass for all your security operations needs. Prior to 0.1.57, SOCFortress CoPilot ships a hardcoded JWT signing secret as a fallback…
FireFighter is an incident management application. Prior to 0.0.54, the POST /api/v2/firefighter/raid/jira_bot endpoint (CreateJiraBotView) is reachable without authentication (permission_classes = [permissions.AllowAny]). Its attachments payload is fetched server-side via httpx.get() with…
All the tools you need to monitor, analyze, and respond to vulnerabilities
Access 256,938+ vulnerabilities with CVSS scores, technical details, and affected products.
Prioritize vulnerabilities with CVSS v3.1 severity scores and EPSS exploit probability data.
Track vulnerabilities by vendor: Microsoft, Google, Apple, Linux, and thousands more.
Search vulnerabilities by specific product and get alerts for the technologies in your stack.
Filter by severity, product, vendor, date, CWE type, and exploitation status.
Actively exploited vulnerabilities from the CISA Known Exploited Vulnerabilities catalog.
Most recently added CVEs to our database
A security vulnerability has been detected in D-Link DIR-816 1.10CNB05_R1B011D88210. Affected by this issue is the function sub_445E7C of the…
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.4, there is a security vulnerability in Vaultwarden that allows…
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden allows an unconfirmed organization owner to purge the…
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden does not enforce that a groups_users.users_organizations_uuid entry belongs…
Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, refresh tokens are not invalidated when the user's security_stamp…
Wireshark MCP is an MCP Server that turns tshark into a structured analysis interface, then layers in optional Wireshark suite…
Vendors and products with the highest number of reported vulnerabilities
Explore our comprehensive CVE vulnerability database and stay informed about the latest threats.