Comprehensive database of CVEs, exploits from Exploit-DB, and CISA's Known Exploited Vulnerabilities (KEV) catalog. Updated daily with the latest security vulnerabilities.
2K+
2K+
1K+
LIVE
A security vulnerability has been detected in SECCN Dingcheng G10 3.1.0.181203. This impacts the fun...
InvoicePlane is a self-hosted open source application for managing invoices, clients, and payments. ...
Semantic Kernel is an SDK used to build, orchestrate, and deploy AI agents and multi-agent systems. ...
The YayMail – WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized modifi...
The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an...
A security vulnerability has been detected in SECCN Dingcheng G10 3.1.0.181203. This impacts the function qq of the file /cgi-bin/session_login.cgi. The manipulation of the argument User leads to os c...
A vulnerability was determined in Tsinghua Unigroup Electronic Archives System up to 3.2.210802(62532). The impacted element is an unknown function of the file /Archive/ErecordManage/uploadFile.html. ...
Notepad++ is a free and open-source source code editor. An Unsafe Search Path vulnerability (CWE-426) exists in versions prior to 8.9.2 when launching Windows Explorer without an absolute executable p...
Weblate is a web based localization tool. Prior to 5.16.0, the SSH management console did not validate the passed input while adding the SSH host key, which could lead to an argument injection to `ssh...
Fileflows versions before 25.05.2 are affected by an authenticated SQL injection vulnerability in the library-file search function. Successful exploitation requires the system to use MySQL as the unde...
A vulnerability was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). The affected element is an unknown function of the file /Using/Subject/downLoad.html. Performing a manipula...
| CVE ID | Vendor | Product | Date Added | Ransomware |
|---|---|---|---|---|
| CVE-2026-20805 | Microsoft | Windows | 2026-01-13 | - |
| CVE-2025-8110 | Gogs | Gogs | 2026-01-12 | - |
| CVE-2025-37164 | Hewlett Packard Enterprise (HPE) | OneView | 2026-01-07 | - |
| CVE-2009-0556 | Microsoft | Office | 2026-01-07 | - |
| CVE-2025-14847 | MongoDB | MongoDB and MongoDB Server | 2025-12-29 | - |
This vulnerability database is provided for educational and authorized security research purposes only.