Security Database

VULNERABILITY
DATABASE

Comprehensive database of CVEs, exploits from Exploit-DB, and CISA's Known Exploited Vulnerabilities (KEV) catalog. Updated daily with the latest security vulnerabilities.

CVEs

8K+

Exploits

2K+

KEV

104

Daily

LIVE

Critical & Exploited

View KEV Catalog

CRITICAL

CVE-2018-25335

WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows unaut...

CRITICAL

CVE-2018-25332

GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attacke...

CRITICAL

CVE-2018-25320

ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability tha...

CRITICAL

CVE-2021-47952

python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to exec...

CRITICAL

CVE-2020-37239

libbabl 0.1.62 contains a broken double free detection vulnerability that allows attackers to bypass...

Recent CVEs

View all CVEs

CVE-2026-8782

4.3MEDIUM

A weakness has been identified in omec-project amf up to 2.1.3-dev. This affects an unknown function of the file ngap/handler.go of the component NGAP Message Handler. This manipulation causes null po...

5/18/2026CWE-404, CWE-476

CVE-2026-8781

4.3MEDIUM

A security flaw has been discovered in omec-project amf up to 2.1.3-dev. The impacted element is the function RANConfiguration of the file ngap/handler.go. The manipulation results in null pointer der...

5/18/2026CWE-404, CWE-476

CVE-2026-8780

4.3MEDIUM

A vulnerability was identified in omec-project amf up to 2.1.3-dev. The affected element is an unknown function of the file ngap/dispatcher.go of the component NGAP Message Handler. The manipulation l...

5/18/2026CWE-119

CVE-2026-8779

4.3MEDIUM

A vulnerability was determined in omec-project amf up to 2.1.3-dev. Impacted is the function NGSetupRequest of the file ngap/handler.go. Executing a manipulation of the argument InformationElement can...

5/18/2026CWE-119

CVE-2026-8777

6.3MEDIUM

A vulnerability was found in Edimax BR-6428NS 1.10. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. Performing a manipulation...

5/18/2026CWE-74, CWE-77

CVE-2026-8776

8.8HIGH

A vulnerability has been found in Edimax BR-6428NS 1.10. This vulnerability affects the function formPPTPSetup of the file /goform/formPPTPSetup of the component POST Request Handler. Such manipulatio...

5/18/2026CWE-119, CWE-120

Recent Exploits

View all Exploits

EDB-52465

webappsmultiple

WordPress Quiz Maker 6.7.0.56 - SQL Injection

CVE-2025-10042

Rahul Sreenivasan12/25/2025

EDB-52463

webappsmultiple

FreeBSD rtsold 15.x - Remote Code Execution via DNSSL

CVE-2025-14558

Lukas Johannes Möller12/25/2025

EDB-52464

webappsmultiple

Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie

CISA KEV Catalog

View full catalog

CVE ID	Vendor	Product	Date Added	Ransomware
CVE-2026-42897	Microsoft	Microsoft	2026-05-15	-
CVE-2026-20182	Cisco	Catalyst SD-WAN	2026-05-14	-
CVE-2026-42208	BerriAI	LiteLLM	2026-05-08	-
CVE-2026-6973	Ivanti	Endpoint Manager Mobile (EPMM)	2026-05-07	-
CVE-2026-0300	Palo Alto Networks	PAN-OS	2026-05-06	-

Data Sources

CVE Program (MITRE)NVD (NIST)Exploit-DB (OffSec)CISA KEV Catalog

This vulnerability database is provided for educational and authorized security research purposes only.

VULNERABILITYDATABASE

Critical & Exploited

CVE-2018-25335

CVE-2018-25332

CVE-2018-25320

CVE-2021-47952

CVE-2020-37239

Recent CVEs

CVE-2026-8782

CVE-2026-8781

CVE-2026-8780

CVE-2026-8779

CVE-2026-8777

CVE-2026-8776

Recent Exploits

WordPress Quiz Maker 6.7.0.56 - SQL Injection

FreeBSD rtsold 15.x - Remote Code Execution via DNSSL

Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie

Summar Employee Portal 3.98.0 - Authenticated SQL Injection

esm-dev 136 - Path Traversal

Pluck 4.7.7-dev2 - PHP Code Execution

CISA KEV Catalog

Data Sources

VULNERABILITY
DATABASE