CVE-2026-3227: TP-Link Router OS Command Injection For more Information see https://vulners.com/cve/CVE-2026-3227 A persistent, authenticated OS Co...
CVE-2025-8110 Gogs Repository Symlink Remote Code Execution Made by oguiii --- Table of Contents - Overview - Features - Requirements - Installatio...
An issue in the time_t_to_dt component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL ...
A buffer overflow in the gf_media_import function (/media_tools/av_parsers.c) of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Den...
A use-after-free in the gf_filter_pid_inst_swap_delete_task function (/filter_core/filter_pid.c) of GPAC Project/MP4Box before 26.02.0 allows attac...
The InPost PL WordPress plugin before 1.9.1 does not verify that the request originates from the legitimate buyer before allowing the WooCommerce o...
The Email Address Encoder WordPress plugin before 1.0.25, email-encoder-premium WordPress plugin before 0.3.12 does not properly handle email repla...
A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning.
Winstone Servlet Engine through 0.9.10 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by sen...
Unauthenticated Cross Site Scripting (XSS) in Forminator
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
