Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
A vulnerability has been found in vLLM AIBrix 0.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file pkg/plugins/gateway/prefixcacheindexer/hash.go
A vulnerability, which was classified as critical, has been found in JeeWMS up to 20250504. Affected by this issue is the function dogenerateOne2Many of the file /generateController.do?dogenerateOne2M
A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the fil
A vulnerability was found in shishuocms 1.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated
vLLM is a high-throughput and memory-efficient inference and serving engine for LLMs. Maliciously constructed statements can lead to hash collisions, resulting in cache reuse, which can interfere with
conda-forge-webservices is the web app deployed to run conda-forge admin commands and linting. In versions prior to 2025.4.10, a race condition vulnerability has been identified in the conda-forge-web
A vulnerability has been found in Yonyou U8 Cloud up to 5.1sp. The impacted element is an unknown function of the file /service/NCloudGatewayServlet of the component Request Header Handler. Such manip
A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been rated as problematic. This issue affects some unknown processing of the file /DadosPessoais/SG_AlterarSenha. The manipulation le
MD5 Checksum Bypass vulnerabilities where found exploiting a weakness in the way an application dependency calculates or validates MD5 checksum hashes.  Affected products: ABB ASPECT - Enterprise v3
A vulnerability was determined in yoanbernabeu grepai up to 0.35.0. The affected element is the function PostgresStore.LookupByContentHash of the file indexer/chunker.go of the component Postgres Embe
A Cross-Site Request Forgery vulnerability in GitHub Enterprise Server allowed write operations on a victim-owned repository by exploiting incorrect request types. A mitigating factor is that the atta
A vulnerability was found in Netis WF-2404 1.1.124EN. It has been rated as problematic. This issue affects some unknown processing of the file /еtc/passwd. The manipulation leads to use of weak hash.
CVE-2026-31230
CRITICAL CVSS 9.8
Find Similar
The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a command-line argument injection vulnerability in its Kubeflow component (robustness_evaluation_fgsm_pytorch.py). The script uses the uns
An information disclosure vulnerability was identified in GitHub Enterprise Server via attacker uploaded asset URL allowing the attacker to retrieve metadata information of a user who clicks on the UR
A vulnerability classified as critical has been found in jammy928 CoinExchange_CryptoExchange_Java up to 8adf508b996020d3efbeeb2473d7235bd01436fa. This affects the function uploadLocalImage of the fil
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASE::Parser::ParseLV4MeshBonesVertices of the file code/AssetL
Server-Side Request Forgery (CWE-918) in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restric
A vulnerability was found in LearnHouse up to 98dfad76aad70711a8113f6c1fdabfccf10509ca. The affected element is an unknown function of the file /dash/org/settings/previews of the component Account Set
CVE-2025-9288
CRITICAL CVSS 9.1
Find Similar
Improper Input Validation vulnerability in sha.js allows Input Data Manipulation.This issue affects sha.js: through 2.4.11.
A vulnerability was found in 70mai X200 up to 20251019. This issue affects some unknown processing of the component Init Script Handler. The manipulation results in file inclusion. The attack requires