Recent vulnerabilities
Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
| ID | CVSS | Description | Vendor | Product | Published | Updated |
|---|---|---|---|---|---|---|
| GCVE-1-2026-20092 |
9 (4.0)
|
MISP user edit endpoint mass assignment vulnerability … |
misp |
misp |
2026-06-04T14:37:40.294616Z | 2026-06-04T14:38:56.136890Z |
| GCVE-1-2026-20069 |
5.3 (4.0)
|
MISP Dashboard widget field selection may expose restr… |
misp |
misp |
2026-06-04T13:52:44.451016Z | 2026-06-04T13:53:15.203048Z |
| GCVE-1-2026-20059 |
6.4 (4.0)
|
MISP User-controlled order parameter in correlations o… |
misp |
misp |
2026-06-04T13:43:15.325491Z | 2026-06-04T13:43:53.201590Z |
| GCVE-1-2026-20080 |
7.9 (4.0)
|
MISP CRUDComponent delete validation bypass via operat… |
misp |
misp |
2026-06-04T13:33:12.389807Z | 2026-06-04T13:34:43.841257Z |
| GCVE-1-2026-20083 |
5.1 (4.0)
|
MISP post-login open redirect via pre_login_requested_url |
misp |
misp |
2026-06-04T13:24:46.311258Z | 2026-06-04T13:26:10.929321Z |
| GCVE-1-2026-20101 |
5.1 (4.0)
|
Open redirect in MISP dashboard button widget URL handling |
misp |
misp |
2026-06-04T13:15:07.059298Z | 2026-06-04T13:17:44.483681Z |
| GCVE-1-2026-20047 |
5.1 (4.0)
|
MISP Event template importer authorization bypass |
misp |
misp |
2026-06-04T13:03:38.630862Z | 2026-06-04T13:05:56.422493Z |
| GCVE-1-2026-20066 |
5.3 (4.0)
|
Unauthorized exposure of private galaxies in MISP even… |
misp |
misp |
2026-06-04T12:50:00.000Z | 2026-06-04T12:55:19.417449Z |
| GCVE-1-2026-20081 |
8.2 (4.0)
|
OTP bypass via plugin-based LDAP authentication in MIS… |
misp |
misp |
2026-06-02T12:44:00.000Z | 2026-06-02T12:49:10.965149Z |
| GCVE-1-2026-20001 |
6.2 (4.0)
|
FlowIntel external reference URL probe allows server-s… |
flowintel |
flowintel |
2026-05-28T09:24:00.000Z | 2026-05-28T09:28:16.686697Z |
| GCVE-1-2026-0036 |
6.3 (4.0)
|
Stored Cross-Site Scripting (XSS) in CTI Transmute Not… |
misp |
cti-transmute |
2026-05-27T15:06:00.000Z | 2026-05-28T06:42:02.283417Z |
| GCVE-1-2026-0035 |
8.3 (4.0)
|
Unauthorized ShadowAttribute modification in MISP via … |
misp |
misp |
2026-05-20T18:34:00.000Z | 2026-05-20T18:41:09.250167Z |
| GCVE-1-2026-0034 |
5.1 (4.0)
|
CSP Report Endpoint Log Flooding via Incorrect Size Limit |
misp |
misp |
2026-05-20T18:15:00.000Z | 2026-05-20T18:42:33.806971Z |
| GCVE-1-2026-0033 |
6 (4.0)
|
MISP OIDC authentication bypass via automatic email-ba… |
misp |
misp |
2026-05-20T14:22:00.000Z | 2026-05-20T15:11:36.782113Z |
| GCVE-1-2026-0032 |
6.8 (4.0)
|
MISP core - Stored XSS in MISP template (old engine) e… |
misp |
misp |
2026-05-07T12:09:04.093898Z | 2026-05-07T12:09:04.093898Z |
| GCVE-1-2026-0031 |
9.4 (4.0)
|
MISP - SQL injection via unvalidated ordering paramete… |
misp |
misp |
2026-04-29T20:14:00.000Z | 2026-05-06T16:00:13.755114Z |
| GCVE-1-2026-0030 |
9.3 (4.0)
|
MISP - Improper access control in auth key reset allow… |
misp |
misp |
2026-04-29T20:10:00.000Z | 2026-05-06T16:01:17.334511Z |
| GCVE-1-2026-0029 |
6.3 (4.0)
|
Improper UUID validation in MISP Collections |
misp |
misp |
2026-04-29T20:03:00.000Z | 2026-05-06T16:01:52.283022Z |
| GCVE-1-2026-0028 |
9.3 (4.0)
|
LookyLoo - PlaywrightCapture permits access to local f… |
LookyLoo |
PlaywrightCapture |
2026-04-29T19:28:00.000Z | 2026-04-29T19:28:44.316023Z |
| GCVE-1-2026-0027 |
5.8 (4.0)
|
Unsafe remote resource fetching in expansion misp-modules |
misp |
misp-modules |
2026-04-29T12:05:00.000Z | 2026-05-06T16:03:40.556833Z |
| GCVE-1-2026-0026 |
9.3 (4.0)
|
misp-modules website - Missing CSRF protection in the … |
misp |
misp-modules |
2026-04-29T09:24:00.000Z | 2026-05-06T16:04:44.788582Z |
| GCVE-1-2026-0025 |
6.9 (4.0)
|
RansomLook - Improper Filtering of Private Location En… |
ransomlook |
ransomlook |
2026-04-12T15:22:00.000Z | 2026-04-15T20:29:51.794609Z |
| GCVE-1-2026-0024 |
8.8 (4.0)
|
LDAP injection in MISP ApacheAuthenticate when using a… |
misp |
misp |
2026-04-08T08:28:00.000Z | 2026-04-09T04:44:04.936665Z |
| GCVE-1-2026-0023 |
8.5 (4.0)
|
Stored XSS in modal item preview for long item content… |
ail-project |
ail-framework |
2026-04-07T06:29:00.000Z | 2026-04-08T04:22:15.084342Z |
| GCVE-1-2026-0022 |
6.4 (4.0)
|
MISP - Beta Overmind UI Stored Cross-Site Scripting in… |
misp |
misp |
2026-03-30T09:48:36.968649Z | 2026-03-30T09:48:36.968649Z |
| GCVE-1-2026-0021 |
10 (4.0)
|
Critical RCE Vulnerability reported in Windchill |
windchill |
FlexPLM |
2026-03-23T12:30:40.249187Z | 2026-03-23T12:30:40.249187Z |
| GCVE-1-2026-0020 |
10 (4.0)
|
Remote Code Execution Attack Against Eircom D1000 Router |
Eir |
D1000 |
2026-03-11T14:12:00.000Z | 2026-03-11T14:23:24.609831Z |
| GCVE-1-2026-0019 |
6.4 (4.0)
|
Improper URL validation in MISP dashboard button widge… |
misp |
misp |
2026-02-27T14:55:00.000Z | 2026-02-27T15:44:29.998063Z |
| GCVE-1-2026-0018 |
6.5 (4.0)
|
Improper access control in MISP user contact form allo… |
misp |
misp |
2026-02-27T13:25:32.632362Z | 2026-02-27T13:25:32.632362Z |
| GCVE-1-2026-0017 |
7.2 (4.0)
|
Improper Neutralization of Raw HTML in MISP modules Ma… |
misp |
misp-modules |
2026-02-27T13:10:24.641948Z | 2026-02-27T13:10:24.641948Z |