CVE & Exploit Intelligence Database

Updated 2h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

338,223 CVEs tracked 53,280 with exploits 4,730 exploited in wild 1,542 CISA KEV 3,929 Nuclei templates 37,826 vendors 42,569 researchers
1,099 results Clear all
CVE-2020-28369 7.8 HIGH EPSS 0.00
Beyondtrust Privilege Management For ... - Uncontrolled Search Path
In BeyondTrust Privilege Management for Windows (aka PMfW) through 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp.
CWE-427 Dec 12, 2023
CVE-2023-48677 7.8 HIGH EPSS 0.00
Acronis - Privilege Escalation
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901, Acronis Cyber Protect Cloud Agent (Windows) before build 39378, Acronis Cyber Protect 16 (Windows) before build 39938.
CWE-427 Dec 12, 2023
CVE-2023-41117 8.8 HIGH EPSS 0.00
Enterprisedb Postgres Advanced Server < 11.21.32 - Uncontrolled Search Path
An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. It contain packages, standalone packages, and functions that run SECURITY DEFINER but are inadequately secured against search_path attacks.
CWE-427 Dec 12, 2023
CVE-2023-48861 7.8 HIGH EPSS 0.00
TTplayer <7.0.2 - Privilege Escalation
DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll.
CWE-427 Dec 07, 2023
CVE-2023-41613 7.8 HIGH EPSS 0.00
EzViz Studio <2.2.0 - Code Injection
EzViz Studio v2.2.0 is vulnerable to DLL hijacking.
CWE-427 Dec 04, 2023
CVE-2023-45252 7.8 HIGH EPSS 0.00
Huddlycameraservice < 8.0.7 - Uncontrolled Search Path
DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges.
CWE-427 Dec 01, 2023
CVE-2023-47454 7.8 HIGH EPSS 0.00
Netease Cloudmusic - Uncontrolled Search Path
An Untrusted search path vulnerability in NetEase CloudMusic 2.10.4 for Windows allows local users to gain escalated privileges through the urlmon.dll file in the current working directory.
CWE-427 Nov 30, 2023
CVE-2023-47453 7.8 HIGH EPSS 0.00
Sohu Video Player - Uncontrolled Search Path
An Untrusted search path vulnerability in Sohu Video Player 7.0.15.0 allows local users to gain escalated privileges through the version.dll file in the current working directory.
CWE-427 Nov 30, 2023
CVE-2023-47452 7.8 HIGH EPSS 0.00
Notepad-plus-plus Notepad++ - Uncontrolled Search Path
An Untrusted search path vulnerability in notepad++ 6.5 allows local users to gain escalated privileges through the msimg32.dll file in the current working directory.
CWE-427 Nov 30, 2023
CVE-2023-6401 5.3 MEDIUM 1 PoC Analysis EPSS 0.00
NotePad++ <8.1 - Uncontrolled Search Path
A vulnerability classified as problematic was found in NotePad++ up to 8.1. Affected by this vulnerability is an unknown functionality of the file dbghelp.exe. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The identifier VDB-246421 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CWE-427 Nov 30, 2023
CVE-2023-4770 6.5 MEDIUM EPSS 0.00
4D - Uncontrolled Search Path
An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution.
CWE-427 Nov 30, 2023
CVE-2023-4931 6.3 MEDIUM EPSS 0.00
Plesk - Uncontrolled Search Path
Uncontrolled search path element vulnerability in Plesk Installer affects version 3.27.0.0. A local attacker could execute arbitrary code by injecting DLL files into the same folder where the application is installed, resulting in DLL hijacking in edputil.dll, samlib.dll, urlmon.dll, sspicli.dll, propsys.dll and profapi.dll files.
CWE-427 Nov 27, 2023
CVE-2023-41790 7.6 HIGH EPSS 0.00
Artica Pandora Fms < 773 - Uncontrolled Search Path
Uncontrolled Search Path Element vulnerability in Pandora FMS on all allows Leveraging/Manipulating Configuration File Search Paths. This vulnerability allows to access the server configuration file and to compromise the database. This issue affects Pandora FMS: from 700 through 773.
CWE-427 Nov 23, 2023
CVE-2023-41787 6.0 MEDIUM EPSS 0.00
Artica Pandora Fms < 773 - Uncontrolled Search Path
Uncontrolled Search Path Element vulnerability in Pandora FMS on all allows Leveraging/Manipulating Configuration File Search Paths. This vulnerability allows access to files with sensitive information. This issue affects Pandora FMS: from 700 through 772.
CWE-427 Nov 23, 2023
CVE-2023-29069 7.8 HIGH EPSS 0.01
Autodesk Desktop Connector <= 16.2.1.2016 - Privilege Escalation
A maliciously crafted DLL file can be forced to install onto a non-default location, and attacker can overwrite parts of the product with malicious DLLs. These files may then have elevated privileges leading to a Privilege Escalation vulnerability.
CWE-427 Nov 22, 2023
CVE-2023-46814 7.8 HIGH EPSS 0.00
VideoLAN VLC <3.0.19 - Privilege Escalation
A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM.
CWE-427 Nov 22, 2023
CVE-2023-6235 7.8 HIGH EPSS 0.00
Duet Display <2.5.9.1 - Code Injection
An uncontrolled search path element vulnerability has been found in the Duet Display product, affecting version 2.5.9.1. An attacker could place an arbitrary libusk.dll file in the C:\Users\user\AppData\Local\Microsoft\WindowsApps\ directory, which could lead to the execution and persistence of arbitrary code.
CWE-427 Nov 21, 2023
CVE-2023-22818 7.3 HIGH EPSS 0.00
Westerndigital Sandisk Security Installer - Uncontrolled Search Path
Multiple DLL Search Order Hijack vulnerabilities were addressed in the SanDisk Security Installer for Windows that could allow attackers with local access to execute arbitrary code by executing the installer in the same folder as the malicious DLL. This can lead to the execution of arbitrary code with the privileges of the vulnerable application or obtain a certain level of persistence on the compromised host. 
CWE-427 Nov 15, 2023
CVE-2023-34430 6.7 MEDIUM EPSS 0.00
Intel Battery Life Diagnostic Tool < 2.2.1 - Uncontrolled Search Path
Uncontrolled search path in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CWE-427 Nov 14, 2023
CVE-2023-34350 6.7 MEDIUM EPSS 0.00
Intel Extreme Tuning Utility < 7.12.0.15 - Uncontrolled Search Path
Uncontrolled search path element in some Intel(R) XTU software before version 7.12.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access.
CWE-427 Nov 14, 2023

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-4105: systemd-machined Privilege Escalation - 72 Minutes from Drop to Bypass
Mar 13, 2026
CVE-2026-28391: OpenClaw Command Injection - The Day I Hacked Myself
Mar 09, 2026
Introducing FuzzForge: Autonomous Source-Code Fuzzing - Finding Bugs in nginx in 112 Minutes
Mar 08, 2026
CVE-2025-68670 Part 2: From Crash to RCE - The One That Fought Back (and Lost)
Mar 04, 2026
CVE-2025-68670: Pre-Auth xrdp Overflow - The One Where the Protocol Fought Back
Mar 04, 2026
CVE-2025-62507: Redis Stack Overflow to RCE in 68 Minutes - Then We Turned ASLR On
Mar 03, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-37288 CRITICAL
Elastic Kibana - Insecure Deserialization
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
 View all labs →

KEV Gaps

CVE-2026-3910
Google Chrome <146.0.7680.75 - RCE
 CVE-2026-3909
Google Chrome < 146.0.7680.75 - Out-of-Bounds Access
 CVE-2026-1603
Ivanti Endpoint Manager < 2024 - Authentication Bypass
 CVE-2023-43000
macOS Ventura <13.5-iPadOS <16.6-Safari <16.6 - Use After Free
 CVE-2021-30952
tvOS <15.2 - RCE
 CVE-2021-22681
Rockwell Automation Studio 5000 <21 - Path Traversal
 CVE-2026-22719
VMware Aria Operations - Command Injection
 CVE-2026-25108
FileZen - Command Injection
 CVE-2026-22769
Dell RecoverPoint <6.0.3.1 HF1 - Auth Bypass
 CVE-2021-22175
Gitlab < 13.6.7 - SSRF
 CVE-2024-7694
Teamt5 Threatsonar Anti-ransomware < 3.5.0 - Unrestricted File Upload
 CVE-2020-7796
Zimbra Collaboration Suite <8.8.15 Patch 7 - SSRF