CVE & Exploit Intelligence Database

Updated 2h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

337,098 CVEs tracked 53,218 with exploits 4,684 exploited in wild 1,536 CISA KEV 3,912 Nuclei templates 37,750 vendors 42,417 researchers
88 results Clear all
CVE-2021-47776 5.3 MEDIUM 1 PoC Analysis EPSS 0.00
Umbraco Cms - SSRF
Umbraco CMS v8.14.1 contains a server-side request forgery vulnerability that allows attackers to manipulate baseUrl parameters in multiple dashboard and help controller endpoints. Attackers can craft malicious requests to the GetContextHelpForPage, GetRemoteDashboardContent, and GetRemoteDashboardCss endpoints to trigger unauthorized server-side requests to external hosts.
CWE-918 Jan 15, 2026
CVE-2025-66628 7.5 HIGH 1 PoC Analysis EPSS 0.00
ImageMagick <7.1.9 - Buffer Overflow
ImageMagick is a software suite to create, edit, compose, or convert bitmap images. In versions 7.1.2-9 and prior, the TIM (PSX TIM) image parser contains a critical integer overflow vulnerability in its ReadTIMImage function (coders/tim.c). The code reads width and height (16-bit values) from the file header and calculates image_size = 2 * width * height without checking for overflow. On 32-bit systems (or where size_t is 32-bit), this calculation can overflow if width and height are large (e.g., 65535), wrapping around to a small value. This results in a small heap allocation via AcquireQuantumMemory and later operations relying on the dimensions can trigger an out of bounds read. This issue is fixed in version 7.1.2-10.
CWE-125 Dec 10, 2025
CVE-2025-64095 10.0 CRITICAL EXPLOITED 3 PoCs Analysis NUCLEI EPSS 0.15
Dnnsoftware Dotnetnuke < 10.1.1 - Unrestricted File Upload
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to 10.1.1, the default HTML editor provider allows unauthenticated file uploads and images can overwrite existing files. An unauthenticated user can upload and replace existing files allowing defacing a website and combined with other issue, injection XSS payloads. This vulnerability is fixed in 10.1.1.
CWE-434 Oct 28, 2025
CVE-2025-55315 9.9 CRITICAL 6 PoCs Analysis EPSS 0.00
ASP.NET Core - SSRF
Inconsistent interpretation of http requests ('http request/response smuggling') in ASP.NET Core allows an authorized attacker to bypass a security feature over a network.
CWE-444 Oct 14, 2025
CVE-2025-52488 8.6 HIGH EXPLOITED 1 PoC Analysis NUCLEI EPSS 0.15
Dnnsoftware Dotnetnuke < 10.0.1 - Information Disclosure
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted series of malicious interaction to potentially expose NTLM hashes to a third party SMB server. This issue has been patched in version 10.0.1.
CWE-200 Jun 21, 2025
CVE-2025-29953 9.8 CRITICAL 1 PoC Analysis EPSS 0.00
Apache ActiveMQ NMS OpenWire Client <2.1.1 - Deserialization
Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connections to untrusted servers. Such servers could abuse the unbounded deserialization in the client to provide malicious responses that may eventually cause arbitrary code execution on the client. Version 2.1.0 introduced a allow/denylist feature to restrict deserialization, but this feature could be bypassed. The .NET team has deprecated the built-in .NET binary serialization feature starting with .NET 9 and suggests migrating away from binary serialization. The project is considering to follow suit and drop this part of the NMS API altogether. Users are recommended to upgrade to version 2.1.1, which fixes the issue. We also recommend to migrate away from relying on .NET binary serialization as a hardening method for the future.
CWE-502 Apr 18, 2025
CVE-2025-24011 5.3 MEDIUM 1 PoC Analysis EPSS 0.31
Umbraco Cms < 14.3.2 - Information Disclosure
Umbraco is a free and open source .NET content management system. Starting in version 14.0.0 and prior to versions 14.3.2 and 15.1.2, it's possible to determine whether an account exists based on an analysis of response codes and timing of Umbraco management API responses. Versions 14.3.2 and 15.1.2 contain a patch. No known workarounds are available.
CWE-200 Jan 21, 2025
CVE-2024-21409 7.3 HIGH 1 PoC Analysis EPSS 0.55
Microsoft .net Framework < 6.0.29 - Use After Free
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CWE-416 Apr 09, 2024
CVE-2023-4863 8.8 HIGH KEV 10 PoCs Analysis EPSS 0.94
Google Chrome <116.0.5845.187 - Buffer Overflow
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
CWE-787 Sep 12, 2023
CVE-2023-32571 9.8 CRITICAL 3 PoCs Analysis EPSS 0.78
Dynamic Linq <1.3.0 - RCE
Dynamic Linq 1.0.7.10 through 1.2.25 before 1.3.0 allows attackers to execute arbitrary code and commands when untrusted input to methods including Where, Select, OrderBy is parsed.
CWE-697 Jun 22, 2023
CVE-2023-2862 3.5 LOW 1 PoC EPSS 0.00
SiteServer CMS <7.2.1 - XSS
A vulnerability, which was classified as problematic, was found in SiteServer CMS up to 7.2.1. Affected is an unknown function of the file /api/stl/actions/search. The manipulation of the argument ajaxDivId leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-229818 is the identifier assigned to this vulnerability.
CWE-79 May 24, 2023
CVE-2023-0493 5.3 MEDIUM 1 PoC Analysis EPSS 0.02
Btcpayserver Btcpay Server < 1.7.5 - Injection
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5.
CWE-76 Jan 26, 2023
CVE-2022-41032 7.8 HIGH 1 PoC Analysis EPSS 0.18
NuGet Client - Privilege Escalation
NuGet Client Elevation of Privilege Vulnerability
CWE-269 Oct 11, 2022
CVE-2022-31160 6.1 MEDIUM 1 PoC Analysis EPSS 0.10
jQuery UI <1.13.2 - XSS
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. Calling `.checkboxradio( "refresh" )` on such a widget and the initial HTML contained encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing JavaScript code. The bug has been patched in jQuery UI 1.13.2. To remediate the issue, someone who can change the initial HTML can wrap all the non-input contents of the `label` in a `span`.
CWE-79 Jul 20, 2022
CVE-2022-24785 7.5 HIGH EXPLOITED 1 PoC Analysis EPSS 0.02
Moment < 2.29.2 - Path Traversal
Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This problem is patched in 2.29.2, and the patch can be applied to all affected versions. As a workaround, sanitize the user-provided locale name before passing it to Moment.js.
CWE-22 Apr 04, 2022
CVE-2021-46703 9.8 CRITICAL 1 PoC Analysis EPSS 0.01
Antaris RazorEngine <4.5.1-alpha001 - RCE
In the IsolatedRazorEngine component of Antaris RazorEngine through 4.5.1-alpha001, an attacker can execute arbitrary .NET code in a sandboxed environment (if users can externally control template contents). NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Mar 06, 2022
CVE-2021-23758 8.1 HIGH 2 PoCs Analysis EPSS 0.88
Ajaxpro.2 < 21.10.30.1 - Insecure Deserialization
All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code execution.
CWE-502 Dec 03, 2021
CVE-2021-41184 6.5 MEDIUM 2 PoCs Analysis EPSS 0.25
jQuery-UI <1.13.0 - Code Injection
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.
CWE-79 Oct 26, 2021
CVE-2021-41182 6.5 MEDIUM 2 PoCs Analysis EPSS 0.28
jQuery-UI <1.13.0 - Code Injection
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.
CWE-79 Oct 26, 2021
CVE-2020-5811 6.5 MEDIUM 1 PoC Analysis EPSS 0.03
Umbraco CMS <=8.9.1 - Path Traversal
An authenticated path traversal vulnerability exists during package installation in Umbraco CMS <= 8.9.1 or current, which could result in arbitrary files being written outside of the site home and expected paths when installing an Umbraco package.
CWE-22 Dec 30, 2020

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-28391: OpenClaw Command Injection - The Day I Hacked Myself
Mar 09, 2026
Introducing FuzzForge: Autonomous Source-Code Fuzzing - Finding Bugs in nginx in 112 Minutes
Mar 08, 2026
CVE-2025-68670 Part 2: From Crash to RCE - The One That Fought Back (and Lost)
Mar 04, 2026
CVE-2025-68670: Pre-Auth xrdp Overflow - The One Where the Protocol Fought Back
Mar 04, 2026
CVE-2025-62507: Redis Stack Overflow to RCE in 68 Minutes - Then We Turned ASLR On
Mar 03, 2026
CVE-2025-15467: From OpenSSL Stack Overflow to Three ROP Chains in 64 Minutes - Introducing Stackforge
Mar 03, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-37288 CRITICAL
Elastic Kibana - Insecure Deserialization
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
 View all labs →

KEV Gaps

CVE-2023-43000
macOS Ventura <13.5-iPadOS <16.6-Safari <16.6 - Use After Free
 CVE-2021-30952
tvOS <15.2 - RCE
 CVE-2021-22681
Rockwell Automation Studio 5000 <21 - Path Traversal
 CVE-2026-22719
VMware Aria Operations - Command Injection
 CVE-2026-25108
FileZen - Command Injection
 CVE-2026-22769
Dell RecoverPoint <6.0.3.1 HF1 - Auth Bypass
 CVE-2021-22175
Gitlab < 13.6.7 - SSRF
 CVE-2024-7694
Teamt5 Threatsonar Anti-ransomware < 3.5.0 - Unrestricted File Upload
 CVE-2020-7796
Zimbra Collaboration Suite <8.8.15 Patch 7 - SSRF
 CVE-2026-21525
Microsoft Windows 10 1607 < 10.0.14393.8868 - NULL Pointer Dereference
 CVE-2026-21519
Microsoft Windows 10 1607 < 10.0.14393.8868 - Type Confusion
 CVE-2026-21514
Microsoft Office Word - Info Disclosure