Exploit Intelligence Platform

Updated 4h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

339,234 CVEs tracked 53,343 with exploits 4,746 exploited in wild 1,546 CISA KEV 3,944 Nuclei templates 49,100 vendors 42,782 researchers
111,409 results Clear all
CVE-2017-0893 5.4 MEDIUM EPSS 0.00
Nextcloud Server <9.0.58, 10.0.5, 11.0.3 - XSS
Nextcloud Server before 9.0.58 and 10.0.5 and 11.0.3 are shipping a vulnerable JavaScript library for sanitizing untrusted user-input which suffered from a XSS vulnerability caused by a behaviour change in Safari 10.1 and 10.2. Note that Nextcloud employs a strict Content-Security-Policy preventing exploitation of this XSS issue on modern web browsers.
CWE-79 May 08, 2017
CVE-2017-0891 5.4 MEDIUM EPSS 0.00
Nextcloud Server <9.0.58, 10.0.5, 11.0.3 - XSS
Nextcloud Server before 9.0.58 and 10.0.5 and 11.0.3 are vulnerable to an inadequate escaping of error messages leading to XSS vulnerabilities in multiple components.
CWE-79 May 08, 2017
CVE-2017-0890 5.4 MEDIUM EPSS 0.00
Nextcloud Server <11.0.3 - XSS
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.
CWE-79 May 08, 2017
CVE-2017-8848 6.5 MEDIUM EPSS 0.00
Allen Disk - CSRF
Allen Disk 1.6 has CSRF in setpass.php with an impact of changing a password.
CWE-352 May 08, 2017
CVE-2017-8847 5.5 MEDIUM EPSS 0.00
Long Range Zip - NULL Pointer Dereference
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
CWE-476 May 08, 2017
CVE-2017-8846 5.5 MEDIUM EPSS 0.01
Long Range Zip - Use After Free
The read_stream function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted archive.
CWE-416 May 08, 2017
CVE-2017-8845 5.5 MEDIUM EPSS 0.00
Long Range Zip - Out-of-Bounds Read
The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive.
CWE-125 May 08, 2017
CVE-2017-8843 5.5 MEDIUM EPSS 0.00
Long Range Zip - NULL Pointer Dereference
The join_pthread function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive.
CWE-476 May 08, 2017
CVE-2017-8842 5.5 MEDIUM EPSS 0.00
Long Range Zip - Divide By Zero
The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted archive.
CWE-369 May 08, 2017
CVE-2017-8833 6.1 MEDIUM EPSS 0.00
Zen-cart Zen Cart - XSS
Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. NOTE: 1.6.0 is not an official release but the vendor's README.md file offers a link to v160.zip with a description of "Download latest in-development version from github."
CWE-79 May 08, 2017
CVE-2017-8832 6.1 MEDIUM 1 Writeup EPSS 0.00
Allen Disk - XSS
Allen Disk 1.6 has XSS in the id parameter to downfile.php.
CWE-79 May 08, 2017
CVE-2017-8831 6.4 MEDIUM 1 Writeup EPSS 0.00
Linux Kernel < 4.11.5 - Out-of-Bounds Read
The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch" vulnerability.
CWE-125 May 08, 2017
CVE-2017-8830 6.5 MEDIUM EPSS 0.00
Imagemagick - Resource Leak
In ImageMagick 7.0.5-6, the ReadBMPImage function in bmp.c:1379 allows attackers to cause a denial of service (memory leak) via a crafted file.
CWE-772 May 08, 2017
CVE-2017-8391 5.5 MEDIUM EPSS 0.00
CA Client Automation - Incorrect Permission Assignment
The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system installation.
CWE-732 May 06, 2017
CVE-2017-6029 5.4 MEDIUM EPSS 0.00
Certec EDV Gmbh Atvise Scada < 2.5.10 - XSS
A Cross-Site Scripting issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. This may allow remote code execution.
CWE-79 May 06, 2017
CVE-2017-6024 5.9 MEDIUM EPSS 0.00
Rockwellautomation Compactlogix 5380 Firmware - Denial of Service
A Resource Exhaustion issue was discovered in Rockwell Automation ControlLogix 5580 controllers V28.011, V28.012, and V28.013; ControlLogix 5580 controllers V29.011; CompactLogix 5380 controllers V28.011; and CompactLogix 5380 controllers V29.011. This vulnerability may allow an attacker to cause a denial of service condition by sending a series of specific CIP-based commands to the controller.
CWE-400 May 06, 2017
CVE-2016-6877 5.3 MEDIUM EPSS 0.01
Citrix Xenmobile Server < 10.3.6.310 - Improper Input Validation
Citrix XenMobile Server before 10.5.0.24 allows man-in-the-middle attackers to trigger HTTP 302 redirections via vectors involving the HTTP Host header and a cached page. NOTE: the vendor reports "our internal analysis of this issue concluded that this was not a valid vulnerability" because an exploitation scenario would involve a man-in-the-middle attack against a TLS session
CWE-20 May 05, 2017
CVE-2017-8801 6.1 MEDIUM EPSS 0.00
Trendmicro Officescan - XSS
Trend Micro OfficeScan 11.0 before SP1 CP 6325 (with Agent Module Build before 6152) and XG before CP 1352 has XSS via a crafted URI using a blocked website.
CWE-79 May 05, 2017
CVE-2016-8916 5.5 MEDIUM EPSS 0.00
IBM Tivoli Storage Manager <7.1 - Info Disclosure
IBM Tivoli Storage Manager 5.5, 6.1-6.4, and 7.1 stores password information in a log file that could be read by a local user when a set password command is issued. IBM X-Force ID: 118472.
CWE-200 May 05, 2017
CVE-2016-0255 6.1 MEDIUM EPSS 0.00
IBM Marketing Platform <10.0 - XSS
IBM Marketing Platform 9.1 and 10.0 is vulnerable to stored cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 110564.
CWE-79 May 05, 2017

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-24289: Windows Kernel IOCP Race Condition - The Ghost We Proved by Salting the Circle
Mar 16, 2026
Six AI Agents, One Security Company: The Paperclip AI Experiment
Mar 16, 2026
CVE-2026-4105: systemd-machined Privilege Escalation - 72 Minutes from Drop to Bypass
Mar 13, 2026
CVE-2026-28391: OpenClaw Command Injection - The Day I Hacked Myself
Mar 09, 2026
Introducing FuzzForge: Autonomous Source-Code Fuzzing - Finding Bugs in nginx in 112 Minutes
Mar 08, 2026
CVE-2025-68670 Part 2: From Crash to RCE - The One That Fought Back (and Lost)
Mar 04, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-37288 CRITICAL
Elastic Kibana - Insecure Deserialization
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
 View all labs →

KEV Gaps

CVE-2026-20963
Microsoft Office SharePoint - Code Injection
 CVE-2025-66376
Zimbra Collaboration <10.0.18, <10.1.13 - XSS
 CVE-2025-47813
Wftpserver Wing FTP Server < 7.4.4 - Error Information Exposure
 CVE-2026-3910
Google Chrome <146.0.7680.75 - RCE
 CVE-2026-3909
Google Chrome < 146.0.7680.75 - Out-of-Bounds Access
 CVE-2026-1603
Ivanti Endpoint Manager < 2024 - Authentication Bypass
 CVE-2023-43000
macOS Ventura <13.5-iPadOS <16.6-Safari <16.6 - Use After Free
 CVE-2021-30952
tvOS <15.2 - RCE
 CVE-2021-22681
Rockwell Automation Studio 5000 <21 - Path Traversal
 CVE-2026-22719
VMware Aria Operations - Command Injection
 CVE-2026-25108
FileZen - Command Injection
 CVE-2026-22769
Dell RecoverPoint <6.0.3.1 HF1 - Auth Bypass