Advanced Threat Data Export
Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.
Data export is locked. Upgrade your package to enable filtering and downloading.
π Premium Features
π Filter Threats
| Title | Severity | EPSS (30-Day) | PoC | Actively Exploited | Source | Date |
|---|---|---|---|---|---|---|
| CVE-2026-47131 ### Summary
By combining `Buffer.call.call({}.__lookupGetter__, Buffer, "__proto__")`, `Buffer.call.call({}.__lookupSetter__, Buffer, "... | CRITICAL | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-42951 An authenticated
user can download a backup of theΒ Danelec MacGregor Voyage Data Recorder
device which includes account data and password hashes. | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-42941 TheΒ Danelec MacGregor Voyage Data Recorder
device includes a default username and password, with no enforced password change. | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45668 Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. Prior to 0.102.2, a malici... | UNKNOWN | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-47200 ### Summary
When `experimental.componentIslands` is enabled (default in Nuxt 4), any `.server.vue` file under `pages/` is automatically registered as... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45742 ### Summary
Gotenberg is vulnerable to a remote denial of service in multipart `downloadFrom` handling.
A multipart request containing multiple `dow... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-10108 xiaomusic v0.5.7 contains an unauthenticated path traversal vulnerability in the GET /music/{file_path:path} endpoint that allows unauthenticated atta... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45741 ### Summary
`IsPublicIP` in `pkg/gotenberg/outbound.go` incorrectly classifies IPv6 6to4 / NAT64 / deprecated site-local addresses as public IPs, all... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-10107 MoviePilot v2 contains a server-side request forgery vulnerability in the image proxy endpoint that allows authenticated attackers to request arbitrar... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-43917 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.19.0 and earlier, the protectedProcedure middleware only verifies the user is auth... | UNKNOWN | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-44829 ### Summary
`filepath.Base` on the Linux container does not strip backslashes (`\`), because `\` is only a path separator on Windows. A multipart file... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-10105 agno 2.6.5 contains a SQL injection vulnerability in the ClickHouse vector database backend that allows attackers to inject arbitrary SQL expressions ... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-9194 Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in ... | UNKNOWN | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-48501 GitHub CLI (gh) is GitHubβs official command line tool. Prior to 2.93.0, GitHub CLI incorrectly includes authorization header in API requests to TUF... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45663 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.29.1 and earlier, a command injection vulnerability exists in the Docker file uplo... | CRITICAL | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-45662 Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.29.0 and earlier, the deleteRegistry function in Dokploy (packages/server/src/serv... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-44962 Plesk contains an XPath injection vulnerability in the APS Application Catalog search functionality, where user-supplied input is interpolated into XP... | CRITICAL | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-39276 The template upload feature in Emlog Pro v2.6.9 has a path traversal vulnerability, allowing authenticated administrators to execute arbitrary PHP cod... | HIGH | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-39229 Bolt CMS through 3.7.0 allows SQL Injection in the 'order' parameter of the content listing pages. An authenticated attacker with low-level ... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |
| CVE-2026-36324 SourceCodester Doctor Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) due to improper handling of user supplied input in the user r... | MEDIUM | π LOCKED | ????? | ????? | NVD | 5 days ago |