Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (4 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-26336 1 Hyland 2 Alfresco Community, Alfresco Enterprise 2026-02-20 7.5 High
Hyland Alfresco allows unauthenticated attackers to read arbitrary files from protected directories (like WEB-INF) via the "/share/page/resource/" endpoint, thus leading to the disclosure of sensitive configuration files.
CVE-2026-26337 1 Hyland 2 Alfresco Community, Alfresco Transformation Service 2026-02-20 8.2 High
Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve both arbitrary file read and server-side request forgery through the absolute path traversal.
CVE-2026-26338 1 Hyland 2 Alfresco Community, Alfresco Transformation Service 2026-02-20 6.5 Medium
Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery (SSRF) through the document processing functionality.
CVE-2026-26339 1 Hyland 2 Alfresco Community, Alfresco Transformation Service 2026-02-20 9.8 Critical
Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve remote code execution through the argument injection vulnerability, which exists in the document processing functionality.