Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (4 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-0963 1 Arcadia Technology 1 Crafty Controller 2026-02-02 9.9 Critical
An input neutralization vulnerability in the File Operations API Endpoint component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal.
CVE-2026-0805 1 Arcadia Technology 1 Crafty Controller 2026-02-02 8.2 High
An input neutralization vulnerability in the Backup Configuration component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal.
CVE-2025-14701 2 Arcadia Technology, Craftycontrol 2 Crafty Controller, Crafty Controller 2025-12-23 7.1 High
An input neutralization vulnerability in the Server MOTD component of Crafty Controller allows a remote, unauthenticated attacker to perform stored XSS via server MOTD modification.
CVE-2025-14700 2 Arcadia Technology, Craftycontrol 2 Crafty Controller, Crafty Controller 2025-12-23 9.9 Critical
An input neutralization vulnerability in the Webhook Template component of Crafty Controller allows a remote, authenticated attacker to perform remote code execution via Server Side Template Injection.