Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-47942
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. Scope is changed.
CVSS Score
5.4
EPSS Score
0.003
Published
2026-06-09
CVE-2026-47943
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. Scope is changed.
CVSS Score
5.4
EPSS Score
0.003
Published
2026-06-09
CVE-2026-47640
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVSS Score
4.6
EPSS Score
0.004
Published
2026-06-09
CVE-2026-47641
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.
CVSS Score
4.6
EPSS Score
0.004
Published
2026-06-09
CVE-2026-47648
Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally.
CVSS Score
7.0
EPSS Score
0.002
Published
2026-06-09
CVE-2026-47652
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
CVSS Score
8.2
EPSS Score
0.003
Published
2026-06-09
CVE-2026-47653
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVSS Score
8.8
EPSS Score
0.004
Published
2026-06-09
CVE-2026-47654
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
CVSS Score
7.5
EPSS Score
0.005
Published
2026-06-09
CVE-2026-47298
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVSS Score
8.0
EPSS Score
0.005
Published
2026-06-09
CVE-2026-47631
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.
CVSS Score
8.1
EPSS Score
0.002
Published
2026-06-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved