5152828 matches found
Exploit for CVE-2026-63030
wp2shell: WordPress Batch RCE A technical breakdown of CVE-20...
Critical NGINX Vulnerability Can Crash Workers and May Allow Remote Code Execution
F5 has shipped fixes for a critical nginx flaw that lets a remote, unauthenticated attacker trigger a heap buffer overflow in the worker process with crafted HTTP requests. CVE-2026-42533 was patched on July 15 in nginx 1.30.4 stable and 1.31.3 mainline, and in NGINX Plus 37.0.3.1; anyone on an...
CVE-2026-12484
A vulnerability in keras-team/keras version 3.15.0 allows unsafe deserialization of attacker-controlled PyTorch pickle data through the public keras.layers.TorchModuleWrapper.fromconfig method. This method invokes torch.load..., weightsonly=False without requiring an explicit unsafe opt-in, such ...
Exploit for CVE-2025-9951
CVE-2025-9951 FFmpeg JPEG 2000 exploitation research This rep...
EUVD-2026-45872
A vulnerability in keras-team/keras version 3.15.0 allows unsafe deserialization of attacker-controlled PyTorch pickle data through the public keras.layers.TorchModuleWrapper.fromconfig method. This method invokes torch.load..., weightsonly=False without requiring an explicit unsafe opt-in, such ...
CVE-2026-12484
A vulnerability in keras-team/keras version 3.15.0 allows unsafe deserialization of attacker-controlled PyTorch pickle data through the public keras.layers.TorchModuleWrapper.fromconfig method. This method invokes torch.load..., weightsonly=False without requiring an explicit unsafe opt-in, such ...
CVE-2026-12484
The CVE-2026-12484 entry describes a vulnerability in keras-team/keras v3.15.0 where unsafe deserialization of attacker-controlled PyTorch pickle data is possible via keras.layers.TorchModuleWrapper.from_config. The public method calls torch.load(..., weights_only=False) without an explicit safe ...
CVE-2026-12484 Unsafe Deserialization in keras.layers.TorchModuleWrapper.from_config
A vulnerability in keras-team/keras version 3.15.0 allows unsafe deserialization of attacker-controlled PyTorch pickle data through the public keras.layers.TorchModuleWrapper.fromconfig method. This method invokes torch.load..., weightsonly=False without requiring an explicit unsafe opt-in, such ...
VulnFeed
VulnFeed — CVE-to-ExploitDB Mapper Queries the NVD APIhttp...
Exploit for CVE-2026-63030
wp2shell-check Non-intrusive exposure checker for the WordPre...
CVE-2026-64178
creationtimestamp| type| source ---|---|--- 2026-07-19 18:45:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqzgsinfn62i...
CVE-2026-64183
creationtimestamp| type| source ---|---|--- 2026-07-19 18:35:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqzgaloto52j...
EUVD-2026-45747
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Set HCICMDDRAINWORKQUEUE during device close Since hcidevclosesync can now be called during the reset path, we should also set HCICMDDRAINWORKQUEUE. This avoids queuing timeouts while the hdev workqueue is bei...
EUVD-2026-45749
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: clear chan-ident on ECRED reconfiguration success l2capecredreconfrsp returns early on success without clearing chan-ident. Every other L2CAP response handler l2capecredconnrsp, l2capleconnectrsp, l2capconfigrsp...
EUVD-2026-45750
In the Linux kernel, the following vulnerability has been resolved: dpll: zl3073x: use dplldevicechangentf and remove changework The changework was introduced to send device change notifications from DPLL device callbacks without deadlocking on dplllock, since the callbacks are already invoked...
EUVD-2026-45751
In the Linux kernel, the following vulnerability has been resolved: net/handshake: Drain pending requests at net namespace exit The arguments to listspliceinit in handshakenetexit are reversed. The call moves the local empty "requests" list onto hn-hnrequests, leaving the local list empty, so the...
EUVD-2026-45753
In the Linux kernel, the following vulnerability has been resolved: net/handshake: Use spinlockbh for hnlock nvmettcpstatechange, a socket callback that runs in BH context, can reach handshakereqcancel via nvmettcpschedulereleasequeue and tlshandshakecancel. handshakereqcancel acquires hn-hnlock...
EUVD-2026-45754
In the Linux kernel, the following vulnerability has been resolved: net/sched: actmirred: Fix blockcast recursion bypass leading to stack overflow tcfmirredact checks schedmirrednest against MIRREDNESTLIMIT 4 to prevent deep recursion. However, when the action uses blockcast tcfmblockid != 0, the...
EUVD-2026-45755
In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix ethx:ingress - ethy:egress - ethx:ingress mirred loop When mirred redirects to ingress from either ingress or egress the loop state from schedmirreddev array dev is lost because of 1 the packet deferral into the...
EUVD-2026-45757
In the Linux kernel, the following vulnerability has been resolved: ipv6: rpl: fix hdrlen overflow in ipv6rplsrhdecompress ipv6rplsrhdecompress computes: outhdr-hdrlen = n + 1 sizeofstruct in6addr 3; hdrlen is u8. For n = 127 the result exceeds 255 and silently truncates. With n=127 cmpri=15,...