CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1860 matches found

CVE-2026-42535

A path handling issue in moddavfs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

9.1CVSS0.00018EPSS

Exploits0References2

AlpineLinux•added 2 days ago•3 views

CVE-2026-42535

9.1CVSS5.3AI score0.00018EPSS

Exploits0

OSV•added 5 days ago•4 views

OESA-2026-2557 kata-containers security update

This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: 'This vulnerability was fixed in Kata Containers 3.31.0:', 'Description:\n\nIn the runtime-rs standalone virtio-fs path, Kata Containers runs virtiofsd\nas root with --sandbox none --seccom...

5.7AI score

Exploits0References2

OSV•added 6 days ago•2 views

ROOT-APP-NPM-CVE-2025-48387 CVE-2025-48387 in @rootio/tar-fs - Patched by Root

Root has patched CVE-2025-48387 in the @rootio/tar-fs package for Root:npm. Multiple fixed versions available...

8.7CVSS5.4AI score0.01201EPSS

Exploits0

OSV•added 6 days ago•4 views

ROOT-APP-NPM-CVE-2025-59343 CVE-2025-59343 in @rootio/tar-fs - Patched by Root

Root has patched CVE-2025-59343 in the @rootio/tar-fs package for Root:npm. Multiple fixed versions available...

7.5CVSS5.4AI score0.00033EPSS

Exploits0

Tenable Nessus•added 6 days ago•4 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : tar-fs vulnerabilities (USN-8367-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8367-1 advisory. It was discovered that tar-fs did not properly limit paths when extracting crafted tar files. An attacker could possibly use this iss...

8.7CVSS6AI score0.01201EPSS

Exploits2References4

Cvelist•added last week•34 views

CVE-2026-46256 NFS/localio: prevent direct reclaim recursion into NFS via nfs_writepages

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfswritepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ, WRITE and COMMIT if the NFS client and server are determined to be on...

0.00022EPSS

Exploits0References3

Tenable Nessus•added 2026/06/03 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-46256

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NFS/localio: prevent direct reclaim recursion into NFS via nfswritepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ,...

5.5CVSS5.5AI score0.00022EPSS

Exploits0References4

OSV•added 2026/06/02 1:0 p.m.•6 views

USN-8367-1 node-tar-fs vulnerabilities

It was discovered that tar-fs did not properly limit paths when extracting crafted tar files. An attacker could possibly use this issue to write or overwrite files outside the intended extraction directory. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-12905 It was...

8.7CVSS6.2AI score0.01201EPSS

Exploits2References4

Cvelist•added 2026/06/01 1:15 a.m.•37 views

CVE-2026-10211 AstrBotDevs AstrBot fs.py _normalize_rw_path authorization

A vulnerability was determined in AstrBotDevs AstrBot 4.23.6. Affected by this issue is the function normalizerwpath of the file astrbot/core/tools/computertools/fs.py. This manipulation causes incorrect authorization. It is possible to initiate the attack remotely. The exploit has been publicly...

6.5CVSS0.0004EPSS

Exploits0References5

SUSE CVE•added 2026/05/28 4:1 a.m.•8 views

SUSE CVE-2025-71312

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freeing the...

5.8AI score0.00024EPSS

Exploits0References3

EUVD•added 2026/05/27 3:33 p.m.•6 views

EUVD-2025-209966

5.8AI score0.00024EPSS

Exploits0References3

ATTACKERKB•added 2026/05/26 2:8 p.m.•5 views

CVE-2026-41917

OpenKM 6.3.12 contains a local file inclusion vulnerability in the administrative scripting interface at /admin/Scripting that allows authenticated administrators to read arbitrary files by supplying an attacker-controlled filesystem path through the fsPath parameter with action=Load. Attackers c...

6.9CVSS5.9AI score0.00056EPSS

Exploits0References7

AstraLinux•added 2026/05/20 5:53 a.m.•7 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: bcachefs: kvfree bchfs::snapshots in bch2fssnapshotsexit bchfs::snapshots is allocated by kvzalloc in snapshott Mut. It should be freed by kvfree, not kfree. Otherwise, umount will trigger the following errors: 406.829178 BUG:...

5.5CVSS6AI score0.00064EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: exfat: fixed a potential deadlock in exfatgetdentryset. When accessing a file with more entries than ESMAXENTRYNUM, the bh-array is allocated in exfatgetdentryset. The problem is that the bh-array is allocated using GFPKERNEL. Th...

5.5CVSS6.3AI score0.0001EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/proc/taskmmu: Check if p-vecbuf is NULL. When the PAGEMAPSCAN ioctl is called with veclen = 0 and pagemapscanbackoutrange is executed, the kernel panics due to a null-ptr-deref issue. 44.936808 Oops: General Protection Fault,...

5.2AI score0.00024EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Replace BTRFSMAXEXTENTSIZE with fsinfo-maxextentsize. In a zoned filesystem, data writing is limited by maxzoneAppendSize. A large ordered extent is split according to the size of a bio. On the other hand, the number of...

7.8CVSS5.3AI score0.00067EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ipc: A memory leak has been fixed in initmqueuefs. When setupmqsysctls failed in initmqueuefs, the mqueueinodecachep variable was not released. To address this issue, the release path has been reordered...

5.5CVSS5.7AI score0.00017EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/dax: Fixed the issue of “not skipping locked entries when scanning entries” The commit 6be3e21d25ca “fs/dax: not skipping locked entries when scanning entries” introduced a new function, waitentryunlockedexclusive, which waits...

5.5CVSS6AI score0.00057EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fixed the memory leak of efivarfsfsinfo in situations where the fscontext is being initialized. When processing mount options, efivarfs allocates efivarfsfsinfo sfi early during the initialization of the fscontext...

5.5CVSS5.3AI score0.00018EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by