CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/05/18 12:0 a.m.•6 views

Claude HUD 代码问题漏洞

Claude HUD is a Claude Code plugin developed by Jarrod Watts, which displays context usage, tool states, and progress. Versions of Claude HUD prior to 0.0.12 contained code vulnerabilities. These vulnerabilities stemmed from command injection issues, allowing local attackers to execute arbitrary...

7.8CVSS6.5AI score0.00523EPSS

Exploits0References1

Positive Technologies•added 2026/05/18 12:0 a.m.•11 views

PT-2026-41732

Name of the Vulnerable Software and Affected Versions Claude HUD versions 0.0.0 through 0.0.12 Description Local attackers can execute arbitrary commands on Windows systems by manipulating the COMSPEC environment variable. By setting COMSPEC to an arbitrary binary path before the software perform...

7.8CVSS6.2AI score0.00523EPSS

Exploits0References7

Hewlett-Packard•added 2026/05/18 12:0 a.m.•12 views

AMD Graphics May 2026 Security Update

AMD has informed HP of potential security vulnerabilities identified in some AMD Graphics for Windows, which might allow arbitrary code execution, escalation of privilege, denial of service, or information disclosure. AMD is releasing software updates to mitigate the potential vulnerabilities. AM...

8.8CVSS6AI score0.00182EPSS

Exploits0Affected Software21

AlmaLinux•added 2026/05/18 12:0 a.m.•7 views

Moderate: libpng security update

The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes: libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 For more details about the security issues, including the...

AlmaLinux•added 2026/05/18 12:0 a.m.•6 views

Exploits1References4

Important: ruby security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 For more details about the security issues, including...

Tenable Nessus•added 2026/05/18 12:0 a.m.•4 views

RHEL 9 : libpng (RHSA-2026:18028)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18028 advisory. The libpng packages contain a library of functions for creating and manipulating Portable Network Graphics PNG image format files. Security Fixes:...

Tenable Nessus•added 2026/05/18 12:0 a.m.•6 views

Exploits1References5

RockyLinux 9 : ruby:3.3 (RLSA-2026:18030)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18030 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the RockyLinux...

8.1CVSS6.3AI score0.00508EPSS

Exploits0References3

AlmaLinux•added 2026/05/18 12:0 a.m.•10 views

Important: ruby:3.3 security update

OSV•added 2026/05/18 12:0 a.m.•5 views

ALSA-2026:18028 Moderate: libpng security update

AlmaLinux•added 2026/05/18 12:0 a.m.•9 views

Exploits1References4

Critical: nginx security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 For more details about the security issues, including the impact, a CVSS...

OSV•added 2026/05/18 12:0 a.m.•10 views

ALSA-2026:18029 Critical: nginx security update

Tenable Nessus•added 2026/05/18 12:0 a.m.•9 views

RockyLinux 8 : nginx:1.24 (RLSA-2026:18041)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18041 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the RockyLinux security...

AlmaLinux•added 2026/05/18 12:0 a.m.•5 views

Exploits38References3

Critical: nginx:1.24 security update

9.2CVSS5.9AI score0.23018EPSS

OSV•added 2026/05/18 12:0 a.m.•9 views

ALSA-2026:18041 Critical: nginx:1.24 security update

OSV•added 2026/05/18 12:0 a.m.•6 views

ALSA-2026:18063 Critical: nginx security update

9.2CVSS5.9AI score0.23018EPSS

Oracle linux•added 2026/05/18 12:0 a.m.•8 views

ruby security update

3.3.10-12 - Fix arbitrary code execution via deserialization bypass in ERB. CVE-2026-41316 Resolves: RHEL-171244...

8.1CVSS6.3AI score0.00508EPSS

Exploits0

Tenable Nessus•added 2026/05/18 12:0 a.m.•5 views

RHEL 10 : ruby (RHSA-2026:18065)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18065 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management...

Tenable Nessus•added 2026/05/18 12:0 a.m.•6 views

RHEL 9 : ruby (RHSA-2026:18039)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18039 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management task...

OSV•added 2026/05/18 12:0 a.m.•4 views

ALSA-2026:18064 Moderate: libpng security update