CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Name of the Vulnerable Software and Affected Versions LibreChat version 0.8.1-rc2 Description LibreChat, a ChatGPT clone with additional features, is susceptible to a server-side request forgery SSRF issue. This occurs because of missing restrictions within the Actions feature in its default...

9.1CVSS7AI score0.04094EPSS

Exploits1References8

Tenable Nessus•added 2026/01/07 12:0 a.m.•2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: docker (UTSA-2026-000515)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000515 advisory. Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, whic...

9.9CVSS7.4AI score0.16496EPSS

Exploits0References3

Amazon•added 2026/01/07 12:0 a.m.•6 views

Medium: docker

Issue Overview: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not...

6.5CVSS6.8AI score0.0027EPSS

Exploits0

Amazon•added 2026/01/07 12:0 a.m.•8 views

Medium: docker

Issue Overview: SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read. CVE-2025-47914 SSH servers parsing GSSAPI authentication requests do not validate the number...

7.5CVSS6.6AI score0.00521EPSS

Exploits2

Tenable Nessus•added 2026/01/07 12:0 a.m.•3 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: docker (UTSA-2026-000514)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000514 advisory. Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In...

6.5CVSS6.8AI score0.0035EPSS

Exploits0References3

GithubExploit•added 2026/01/06 6:47 p.m.•246 views

Exploit for OS Command Injection in Docker

🐳 ContainerBreaker - Docker Escape Exploit Simulator !Licen...

9.3CVSS9.7AI score0.9589EPSS

Exploits33

IBM Security Bulletins•added 2026/01/06 6:8 a.m.•7 views

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate with watsonx Assistant Cartridge

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate with watsonx Assistant Cartridge version 5.3 Vulnerability Details CVEID:CVE-2022-1996 DESCRIPTION: Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0. CWE:CWE-639:...

9.3CVSS8AI score0.06604EPSS

Exploits3Affected Software1

IBM Security Bulletins•added 2026/01/06 6:0 a.m.•9 views

Security Bulletin: Firewalld Reload Bypasses Localhost Port Restrictions in Moby (Docker Engine) Prior to 28.3.3, affects watsonx.data

Summary Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules...

5.1CVSS6.7AI score0.00201EPSS

Exploits0Affected Software1

NVD•added 2026/01/05 8:16 p.m.•7 views

CVE-2025-64419

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to version 4.0.0-beta.445, parameters coming from docker-compose.yaml are not sanitized when used in commands. If a victim user creates an application from an attacker repository using build...

9.6CVSS0.00619EPSS

Exploits1References2

EUVD•added 2026/01/05 7:16 p.m.•2 views

EUVD-2025-206244

9.6CVSS6.6AI score0.00619EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by