CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/04/08 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-35406

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Aardvark-dns is an authoritative dns server for A/AAAA container records. From 1.16.0 to 1.17.0, a truncated TCP DNS query followed by a connection reset causes...

7.5CVSS5.8AI score0.00014EPSS

Exploits0References4

IBM Security Bulletins•added 2026/03/27 6:3 p.m.•6 views

Security Bulletin: Operator for IBM DataPower Gateway vulnerable to Denial of Service

Summary This vulnerability can allow an invalid DNS response to cause an operator crash. Vulnerability Details CVEID:CVE-2026-25518 DESCRIPTION: cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters, and simplifies the process of obtaining, renewing and...

5.9CVSS5.8AI score0.00018EPSS

Exploits0Affected Software1

EUVD•added 2026/03/18 11:26 p.m.•2 views

EUVD-2026-13003

PX4 is an open-source autopilot stack for drones and unmanned vehicles. Versions 1.17.0-rc2 and below are vulnerable to Stack-based Buffer Overflow through the MavlinkLogHandler, and are triggered via MAVLink log request. The LogEntry.filepath buffer is 60 bytes, but the sscanf function parses...

6.5CVSS5.9AI score0.0001EPSS

Exploits3References2

Positive Technologies•added 2026/03/18 12:0 a.m.•5 views

PT-2026-26154

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cram decode compression header was missing. If the function return...

7.5CVSS5.8AI score0.00019EPSS

Exploits0References6

Positive Technologies•added 2026/01/30 12:0 a.m.•4 views

PT-2026-5472

Name of the Vulnerable Software and Affected Versions Simple Startup Manager version 1.17 Description Simple Startup Manager version 1.17 contains a local buffer overflow that allows attackers to execute arbitrary code. The issue occurs due to overwriting memory through the 'File' input parameter...

8.6CVSS6.3AI score0.00025EPSS

Exploits0References5

RedhatCVE•added 2025/12/19 7:33 a.m.•1 views

CVE-2025-58923

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Critique critique allows PHP Local File Inclusion.This issue affects Critique: from n/a through = 1.17...

8.1CVSS7.1AI score0.0011EPSS

RedhatCVE•added 2025/12/19 7:32 a.m.•2 views

CVE-2025-60049

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Soleil soleil allows PHP Local File Inclusion.This issue affects Soleil: from n/a through = 1.17...

8.1CVSS7.1AI score0.0011EPSS

EUVD•added 2025/12/18 9:30 a.m.•1 views

EUVD-2025-204168

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Stallion stallion allows PHP Local File Inclusion.This issue affects Stallion: from n/a through = 1.17...

8.1CVSS6.6AI score0.0011EPSS

NVD•added 2025/12/18 8:16 a.m.•2 views

CVE-2025-58927

8.1CVSS0.0011EPSS

OSV•added 2025/12/18 8:16 a.m.•1 views

CVE-2025-58927

8.1CVSS5.8AI score0.0011EPSS

Cvelist•added 2025/12/18 7:22 a.m.•23 views

CVE-2025-60049 WordPress Soleil theme <= 1.17 - Local File Inclusion vulnerability

8.1CVSS0.0011EPSS

Vulnrichment•added 2025/12/18 7:22 a.m.•1 views

CVE-2025-60049 WordPress Soleil theme <= 1.17 - Local File Inclusion vulnerability

EUVD•added 2025/12/18 7:21 a.m.•1 views

EUVD-2025-204147

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Spock spock allows PHP Local File Inclusion.This issue affects Spock: from n/a through = 1.17...

8.1CVSS6.6AI score0.0011EPSS

CVE•added 2025/12/18 7:21 a.m.•6 views

CVE-2025-58949

The CVE-2025-58949 is tied to the WordPress Spock theme (versions ≤ 1.17). The issue is an improper control of filenames for include/require, enabling PHP Local File Inclusion. Affected software/component: WordPress Spock theme. Root cause: improper filename handling in PHP includes. Impact as de...

Exploits0References1Affected Software1

Vulnrichment•added 2025/12/18 7:21 a.m.•1 views

CVE-2025-58949 WordPress Spock theme <= 1.17 - Local File Inclusion vulnerability

CVE•added 2025/12/18 7:21 a.m.•7 views

CVE-2025-58927

CVE-2025-58927 describes an improper filename control in the WordPress Stallion theme (versions <= 1.17) that enables PHP Local File Inclusion via an improper Include/Require filename handling (a PHP Remote File Inclusion class issue). Affected product: Stallion theme for WordPress. Root cause...

Exploits0References1Affected Software1

Cvelist•added 2025/12/18 7:21 a.m.•19 views

CVE-2025-58923 WordPress Critique theme <= 1.17 - Local File Inclusion vulnerability

8.1CVSS0.0011EPSS

Positive Technologies•added 2025/12/18 12:0 a.m.•2 views

PT-2025-52099

7.1AI score0.0011EPSS

CNNVD•added 2025/12/18 12:0 a.m.•1 views

WordPress plugin Spock 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

8.1CVSS6.6AI score0.0011EPSS