CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

60 matches found

CBLMariner•added 2026/05/20 11:8 p.m.•4 views

CVE-2026-33814 affecting package golang for versions less than 1.26.3-1

CVE-2026-33814 affecting package golang for versions less than 1.26.3-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS5.8AI score0.00018EPSS

Exploits0

Positive Technologies•added 2026/05/20 12:0 a.m.•6 views

PT-2026-42169

Name of the Vulnerable Software and Affected Versions Evince versions prior to 48.2 Atril versions prior to 1.26.3 Atril versions prior to 1.28.4 Xreader versions prior to 3.6.7 Xreader versions prior to 4.6.4 Description Command injection is possible when processing PDF /GoToR actions due to...

6.2AI score

Exploits0References19

OSV•added 2026/05/10 12:0 a.m.•1 views

OPENSUSE-SU-2026:10741-1 go1.26-1.26.3-1.1 on GA media

These are all security issues fixed in the go1.26-1.26.3-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS5.9AI score0.00054EPSS

Exploits0References11

CNNVD•added 2026/05/08 12:0 a.m.•4 views

openvpn-auth-oauth2 授权问题漏洞

OpenVPN-Auth-OAuth2 is a single-signpoint login authentication integration tool developed by Jan-Otto Kröpke. In versions 1.26.3 to 1.27.3 of OpenVPN-Auth-OAuth2, there were authorization-related vulnerabilities. These vulnerabilities occurred when clients did not support WebAuth/SSO in...

10CVSS5.8AI score0.00022EPSS

Exploits0References1

Snyk•added 2026/05/07 7:21 p.m.•3 views

Uncaught Exception

Overview std/net is a Go standard library package std/net Affected versions of this package are vulnerable to Uncaught Exception. Go Vulnerability Report: The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL 0. Remediation Upgrade std/net to version...

8.7CVSS5.8AI score0.0002EPSS

Exploits0References3

Snyk•added 2026/05/07 7:21 p.m.•2 views

Allocation of Resources Without Limits or Throttling

Overview std/net/mail is a Go standard library package std/net/mail Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report: Pathological inputs could cause DoS through consumePhrase when parsing an email address according ...

7.5CVSS5.8AI score0.00022EPSS

Exploits0References3

OSV•added 2026/04/22 2:28 p.m.•1 views

GHSA-246W-JGMQ-88FG openvpn-auth-oauth2 returns FUNC_SUCCESS on client-deny, allowing unauthenticated VPN access

Summary When openvpn-auth-oauth2 is deployed in the experimental plugin mode shared library loaded by OpenVPN via the plugin directive, clients that do not support WebAuth/SSO e.g., the openvpn CLI on Linux are incorrectly admitted to the VPN despite being denied by the authentication logic. The...

10CVSS5.8AI score0.00022EPSS

Exploits0References8

Positive Technologies•added 2026/04/22 12:0 a.m.•3 views

PT-2026-34452

Name of the Vulnerable Software and Affected Versions openvpn-auth-oauth2 versions 1.26.3 through 1.27.2 Description An authentication bypass exists when the software is deployed in experimental plugin mode. Clients that do not support WebAuth/SSO are incorrectly granted full network access witho...

10CVSS5.9AI score0.00022EPSS

Exploits0References27

OSV•added 2026/04/01 9:31 a.m.•2 views

CLEANSTART-2026-LI47669 Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 1.26.2-r0, 1.26.3-r0, 1.26.3-r1

Multiple security vulnerabilities affect the cloudnative-pg-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

9.1CVSS6.9AI score0.00046EPSS

Exploits4References19

Tenable Nessus•added 2026/03/17 12:0 a.m.•2 views

MiracleLinux 9 : nginx:1.26 (AXSA:2026-323:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-323:01 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block...

8.2CVSS6.1AI score0.00021EPSS

Exploits0References2