CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/03/05 3:30 p.m.•2 views

EUVD-2026-9822

Avira Internet Security contains a time-of-check time-of-use TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and subsequently deletes them during a separate cleanup phase without revalidating the target...

8.5CVSS6AI score0.00012EPSS

EUVD•added 2026/03/05 3:30 p.m.•0 views

EUVD-2026-9821

8.5CVSS6.5AI score0.00081EPSS

NVD•added 2026/03/05 3:16 p.m.•6 views

CVE-2026-27750

7.8CVSS0.00012EPSS

OSV•added 2026/03/05 3:16 p.m.•2 views

CVE-2026-27750

7CVSS5.8AI score

OSV•added 2026/03/05 3:16 p.m.•1 views

CVE-2026-27749

7.8CVSS6.3AI score

NVD•added 2026/03/05 3:16 p.m.•5 views

CVE-2026-27748

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

7.8CVSS0.00026EPSS

NVD•added 2026/03/05 3:16 p.m.•4 views

CVE-2026-27749

7.8CVSS0.00081EPSS

Vulnrichment•added 2026/03/05 2:15 p.m.•3 views

CVE-2026-27748 Avira Internet Security Arbitrary File Deletion via Improper Link Resolution

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

8.5CVSS5.9AI score0.00026EPSS

ATTACKERKB•added 2026/03/05 2:15 p.m.•2 views

CVE-2026-27748

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

8.5CVSS6AI score0.00026EPSS

Cvelist•added 2026/03/05 2:15 p.m.•26 views

CVE-2026-27748 Avira Internet Security Arbitrary File Deletion via Improper Link Resolution

Avira Internet Security contains an improper link resolution vulnerability in the Software Updater component. During the update process, a privileged service running as SYSTEM deletes a file under C:\ProgramData without validating whether the path resolves through a symbolic link or reparse point...

7.8CVSS0.00026EPSS

Cvelist•added 2026/03/05 2:15 p.m.•24 views

CVE-2026-27749 Avira Internet Security System Speedup Insecure Deserialization

7.8CVSS0.00081EPSS

CVE•added 2026/03/05 2:15 p.m.•10 views

CVE-2026-27749

CVE-2026-27749 affects Avira Internet Security, specifically the System Speedup component. The vulnerability arises from deserialization of untrusted data by the privileged process Avira.SystemSpeedup.RealTimeOptimizer.exe (running as SYSTEM) which reads a file under C:\ProgramData and deserializ...

8.5CVSS6.5AI score0.00081EPSS

Exploits0References3Affected Software1

ATTACKERKB•added 2026/03/05 2:15 p.m.•1 views

CVE-2026-27749

8.5CVSS6.5AI score0.00081EPSS

Vulnrichment•added 2026/03/05 2:15 p.m.•0 views

CVE-2026-27749 Avira Internet Security System Speedup Insecure Deserialization

8.5CVSS6.2AI score0.00081EPSS

CVE•added 2026/03/05 2:15 p.m.•7 views

CVE-2026-27750

Avira Internet Security is affected by a TOCTOU vulnerability in the Optimizer component. A privileged service running as SYSTEM identifies directories for cleanup during a scan phase and later deletes them in a separate cleanup phase without revalidating the target path. An local attacker could ...

8.5CVSS6AI score0.00012EPSS

Exploits0References3Affected Software1

ATTACKERKB•added 2026/03/05 2:15 p.m.•4 views

CVE-2026-27750

8.5CVSS6AI score0.00012EPSS

Cvelist•added 2026/03/05 2:15 p.m.•26 views

CVE-2026-27750 Avira Internet Security Optimizer TOCTOU

7.8CVSS0.00012EPSS