CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2 days ago•3 views

DEBIAN-CVE-2026-9697

Impact: undici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI socks5:// or socks://. The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servernam...

7.4CVSS5.9AI score0.00199EPSS

OSV•added 2 days ago•2 views

CGA-6WM4-684P-3CQ5

Bulletin has no description...

4.3CVSS4.9AI score0.00311EPSS

5.5CVSS4.7AI score0.00138EPSS

DEBIAN-CVE-2026-4367

A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a specially crafted or very small XPM X PixMap image file. This improper validation of file boundaries can cause an internal pointer to read...

7.8CVSS5AI score0.00173EPSS

MINI-72PW-875V-CJ6G

Bulletin has no description...

7.3CVSS5.2AI score0.00209EPSS

DEBIAN-CVE-2026-12324

Incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

5.4CVSS5.2AI score0.00164EPSS

DEBIAN-CVE-2026-12330

Incorrect boundary conditions in the Internationalization component. This vulnerability was fixed in Firefox ESR 140.12, Firefox ESR 115.37, and Thunderbird 140.12...

7.5CVSS5.3AI score0.00252EPSS

DEBIAN-CVE-2026-12314

Memory safety bug fixed in Thunderbird 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

8.1CVSS5.2AI score0.00152EPSS

DEBIAN-CVE-2026-12292

Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

8.8CVSS5.2AI score0.00156EPSS

DEBIAN-CVE-2026-12291

Use-after-free in the Networking: HTTP component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

6.5CVSS4.9AI score0.00204EPSS

MINI-9P4C-W6M3-674X

Bulletin has no description...

OSV•added 3 days ago•4 views

DEBIAN-CVE-2026-1766

A flaw was found in GNOME localsearch previously known as tracker-miners MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when processing specially crafted MP3 files containing malformed ID3v2.3 COMM Comment tags. An attacker cou...

6.1CVSS5.5AI score0.00166EPSS

OSV•added 4 days ago•3 views

MINI-F3F3-XM6J-P6W5

Bulletin has no description...

6.1CVSS4.9AI score0.00112EPSS

OSV•added 4 days ago•7 views

DEBIAN-CVE-2025-55660

A stack overflow in the gfopusreadlength function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS5.3AI score0.00181EPSS

OSV•added 4 days ago•6 views

DEBIAN-CVE-2025-55647

An Out-of-Memory in the mp4muxcencinsertpssh function filters/muxisom.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS5.3AI score0.00167EPSS

OSV•added 4 days ago•7 views

DEBIAN-CVE-2025-55642

GPAC MP4Box v2.4 was discovered to contain a floating point exception in the avidmxprocess function isomedia/isomwrite.c...

6.5CVSS5.3AI score0.00458EPSS

OSV•added 4 days ago•3 views

DEBIAN-CVE-2026-6047

LibreOffice can import documents in the OOXML format DOCX. A heap buffer overflow existed when replaying deferred parser events for a text box element. A handler object was assumed to be of one type and written to at that type's field layout, but it could be a smaller object, so the write landed...

6.9CVSS5.6AI score0.00119EPSS

OSV•added 4 days ago•2 views

MINI-974C-J2V4-X9JP

Bulletin has no description...

9.1CVSS4.9AI score0.00309EPSS