CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21936 matches found

EUVD•added 2026/05/01 12:0 a.m.•6 views

EUVD-2026-26674

Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize on data from the filesystem in the FileHandler object...

9.8CVSS5.8AI score0.00055EPSS

Exploits0References3

Positive Technologies•added 2026/05/01 12:0 a.m.•4 views

PT-2026-36332

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the f2fs compress write end io function. The dec page countsbi, type function can reduce the F2FS WB CP DATA counter to zero, which may unblock f2fs wait...

9.8CVSS5.9AI score0.00383EPSS

Exploits0References53

Cvelist•added 2026/05/01 12:0 a.m.•21 views

CVE-2026-42472

Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize on data from Redis in the RedisHandler object...

0.00055EPSS

Exploits0References3

CVE•added 2026/05/01 12:0 a.m.•3 views

CVE-2026-42472

The CVE-2026-42472 entry describes an unsafe deserialization vulnerability in MixPHP Framework 2.x up to 2.2.17, caused by session and cache handlers calling unserialize() on data sourced from Redis in the RedisHandler object. This is reported across multiple feeds (NVD, CVE listing, vuln enrichm...

9.8CVSS5.8AI score0.00055EPSS

Exploits0References3

CVE•added 2026/05/01 12:0 a.m.•2 views

CVE-2026-42473

The CVE-2026-42473 issue affects MixPHP Framework 2.x up to 2.2.17. The vulnerability arises from unsafe deserialization in the FileHandler’s session and cache handling, where data from the filesystem is passed to PHP’s unserialize(), enabling high-impact data integrity/confidentiality/availabili...

9.8CVSS5.8AI score0.00055EPSS

Exploits0References3

CNNVD•added 2026/05/01 12:0 a.m.•5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A buffer overflow vulnerability exists in the Linux kernel. The vulnerability stems from the fuseadddirenttocache function not checking if the dirent size exceeds PAGESIZE, whi...

7.8CVSS6AI score0.00015EPSS

Exploits0References1

EUVD•added 2026/05/01 12:0 a.m.•2 views

EUVD-2026-26673

Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The session and cache handlers use unserialize on data from Redis in the RedisHandler object...

9.8CVSS5.8AI score0.00055EPSS

Exploits0References3

GithubExploit•added 2026/04/30 9:36 p.m.•54 views

Exploit for CVE-2026-31431

copyfailautopatch Detect and optionally mitigate CVE-2026...

7.8CVSS5.7AI score0.02194EPSS

Exploits226

GithubExploit•added 2026/04/30 9:32 p.m.•67 views

Exploit for CVE-2026-3143

CVE-2026-3143 - Copy Fail PoC Aciklama Bu depo, Linux ceki...

5.3AI score0.00073EPSS

Exploits1

GithubExploit•added 2026/04/30 8:54 p.m.•75 views

Exploit for CVE-2026-31431

CVE-2026-31431-Copy-Fail---Vulnerability-Detection-Script Dete...

7.8CVSS6.4AI score0.02194EPSS

Exploits226

GithubExploit•added 2026/04/30 8:38 p.m.•60 views

Exploit for CVE-2026-31431

Copy Fail PoC English Python PoC for CVE-2026-31431,...

7.8CVSS5.7AI score0.02194EPSS

Exploits226

GithubExploit•added 2026/04/30 8:35 p.m.•55 views

Exploit for CVE-2026-31431

CVE-2026-31431 Copy Fail – a 4‑byte page‑cache write prim...

7.8CVSS5.8AI score0.02194EPSS

Exploits226

ATTACKERKB•added 2026/04/30 6:17 p.m.•3 views

CVE-2026-32148

Insufficient Verification of Data Authenticity vulnerability in hexpm hex Hex.RemoteConverger module allows dependency integrity bypass via unverified lockfile checksums. Hex stores checksums for dependencies in the mix.lock file to ensure reproducible and integrity-checked builds. However,...

8.9CVSS5.3AI score0.00021EPSS

Exploits1References5Affected Software1

OSV•added 2026/04/30 6:17 p.m.•1 views

EEF-CVE-2026-32148 Lockfile checksums not verified in Hex allows dependency integrity bypass

Summary Insufficient Verification of Data Authenticity vulnerability in hexpm hex Hex.RemoteConverger module allows dependency integrity bypass via unverified lockfile checksums. Hex stores checksums for dependencies in the mix.lock file to ensure reproducible and integrity-checked builds. Howeve...

8.9CVSS5.5AI score0.00021EPSS

Exploits1References3

Github Security Blog•added 2026/04/30 6:10 p.m.•6 views

Hickory DNS's Record Cache Accepts AUTHORITY-Section NS from Sibling Zone via Parent-Pool Zone-Context Elevation

Summary The Hickory DNS project's experimental hickory-recursor crate's record cache DnsLru stores records from DNS responses keyed by each record's own name, type, not by the query that triggered the response. cacheresponse in crates/recursor/src/lib.rs chains ANSWER, AUTHORITY, and ADDITIONAL...

5.3AI score

Exploits0References2Affected Software1

GithubExploit•added 2026/04/30 6:9 p.m.•51 views

Exploit for CVE-2026-31431

CVE-2026-31431 Linux algifaead page-cache write to root - Lo...

7.8CVSS5.7AI score0.02194EPSS

Exploits226

OSV•added 2026/04/30 4:54 p.m.•3 views

SUSE-SU-2026:21436-1 Security update for freerdp

This update for freerdp fixes the following issues: Update to version 3.24.2. Security issues fixed: - CVE-2026-25941: out-of-bounds read in the FreeRDP client RDPGFX channel bsc1258919. - CVE-2026-25942: buffer overflow of global array in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952:...

9.8CVSS6.1AI score0.00164EPSS

Exploits19References57

OSV•added 2026/04/30 4:54 p.m.•1 views

OPENSUSE-SU-2026:20657-1 Security update for freerdp

9.8CVSS6.1AI score0.00164EPSS

Exploits19References56

GithubExploit•added 2026/04/30 4:19 p.m.•61 views

Exploit for CVE-2026-31431

Copy Fail CVE-2026-31431 - Comprehensive Writeup 1. Vuln...

7.8CVSS6.7AI score0.02194EPSS

Exploits226

GithubExploit•added 2026/04/30 2:33 p.m.•86 views