Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22120 matches found

Positive Technologies
Positive Technologiesadded 2026/04/21 12:0 a.m.2 views

PT-2026-34186

The Data Sharing Framework DSF implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. Prior to 2.1.0, The OIDC JWKS and Metadata Document caches used an inverted time comparison isBefore instead of isAfter, causing the cache to never return cached values. Every...

6.3CVSS5.8AI score0.00057EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2026/04/21 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013094)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013094 advisory. In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the...

5.9AI score0.0004EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 2026/04/20 11:26 p.m.2 views

SUSE CVE-2026-31429

In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKBSMALLHEADCACHESIZE is intentionally set to a non-power-of-2 value e.g. 704 on x8664 to avoid collisions with generic kmalloc bucket sizes. This ensures that...

5.6AI score0.00015EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/20 9:31 p.m.1 views

EUVD-2026-23944

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg7:4 CBIE/CBCFE/CBZE-related fields is incorrectly masked/updated based on menvcfg7:4, so a machine-mode write to menvcfg can implicitly modify the hypervisor's environment configuration. This can lead to...

5.7AI score0.00026EPSS
Exploits0References5
NVD
NVDadded 2026/04/20 8:16 p.m.1 views

CVE-2026-6550

Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version 4.0.5 might allow an authenticated local threat actor to bypass key commitment policy enforcement via a shared key cache, resulting in ciphertext that can be...

5.7CVSS0.00005EPSS
Exploits0References4
Snyk
Snykadded 2026/04/20 8:12 p.m.6 views

Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

Overview aws-encryption-sdk is an AWS Encryption SDK implementation for Python Affected versions of this package are vulnerable to Selection of Less-Secure Algorithm During Negotiation 'Algorithm Downgrade' via the shared key cache. An attacker can bypass key commitment policy enforcement by...

5.7CVSS5.7AI score0.00005EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/20 7:20 p.m.2 views

CVE-2026-6550

Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version 4.0.5 might allow an authenticated local threat actor to bypass key commitment policy enforcement via a shared key cache, resulting in ciphertext that can be...

5.7CVSS5.7AI score0.00005EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2026/04/20 7:20 p.m.6 views

CVE-2026-6550

The vulnerability CVE-2026-6550 affects the AWS Encryption SDK for Python in its caching layer. A cryptographic downgrade in the key cache could allow an authenticated local actor to bypass key commitment policy enforcement, enabling ciphertext to be decrypted into multiple possible plaintexts. A...

5.7CVSS5.7AI score0.00005EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/04/20 7:20 p.m.2 views

CVE-2026-6550 Key commitment policy bypass via shared key cache in AWS Encryption SDK for Python

Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version 4.0.5 might allow an authenticated local threat actor to bypass key commitment policy enforcement via a shared key cache, resulting in ciphertext that can be...

5.7CVSS5.7AI score0.00005EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/20 7:20 p.m.27 views

CVE-2026-6550 Key commitment policy bypass via shared key cache in AWS Encryption SDK for Python

Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version 4.0.5 might allow an authenticated local threat actor to bypass key commitment policy enforcement via a shared key cache, resulting in ciphertext that can be...

5.7CVSS0.00005EPSS
Exploits0References4
EUVD
EUVDadded 2026/04/20 12:32 p.m.7 views

EUVD-2026-23816

In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKBSMALLHEADCACHESIZE is intentionally set to a non-power-of-2 value e.g. 704 on x8664 to avoid collisions with generic kmalloc bucket sizes. This ensures that...

5.6AI score0.00015EPSS
Exploits0References5
NVD
NVDadded 2026/04/20 12:16 p.m.0 views

CVE-2026-6636

A vulnerability was detected in p2r3 convert up to 6998584ace3e11db66dff0b423612a5cf91de75b. Affected is the function Bun.serve of the file buildCache.js of the component API. Performing a manipulation of the argument pathname results in path traversal. It is possible to initiate the attack...

5.3CVSS0.00017EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/04/20 12:0 p.m.2 views

CVE-2026-6636

A vulnerability was detected in p2r3 convert up to 6998584ace3e11db66dff0b423612a5cf91de75b. Affected is the function Bun.serve of the file buildCache.js of the component API. Performing a manipulation of the argument pathname results in path traversal. It is possible to initiate the attack...

5.3CVSS5.4AI score0.00017EPSS
Exploits0References4
NVD
NVDadded 2026/04/20 10:16 a.m.1 views

CVE-2026-31429

In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKBSMALLHEADCACHESIZE is intentionally set to a non-power-of-2 value e.g. 704 on x8664 to avoid collisions with generic kmalloc bucket sizes. This ensures that...

5.5CVSS0.00015EPSS
Exploits0References5
Debian CVE
Debian CVEadded 2026/04/20 9:43 a.m.2 views

CVE-2026-31429

In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKBSMALLHEADCACHESIZE is intentionally set to a non-power-of-2 value e.g. 704 on x8664 to avoid collisions with generic kmalloc bucket sizes. This ensures that...

5.5CVSS5.3AI score0.00015EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/04/20 9:43 a.m.2 views

CVE-2026-31429

In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKBSMALLHEADCACHESIZE is intentionally set to a non-power-of-2 value e.g. 704 on x8664 to avoid collisions with generic kmalloc bucket sizes. This ensures that...

5.5AI score0.00015EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2026/04/20 9:43 a.m.26 views

CVE-2026-31429 net: skb: fix cross-cache free of KFENCE-allocated skb head

In the Linux kernel, the following vulnerability has been resolved: net: skb: fix cross-cache free of KFENCE-allocated skb head SKBSMALLHEADCACHESIZE is intentionally set to a non-power-of-2 value e.g. 704 on x8664 to avoid collisions with generic kmalloc bucket sizes. This ensures that...

0.00015EPSS
Exploits0References5
CVE
CVEadded 2026/04/20 9:43 a.m.14 views

CVE-2026-31429

Summary (supported): CVE-2026-31429 affects the Linux kernel, specifically a KFENCE interaction that caused a cross-cache free of KFENCE-allocated skb heads. The root cause was that kfence_ksize() could return the exact allocation size, leading to skb_end_offset matching SKB_SMALL_HEAD_HEADROOM a...

5.5CVSS5.6AI score0.00015EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linuxadded 2026/04/20 3:44 a.m.3 views

squid: Squid: Denial of Service via heap Use-After-Free vulnerability in ICP handling

A flaw was found in Squid. A remote attacker can exploit a heap Use-After-Free vulnerability when handling ICP Internet Cache Protocol traffic. This allows them to perform a reliable and repeatable Denial of Service DoS attack, making the Squid service unavailable. This attack is limited to...

9.2CVSS5.7AI score0.01395EPSS
Exploits0References7
RedHat Linux
RedHat Linuxadded 2026/04/20 3:44 a.m.3 views

Squid: Squid: Denial of Service via crafted ICP traffic

A flaw was found in Squid. A remote attacker can exploit this vulnerability by sending specially crafted ICP Internet Cache Protocol traffic. This can lead to a Denial of Service DoS due to premature resource release and use-after-free vulnerabilities. This attack is possible in Squid deployments...

8.7CVSS5.7AI score0.0021EPSS
Exploits0References7
Rows per page
Query Builder