CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

97 matches found

EUVD-2026-32985

Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses...

3.3CVSS5.8AI score0.00014EPSS

Exploits0References1

RedhatCVE•added 2026/05/28 1:53 a.m.•8 views

CVE-2026-45912

A flaw was found in the Linux kernel's ext4 filesystem. During certain file operations, specifically when splitting data extents, an issue with caching can lead to incorrect tracking of disk space. This can result in errors in space accounting, potentially impacting data integrity and the overall...

7CVSS5.8AI score0.00032EPSS

Exploits0References4

IBM Security Bulletins•added 2026/03/31 4:18 p.m.•10 views

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining 2.1.1

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 2.1.1 Vulnerability Details CVEID:CVE-2026-22732 DESCRIPTION: When applications specify HTTP response headers for servlet applications using Spring...

9.8CVSS6.8AI score0.01189EPSS

Exploits6Affected Software1

Vulnrichment•added 2026/03/25 3:4 p.m.•0 views

CVE-2026-4363 Incorrect Authorization in GitLab

GitLab has remediated an issue in GitLab EE affecting all versions from 18.1 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that under certain conditions could have allowed an authenticated user to gain unauthorized access to resources due to improper caching of authorization decisio...

3.7CVSS5.8AI score0.00019EPSS

Exploits0References2

RedhatCVE•added 2026/03/12 10:54 a.m.•2 views

CVE-2026-1471

A flaw was found in Neo4j. Authenticated users can inherit the authentication context of the first user who authenticated after a system restart. This occurs due to excessive caching of authentication context in certain non-default configurations of the Single Sign-On SSO UserInfo endpoint. This...

4.2CVSS5.8AI score0.00071EPSS

Exploits0References4

NVD•added 2026/03/11 5:16 p.m.•3 views

CVE-2026-1471

Excessive caching of authentication context in Neo4j Enterprise edition versions prior to 2026.01.4 leads to authenticated users inheriting the context of the first user who authenticated after restart. The issue is limited to certain non-default configurations of SSO UserInfo endpoint. We...

6.5CVSS0.00071EPSS

Exploits0References1

RedhatCVE•added 2025/11/13 11:8 p.m.•5 views

CVE-2025-64707

Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, when admins revoked a role from the user, the effect was not immediate because of caching. The issue has been fixed in version 2.41.0 by ensuring the cache is...

5.4CVSS6.8AI score0.00033EPSS

Exploits0References1

CVE•added 2025/11/12 10:27 p.m.•5 views

CVE-2025-64707

Summary : CVE-2025-64707 affects Frappe Learning (LMS). From versions 2.0.0 up to and including 2.41.0, revoking a user’s role could be delayed in effect due to caching, meaning revoked permissions could persist briefly. This behavior has been fixed in version 2.41.0 by ensuring the cache is clea...

5.4CVSS6.4AI score0.00033EPSS

Exploits0References1Affected Software1

EUVD•added 2025/11/12 10:27 p.m.•4 views

EUVD-2025-150360

5.1CVSS6.2AI score0.00033EPSS

Exploits0References1

Vulnrichment•added 2025/11/12 10:27 p.m.•2 views

CVE-2025-64707 Frappe LMS revoking access did not show immediate effect as roles were cached

5.1CVSS6.4AI score0.00033EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-4975