CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/03/27 12:16 a.m.•10 views

CVE-2026-33697

7.5CVSS0.00062EPSS

CNNVD•added 2026/03/27 12:0 a.m.•7 views

Cocos AI 访问控制错误漏洞

Cocos AI is an AI security computing platform based on a trusted execution environment, open-sourced by Ultraviolet. Cocos AI versions 0.8.2 and earlier contain an access control vulnerability. This vulnerability stems from a proven TLS design that has weaknesses in relay attacks, allowing...

Cvelist•added 2026/03/26 11:34 p.m.•28 views

CVE-2026-33697 CoCoS attested TLS is vulnerable to relay attacks via extracted ephemeral TLS keys

7.5CVSS0.00062EPSS

Vulnrichment•added 2026/03/26 11:34 p.m.•2 views

CVE-2026-33697 CoCoS attested TLS is vulnerable to relay attacks via extracted ephemeral TLS keys

7.5CVSS6AI score0.00062EPSS

ATTACKERKB•added 2026/03/26 11:34 p.m.•4 views

CVE-2026-33697

Exploits0References2Affected Software1

OSV•added 2026/03/26 11:34 p.m.•6 views

CVE-2026-33697 CoCoS attested TLS is vulnerable to relay attacks via extracted ephemeral TLS keys

CVE•added 2026/03/26 11:34 p.m.•18 views

Exploits0References3

CVE-2026-33697

CVE-2026-33697 affects CoCoS’ attested TLS (aTLS) across v0.4.0–v0.8.2 on AMD SEV-SNP and Intel TDX. An attacker who can extract the ephemeral TLS private key used during intra-handshake attestation can relay or divert an attested TLS session because the attestation evidence is bound to the ephem...

Exploits0References1Affected Software1

EUVD•added 2026/03/26 11:34 p.m.•3 views

EUVD-2026-16488

Positive Technologies•added 2026/03/26 12:0 a.m.•3 views

PT-2026-28509

Name of the Vulnerable Software and Affected Versions Cocos AI versions 0.4.0 through 0.8.2 Description Cocos AI, a confidential computing system for AI, has a weakness in its attested TLS aTLS implementation. This allows for a relay attack where an attacker may be able to extract the ephemeral T...

7.5CVSS6AI score0.00062EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-30293

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.02907EPSS

RedhatCVE•added 2025/05/23 5:39 a.m.•2 views

CVE-2023-26493

Cocos Engine is an open-source framework for building 2D & 3D real-time rendering and interactive content. In the github repo for Cocos Engine the web-interface-check.yml was subject to command injection. The web-interface-check.yml was triggered when a pull request was opened or updated and...

8.8CVSS7.3AI score0.02907EPSS

Exploits1References1

NVD•added 2023/03/27 10:15 p.m.•8 views

CVE-2023-26493

8.8CVSS8.6AI score0.02907EPSS

Prion•added 2023/03/27 10:15 p.m.•10 views

Command injection

6.5CVSS9AI score0.02907EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2023/03/27 9:35 p.m.•3 views

CVE-2023-26493 Command Injection in Cocos Engine workflow

8.1CVSS9.2AI score0.02907EPSS

CVE•added 2023/03/27 9:35 p.m.•126 views

CVE-2023-26493

The CVE-2023-26493 case affects Cocos Engine and concerns a command-injection risk in the repository’s web-interface-check.yml workflow. The vulnerability arises when a pull request triggers a workflow containing the user-controlled field (${ { github.head_ref } }), enabling an attacker to potent...

8.8CVSS8.9AI score0.02907EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/03/27 9:35 p.m.•17 views

CVE-2023-26493 Command Injection in Cocos Engine workflow

8.1CVSS9.4AI score0.02907EPSS