CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/05/20 12:0 a.m.•8 views

RHEL 9 : tigervnc (RHSA-2026:19342)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19342 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...

9.8CVSS5.9AI score0.00489EPSS

Exploits0References12

RedHat Linux•added 2026/05/19 9:57 p.m.•9 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

7.8CVSS6AI score0.0038EPSS

RedHat Linux•added 2026/05/19 9:56 p.m.•8 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

7.8CVSS6AI score0.0038EPSS

RedHat Linux•added 2026/05/19 6:28 p.m.•7 views

Moderate: Red Hat Security Advisory: compat-openssl11 security update

An update for compat-openssl11 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

7.4CVSS7.5AI score0.00444EPSS

Exploits1References2

RedHat Linux•added 2026/05/19 4:21 p.m.•13 views

Critical: Red Hat Security Advisory: nginx security update

An update for nginx is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.2CVSS6.1AI score0.5331EPSS

Exploits39References2

RedHat Linux•added 2026/05/19 4:17 p.m.•10 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

7.8CVSS6AI score0.0038EPSS

RedHat Linux•added 2026/05/19 9:20 a.m.•5 views

firefox: thunderbird: CSP Bypass and XSS Exposure via Web Compatibility Shims

The Mozilla Foundation's Security Advisory: Enhanced Tracking Protection's Strict mode may inadvertently allow a CSP frame-src bypass and DOM-based cross-site scripting XSS through the Google SafeFrame shim in the Web Compatibility extension. This issue could expose users to malicious frames...

6.1CVSS6.8AI score0.00495EPSS

Exploits0References10

AlmaLinux•added 2026/05/19 12:0 a.m.•10 views

Moderate: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: OpenSSL: Arbitrary code execution due to...

7.4CVSS7.5AI score0.00444EPSS

Exploits1References4

OSV•added 2026/05/19 12:0 a.m.•8 views

ALSA-2026:19344 Important: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling CVE-2026-33999 xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential...

7.8CVSS5.8AI score0.0038EPSS

Exploits0References8

Hacker One•added 2026/05/16 2:59 a.m.•21 views

curl: SSL session-cache peer key omits signature_algorithms: strict-sigalg handle silently resumes a permissive sibling's session

CURLOPTSSLSIGNATUREALGORITHMS policy bypass: SSL session cache key omits sigalgs, allowing a strict-sigalg handle to resume a session negotiated under a permissive policy AI disclosure This report was prepared with the assistance of an AI coding assistant Claude. The behavioral diff pre/post patc...

7.5CVSS6.7AI score0.03721EPSS

Exploits1

OSSF Malicious Packages•added 2026/05/15 10:43 a.m.•12 views

Malicious code in babel-6-compatibility-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d77f7edebabddc5ea0e09c0b1df9b7277a2645a506618cad4e4ee0340db67efe The package babel-6-compatibility-utils was found to contain malicious code. Source: ghsa-malware...

Snyk•added 2026/05/15 10:43 a.m.•8 views

Malicious Package

Overview babel-6-compatibility is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score

Exploits0References2

Snyk•added 2026/05/15 10:43 a.m.•8 views

Malicious Package

Overview babel-6-compatibility-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score

Exploits0References2

OSV•added 2026/05/15 10:43 a.m.•4 views

MAL-2026-3784 Malicious code in babel-6-compatibility-utils (npm)

OSSF Malicious Packages•added 2026/05/15 10:43 a.m.•17 views

Malicious code in babel-6-compatibility (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8087b9d84c49b5f44fe119e347d1fe658395eb8af859209bcf8884716692229d The package babel-6-compatibility was found to contain malicious code. Source: ghsa-malware...

OSV•added 2026/05/15 10:43 a.m.•5 views

MAL-2026-3783 Malicious code in babel-6-compatibility (npm)