CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/05/04 5:42 a.m.•2 views

CVE-2026-20451

In slbc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10828685; Issue ID: MSV-6504...

6.7CVSS5.8AI score0.00154EPSS

Vulnrichment•added 2026/05/04 5:42 a.m.•13 views

CVE-2026-20451

5.8AI score0.00154EPSS

Cvelist•added 2026/05/04 5:42 a.m.•40 views

CVE-2026-20451

0.00154EPSS

CNNVD•added 2026/05/04 12:0 a.m.•7 views

MCP-RTFM 路径遍历漏洞

MCP-RTFM is an intelligent document generation and knowledge base construction tool developed by Ryan Joachim. Version 0.1.0 of MCP-RTFM contains a path traversal vulnerability. This vulnerability arises from the handling of the docFile parameter in the getdoccontent/readdoc/updatedoc functions...

6.5CVSS6.6AI score0.00294EPSS

OSV•added 2026/05/04 12:0 a.m.•5 views

ALSA-2026:13537 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-6754 firefox: thunderbird: Spoofing...

9.8CVSS6AI score0.04938EPSS

Exploits1References52

Debian CVE•added 2026/05/04 12:0 a.m.•6 views

CVE-2026-37458

Missing input validation in the MPREACHNLRI component of FRRouting FRR stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service DoS via supplying a crafted UPDATE message...

6.5CVSS5.8AI score0.00249EPSS

Exploits0

Tenable Nessus•added 2026/05/04 12:0 a.m.•6 views

RHEL 8 : thunderbird (RHSA-2026:13537)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:13537 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...

9.8CVSS6.1AI score0.04938EPSS

Exploits1References52

AlmaLinux•added 2026/05/04 12:0 a.m.•13 views

Important: thunderbird security update

9.8CVSS6AI score0.04938EPSS

Exploits1References52

Android Security Bulletins•added 2026/05/04 12:0 a.m.•12 views

Android Security Bulletin—May 2026Stay organized with collectionsSave and categorize content based on your preferences.

This Android Security Bulletin contains details of security vulnerabilities that affect Android devices. Security patch levels of 2026-05-01 or later address all of these issues. To learn how to check a device's security patch level, see Check and update your Android version. Within 48 hours afte...

8.8CVSS6.2AI score0.00541EPSS

Exploits11

AstraLinux•added 2026/05/03 11:59 p.m.•7 views

Astra Linux - уязвимость в chromium

A heap buffer overflow in the GPU component of Google Chrome prior to version 146.0.7680.178 allowed a remote attacker to execute arbitrary code through a crafted HTML page. Chromium security severity: High...

8.8CVSS6.4AI score0.0045EPSS

7.1CVSS5.2AI score0.00139EPSS

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: mcc: preventing shift wrapping in rtw89coremlsrswitch The value of “linkid” comes from the user via debugfs. If it is larger than BITSPERLONG, it will result in shift wrapping, potentially leading to out-of-bounds...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fixed a missing pointer check in the hdacomponentmanagerinit function. The componentmatchadd function may assign the ‘matchptr’ pointer the value ERRPTR-ENOMEM, which will subsequently be dereferenced. The call stack...

5.2AI score0.00164EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Cancel outstanding rescan work when unregistering. It is possible to trigger a use-after-free situation here by: a forcing rescanworkfunc to take a long time, and b using a pwrctrl driver that may be unloaded for som...

7.8CVSS6AI score0.00155EPSS

5.5CVSS6.1AI score0.00197EPSS

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: mt6359 – Fixed a refcount leak bug. In functions mt6359parsedt and mt6359accdetparsedt, we should call ofnodeput for the reference returned by ofgetchildbyname, which has caused an increase in the refcount...

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.15

A vulnerability, classified as problematic, has been identified in the Linux kernel. This issue affects the functions unixsockdestructor/unixreleasesock in the file net/unix/afunix.c of the BPF component. The manipulation leading to this issue results in a memory leak. It is recommended that a...

5.5CVSS5.9AI score0.0026EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux - уязвимость в libsoup2.4

A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server...

5.3CVSS5.8AI score0.0043EPSS

5.5CVSS5.3AI score0.00146EPSS

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: A reference count leak was fixed in hshewephaslimitsbox. The pcigetdevice function will increase the reference count of the returned ‘dev’. We need to call pcidevput to decrease the reference count. Since...