CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD-2026-37662

Unauthenticated Broken Access Control in WordPress Dating Theme = 11.2.0 versions...

8.6CVSS5.1AI score

Exploits0References2

RedHat Linux•added yesterday•4 views

CVE-2026-12515

A flaw was found in Katello's of Red Hat Satellite. A content upload functionality where insufficient authorization checks in the ContentUploadsController allowed users with the editproducts permission to query content information for repositories outside the products they were authorized to...

4.3CVSS

Exploits0References3

netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

A flaw was found in Netty. The HttpObjectDecoder component, which processes incoming HTTP requests, incorrectly skips certain control characters and whitespace before reading the first request line. This behavior, which goes beyond standard HTTP protocol requirements, can lead to request-boundary...

5.3CVSS5.3AI score0.00232EPSS

Exploits0References7

CVE-2026-54810

Missing Authorization vulnerability in Nexi Payments Nexi XPay allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nexi XPay: from n/a through 8.3.1...

7.5CVSS

NVD•added yesterday•7 views

CVE-2026-35067

Dell PowerFlex Manager, versions Versions, contains an Improper Access Control vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to Elevation of privileges and Unauthorized access...

5.7CVSS

CVE-2026-35066

Dell PowerFlex Manager, versions Versions, contains an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service...

7.1CVSS

CVE-2026-35162

4.3CVSS

NVD•added yesterday•4 views

CVE-2026-12528

A flaw was found in 389 Directory Server in the aclpnormalizeacltxt function of aclparse.c. A malformed ACI Access Control Instruction string can trigger heap-buffer-overflow writes and reads during ACI parsing. The function fails to validate that the ACI keyword has sufficient length after...

5.4CVSS

Exploits0References3

NVD•added yesterday•7 views

CVE-2026-22283

Dell PowerFlex Manager, versions Version prior to 4.8, contains an Inclusion of Functionality from Untrusted Control Sphere vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure...

7.5CVSS

CVE-2026-11311

When NGINX Plus is configured as the data plane for NGINX Gateway Fabric, an injection vulnerability exists in the NGINX configuration generator component of NGINX Gateway Fabric. User-supplied string values from the NginxProxy Custom Resource Definition serverTokens field and the...

8.6CVSS

CVE•added yesterday•8 views

CVE-2026-35066

CVE-2026-35066 affects Dell PowerFlex Manager. The vulnerability is described as an Improper Access Control weakness that could allow a low-privilege, remote attacker to cause a denial of service. The CVSS 3.1 vector is AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H, indicating network access with low privi...

7.1CVSS5.4AI score

EUVD-2026-37736

7.1CVSS5.4AI score

CVE•added yesterday•9 views

CVE-2026-35067

Technical details are not publicly available in the provided documents. Monitor for updates from Dell/NVD for affected PowerFlex Manager versions, root cause, impact, and remediation.

5.7CVSS5.3AI score

EUVD-2026-37735

5.7CVSS5.3AI score

CVE•added yesterday•6 views

CVE-2026-35162

Technical details about CVE-2026-35162 are not publicly available in the provided documents. Monitor for updates from Dell and security advisories.

4.3CVSS5.4AI score