CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

IBM Security Bulletins•added 2026/05/27 2:5 p.m.•12 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in activemq-all (CVE-2026-40466 and CVE-2026-41044)

Summary IBM Sterling Control Center is affected by vulnerabilities CVE-2026-40466 and CVE-2026-41044 reported for activemq-all-5.19.0.jar. Vulnerability Details CVEID:CVE-2026-40466 DESCRIPTION: Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in...

8.8CVSS6.4AI score0.03972EPSS

Exploits12Affected Software1

IBM Security Bulletins•added 2026/05/27 2:4 p.m.•14 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in spring-boot (CVE-2026-40973, CVE-2026-40975, CVE-2026-40977)

Summary IBM Sterling Control Center is affected by vulnerabilities CVE-2026-40973, CVE-2026-40975, CVE-2026-40977 reported for spring-boot-3.4.11.jar. Vulnerability Details CVEID:CVE-2026-40973 DESCRIPTION: A local attacker on the same host as the application may be able to take control of the...

7.5CVSS6AI score0.00211EPSS

IBM Security Bulletins•added 2026/05/27 2:4 p.m.•12 views

Security Bulletin: IBM Sterling Control Center is affected by a vulnerability in spring-boot-autoconfigure (CVE-2026-40974)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-40974 reported for spring-boot-autoconfigure-3.4.11.jar. Vulnerability Details CVEID:CVE-2026-40974 DESCRIPTION: Spring Boot's Cassandra auto-configuration does not perform hostname verification when establishing an SSL...

9.8CVSS5.8AI score0.00182EPSS

IBM Security Bulletins•added 2026/05/27 2:2 p.m.•13 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in IBM Semeru Runtime Quarterly CPU - Apr 2026

Summary IBM Sterling Control Center is affected by vulnerabilities CVE-2026-34282, CVE-2026-22016, CVE-2026-23865, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-22008, CVE-2026-34268, CVE-2026-22007, CVE-2026-6918 reported for IBM Semeru Runtime Quarterly CPU - Apr 2026 - Includes...

8.7CVSS7.5AI score0.00378EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/05/27 2:2 p.m.•24 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in Bouncy Castle bcprov-jdk (CVE-2025-14813, CVE-2026-5598)

Summary IBM Sterling Control Center is affected by vulnerabilities CVE-2025-14813, CVE-2026-5598 reported for bcprov-jdk18on-1.81.jar. Vulnerability Details CVEID:CVE-2025-14813 DESCRIPTION: : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JA...

9.9CVSS7.1AI score0.00512EPSS

Vulnrichment•added 2026/05/27 1:20 p.m.•11 views

CVE-2026-48972 WordPress SeedProd Pro plugin < 6.19.5 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SeedProd LLC SeedProd Pro allows PHP Local File Inclusion. This issue affects SeedProd Pro: from n/a before 6.19.5...

7.5CVSS5.8AI score0.00309EPSS

Exploits0References1

ATTACKERKB•added 2026/05/27 1:20 p.m.•8 views

CVE-2026-48972

7.5CVSS5.8AI score0.00309EPSS

Exploits0References2

OSSF Malicious Packages•added 2026/05/27 1:17 p.m.•13 views

Malicious code in bulletproof-json (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00849bd08fa4e9ebb1877039ab1ff287fd0ab89a683a45229176f717b6db1e9d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score

Exploits0References1

CVE•added 2026/05/27 12:59 p.m.•21 views

CVE-2026-46103

In the Linux kernel, a fix for devres lifetime in the can: ucan path addresses memory-management where USB driver resources tied to an interface were not properly released when the driver is unbound (e.g., probe deferral or config changes). The issue affects USB drivers binding to interfaces and ...

5.9AI score0.00164EPSS

ATTACKERKB•added 2026/05/27 12:59 p.m.•8 views

CVE-2026-46101

In the Linux kernel, the following vulnerability has been resolved: netfilter: reject zero shift in nftbitwise Reject zero shift operands for nftbitwise left and right shift expressions during initialization. The carry propagation logic computes the carry from the adjacent 32-bit word using...

Exploits0References9Affected Software1

CVE•added 2026/05/27 12:59 p.m.•24 views

CVE-2026-46101

CVE-2026-46101 relates to the Linux kernel netfilter component, specifically the nft_bitwise operation. The issue arises from zero shift operands in left/right shift expressions during initialization. The carry propagation logic uses BITS_PER_TYPE(u32) - shift; a zero shift operand can produce a ...

EUVD•added 2026/05/27 12:59 p.m.•11 views

EUVD-2026-32484

CVE•added 2026/05/27 12:58 p.m.•23 views

Exploits0References5

CVE-2026-46091

CVE-2026-46091 affects the Linux kernel, specifically the media: rc: igorplugusb path. The issue arises when a USB request structure in a control request is subject to DMA on some host controllers, requiring adherence to DMA coherency rules. The documentation states the request must be allocated ...

5.8AI score0.00176EPSS

Cvelist•added 2026/05/27 12:58 p.m.•36 views

CVE-2026-46091 media: rc: igorplugusb: heed coherency rules

In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. Hence it must obey the rules for DMA coherency. Allocate it separately...

0.00176EPSS

Debian CVE•added 2026/05/27 12:58 p.m.•11 views

CVE-2026-46091

5.7AI score0.00176EPSS

Exploits0

EUVD•added 2026/05/27 12:58 p.m.•11 views

EUVD-2026-32471

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...