CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17182 matches found

Oracle Secure Global Desktop Administration Console 4.4 - Cross-Site Scripting

Oracle Secure Global Desktop Administration Console 4.4 contains a reflected cross-site scripting vulnerability in helpwindow.jsp via all parameters, as demonstrated by the sgdadmin/faces/comsunwebui/help/helpwindow.jsp windowTitle parameter. id: CVE-2018-19439 info: name: Oracle Secure Global...

6.1CVSS6.2AI score0.38875EPSS

Exploits3References5

EUVD•added yesterday•7 views

EUVD-2026-34056

A security flaw has been discovered in wonderwhy-er DesktopCommanderMCP up to 0.2.38. This impacts an unknown function of the file src/search-manager.ts of the component startsearch. Performing a manipulation of the argument SearchResult results in inefficient regular expression complexity. It is...

5.3CVSS5.4AI score0.0006EPSS

Exploits0References10

EUVD•added yesterday•5 views

EUVD-2026-34033

Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0...

8.2CVSS5.7AI score0.00014EPSS

Exploits0References2

NVD•added yesterday•5 views

CVE-2026-10690

A vulnerability was identified in wonderwhy-er DesktopCommanderMCP 0.2.37. This affects the function readFileFromUrl of the file src/tools/filesystem.ts of the component readfile. Such manipulation of the argument url leads to server-side request forgery. The attack may be performed from remote...

6.5CVSS0.00043EPSS

Exploits0References7

Vulnrichment•added 2 days ago•2 views

CVE-2026-10691 wonderwhy-er DesktopCommanderMCP start_search search-manager.ts redos

5.3CVSS5.4AI score0.0006EPSS

Exploits0References9

ATTACKERKB•added 2 days ago•2 views

CVE-2026-10691

5.3CVSS5.4AI score0.0006EPSS

Exploits0References9Affected Software1

Vulnrichment•added 2 days ago•1 views

CVE-2026-10690 wonderwhy-er DesktopCommanderMCP read_file filesystem.ts readFileFromUrl server-side request forgery

6.5CVSS6.2AI score0.00043EPSS

Exploits0References7

NVD•added 2 days ago•6 views

CVE-2026-8936

8.2CVSS0.00014EPSS

Exploits0References1

Vulnrichment•added 2 days ago•2 views

CVE-2026-8936 Unbounded recursion in grpcfuse kernel module allows container to crash Docker Desktop VM

8.2CVSS5.7AI score0.00014EPSS

Exploits0References1

ATTACKERKB•added 2 days ago•3 views

CVE-2026-8936

8.2CVSS5.7AI score0.00014EPSS

Exploits0References2Affected Software1

Cvelist•added 2 days ago•20 views

CVE-2026-8936 Unbounded recursion in grpcfuse kernel module allows container to crash Docker Desktop VM

8.2CVSS0.00014EPSS

Exploits0References1

CVE•added 2 days ago•14 views

CVE-2026-8936

CVE-2026-8936 describes an unbounded recursion in the grpcfuse kernel module that can cause a VM panic in the Docker Desktop VM when a container creates deeply nested directories on a bind-mounted host folder, triggering a dentry invalidation event. The issue has been fixed in Docker Desktop 4.76...

8.2CVSS5.7AI score0.00014EPSS

Exploits0References1

SUSE CVE•added 2 days ago•7 views

SUSE CVE-2026-44421

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdiCacheToSurface: it validates a destination rectangle that is clamped to UINT16MA...

8.8CVSS5.9AI score0.00051EPSS

Exploits1References3

SUSE CVE•added 2 days ago•7 views

SUSE CVE-2026-44422

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed object's expected NDR type or ownership. When the same ref-id is reused across two...

8.8CVSS5.8AI score0.00046EPSS

Exploits1References3

SUSE CVE•added 2 days ago•5 views

SUSE CVE-2026-45700

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/planar.c, freerdpbitmapdecompressplanar validates the X destination coordinate nXDst against the...

9.8CVSS5.9AI score0.00016EPSS

Exploits1References3

Positive Technologies•added 2 days ago•4 views

PT-2026-45868

Name of the Vulnerable Software and Affected Versions Docker Desktop versions prior to 4.76.0 Description A VM panic occurs due to unbounded recursion within the grpcfuse kernel module. This happens when a container creates deeply nested directories on a bind-mounted host folder and triggers a...

8.2CVSS5.8AI score0.00014EPSS

Exploits0References3

Positive Technologies•added 2 days ago•4 views

PT-2026-45884

A vulnerability was identified in wonderwhy-er DesktopCommanderMCP 0.2.37. This affects the function readFileFromUrl of the file src/tools/filesystem.ts of the component read file. Such manipulation of the argument url leads to server-side request forgery. The attack may be performed from remote...

6.5CVSS6.2AI score0.00043EPSS

Exploits0References8

Positive Technologies•added 2 days ago•3 views

PT-2026-45885

A security flaw has been discovered in wonderwhy-er DesktopCommanderMCP up to 0.2.38. This impacts an unknown function of the file src/search-manager.ts of the component start search. Performing a manipulation of the argument SearchResult results in inefficient regular expression complexity. It i...

5.3CVSS5.4AI score0.0006EPSS

Exploits0References10