CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2 days ago•6 views

EUVD-2026-38369

Capgo before 12.128.2 contains a weak parsing vulnerability in the x-limited-key-id header that allows attackers to bypass subkey enforcement by submitting malformed values, zero, or duplicate headers that result in NaN or falsy values. Remote attackers can manipulate the x-limited-key-id header ...

6.4CVSS5.9AI score0.00251EPSS

Exploits0References2

RedhatCVE•added 2 days ago•5 views

CVE-2026-8358

A heap-based buffer overflow vulnerability was discovered in LibreOffice Calc's spreadsheet importer. When processing tracked changes from a spreadsheet document, the application fails to properly handle duplicate change identifiers. By reusing the same change identifier for two distinct types of...

6.9CVSS6.1AI score0.00171EPSS

Tenable Nessus•added 4 days ago•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-54388

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple Content- Length headers with differing values, forwarding all...

9.3CVSS6.1AI score0.00386EPSS

OSSF Malicious Packages•added 5 days ago•5 views

Malicious code in @briskforge/envcheck (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09dba573f5d6cb00b09562870f2148b3e539786f5d801f2a263338301d759313 The package advertises itself as a tiny environment-variable validator but ships lib/preflight.js, a heavily obfuscated obfuscator.io string-array...

5.9AI score

AstraLinux•added 5 days ago•7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: md/raid5: Unnecessary bioput calls in raid5readonechunk have been removed. When performing chunk-sized reads on disks with badblocks, it was observed that calls to biofree and bioput were duplicated...

5.9AI score0.002EPSS

AstraLinux•added 5 days ago•3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ubi: fastmap: Fixed duplicate slab cache names during attachment Since commit 4c39529663b9 “slab: Warns about duplicate cache names when DEBUGVM=y”, duplicate slab cache names can be detected, and a kernel warning is issued. In t...

5.5CVSS6.3AI score0.00242EPSS

Exploits0References2

EUVD•added 5 days ago•7 views

EUVD-2026-37961

PraisonAI before 1.5.115 contains an information disclosure vulnerability in the MultiAgentLedger component that allows attackers to access sensitive data by registering agents with duplicate IDs. Attackers can exploit the lack of agent ID uniqueness enforcement to share ledger instances and expo...

7.1CVSS5.2AI score0.00256EPSS

NVD•added 6 days ago•12 views

CVE-2026-56077

7.1CVSS0.00256EPSS

CVE•added 6 days ago•17 views

CVE-2026-56077

CVE-2026-56077 concerns PraisonAI before 1.5.115, where an information disclosure vulnerability exists in the MultiAgentLedger component. The root cause is failure to enforce unique agent IDs during registration, enabling attackers to share ledger instances and access sensitive data including sys...

7.1CVSS5.2AI score0.00256EPSS

Cvelist•added 6 days ago•19 views

CVE-2026-56077 PraisonAI - Information Disclosure via Shared MultiAgentLedger State

7.1CVSS0.00256EPSS

Positive Technologies•added 6 days ago•10 views

PT-2026-50808

Name of the Vulnerable Software and Affected Versions PraisonAI versions prior to 1.5.115 Description An information disclosure issue exists in the MultiAgentLedger component. The system fails to enforce the uniqueness of agent IDs, allowing attackers to register agents with duplicate IDs. This...

7.1CVSS5.9AI score0.00256EPSS

Exploits0References6

Cvelist•added last week•16 views

CVE-2026-54388 Tinyproxy - HTTP Request Smuggling via Duplicate Content-Length Headers

Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple Content-Length headers with differing values, forwarding all duplicate headers to the backend while using the first value to determine how many request body bytes to consume. Remote attackers can...

9.3CVSS0.00386EPSS

Debian CVE•added last week•6 views

CVE-2026-54388

9.3CVSS5.6AI score0.00386EPSS

Exploits0

CVE•added last week•13 views

CVE-2026-54388

Tinyproxy (≤ 1.11.3) is affected by CVE-2026-54388. The issue occurs when a request contains multiple Content-Length headers with differing values: Tinyproxy forwards all duplicate headers to the backend but uses the first value to determine how many body bytes to consume. This desynchronizes pro...

9.3CVSS5.6AI score0.00386EPSS

RedHat Linux•added 2026/06/16 4:53 p.m.•2 views

gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS5.3AI score0.01078EPSS

NVD•added 2026/06/15 6:16 p.m.•8 views

CVE-2026-8358

LibreOffice Calc can import tracked changes from a spreadsheet document. A heap buffer overflow existed when a document reused the same change identifier for two different kinds of change. The importer then treated one change object as a different, larger type and wrote past the end of its...

6.9CVSS0.00171EPSS

CVE•added 2026/06/15 4:24 p.m.•16 views

CVE-2026-8358

CVE-2026-8358 affects LibreOffice Calc during import of tracked changes. A heap buffer overflow occurs when a document reuses the same change identifier for two different kinds of changes; the importer may treat one change object as a larger type and write past the end of its allocation. The vuln...

6.9CVSS5.6AI score0.00171EPSS

Vulnrichment•added 2026/06/15 4:24 p.m.•4 views

CVE-2026-8358 Heap buffer overflow in spreadsheet tracked-changes import

6.9CVSS5.6AI score0.00171EPSS