CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2 days ago•11 views

CVE-2026-2604 Evolution-data-server: evolution data server: arbitrary file deletion via inconsistent uri handling

5.6CVSS0.00304EPSS

Exploits0References3

CVE•added 2 days ago•38 views

CVE-2026-2604

Summary: CVE-2026-2604 affects evolution-data-server. An inconsistent comparison logic in the addressbook backend lets a Flatpak/D-Bus user craft a malicious URI with directory traversal sequences. This URI is stored during contact creation/modification and later rechecked with lower strictness d...

5.6CVSS5.4AI score0.00304EPSS

OSV•added 6 days ago•6 views

OESA-2026-2633 evolution-data-server security update

The evolution-data-server package provides a personal information management application that provides integrated mail, calendaring and address book functionality. The evolution-data-server package provides a single database for common, desktop-wide information, such as a user's address book or...

5.6CVSS5.5AI score0.00304EPSS

Exploits0References2

OSV•added 6 days ago•4 views

OESA-2026-2632 evolution-data-server security update

5.6CVSS5.5AI score0.00304EPSS

Exploits0References2

OSV•added 6 days ago•7 views

RHSA-2026:25381 Red Hat Security Advisory: flatpak security update

Bulletin has no description...

9CVSS5.5AI score0.01636EPSS

Exploits0References13

Tenable Nessus•added 6 days ago•6 views

RHEL 8 : flatpak (RHSA-2026:25381)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25381 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak:...

RedHat Linux•added 2026/06/11 7:28 p.m.•7 views

Important: Red Hat Security Advisory: flatpak security update

An update for flatpak is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

10CVSS7.9AI score0.01636EPSS

Exploits0References3

RedHat Linux•added 2026/06/11 7:28 p.m.•5 views

flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options

A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. A malicious application could exploit this by using specially crafted symlinks within the sandbox-expose options of the Flatpak portal. This allows the application to access arbitrary host files and potentiall...

10CVSS8AI score0.01636EPSS

RedHat Linux•added 2026/06/11 7:28 p.m.•4 views

flatpak: Flatpak: Arbitrary file deletion on host via improper cache file path validation

A flaw was found in Flatpak, a Linux application sandboxing and distribution framework. The caching mechanism for ld.so dynamic linker/loader improperly removes outdated cache files without adequately verifying that the application-controlled path to the outdated cache is within the designated...

8.7CVSS5.6AI score0.00323EPSS

OSV•added 2026/06/11 10:9 a.m.•4 views

RHSA-2026:25068 Red Hat Security Advisory: flatpak security update

Bulletin has no description...

9CVSS5.6AI score0.01636EPSS

Exploits0References13

RedHat Linux•added 2026/06/10 1:13 p.m.•6 views

Important: Red Hat Security Advisory: flatpak security update

An update for flatpak is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

10CVSS7.9AI score0.01636EPSS

Exploits0References3

RedHat Linux•added 2026/06/10 1:13 p.m.•6 views

flatpak: Flatpak: Arbitrary file deletion on host via improper cache file path validation

8.7CVSS5.6AI score0.00323EPSS

RedHat Linux•added 2026/06/10 1:13 p.m.•4 views

flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options

10CVSS8AI score0.01636EPSS

Tenable Nessus•added 2026/06/10 12:0 a.m.•4 views

RHEL 8 : flatpak (RHSA-2026:25068)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25068 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak:...

Tenable Nessus•added 2026/06/06 12:0 a.m.•6 views

RHEL 9 : flatpak (RHSA-2026:23418)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23418 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak:...

Tenable Nessus•added 2026/06/06 12:0 a.m.•4 views

RHEL 9 : flatpak (RHSA-2026:23419)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23419 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak:...

Tenable Nessus•added 2026/06/06 12:0 a.m.•5 views

RHEL 9 : flatpak (RHSA-2026:23417)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23417 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak:...

Tenable Nessus•added 2026/06/06 12:0 a.m.•4 views

RHEL 10 : flatpak (RHSA-2026:23420)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:23420 advisory. Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak:...