CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/06/10 3:16 p.m.•13 views

CVE-2026-45552

9.9CVSS0.00267EPSS

Vulnrichment•added 2026/06/10 1:59 p.m.•6 views

CVE-2026-45552 Roxy-WI: Cross-tenant authorization bypass on /install/* — guest can run Ansible / SSH on every registered server

9.9CVSS5.5AI score0.00267EPSS

CVE•added 2026/06/10 1:59 p.m.•13 views

CVE-2026-45552

CVE-2026-45552 affects Roxy-WI web interface (versions up to 8.2.6.4). The install blueprint allows bp.before_request → @jwt_required(), but several endpoints under /install/* (install_exporter, install_waf, install_geoip, check_geoip, get_exporter_version, get_task_status) lack admin/ownership c...

9.9CVSS5.5AI score0.00267EPSS

CNNVD•added 2026/06/10 12:0 a.m.•12 views

Roxy-WI 安全漏洞

Roxy-WI is an open-source web interface designed for managing Haproxy, Nginx, and Keepalived servers. Roxy-WI versions 8.2.6.4 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of role and group checks in the installation process for Blueprint endpoints. Any...

9.9CVSS5.3AI score0.00267EPSS

Exploits0References2

Fedora•added 2026/06/01 12:49 a.m.•29 views

[SECURITY] Fedora 44 Update: suricata-8.0.5-1.fc44

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

RedHat Linux•added 2026/05/23 5:23 a.m.•18 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nginx: nginx-1.30.2-1.hum1 aarch64, x8664 nginx-all-modules-1.30.2-1.hum1 noarch nginx-core-1.30.2-1.hum1 aarch64, x8664 nginx-filesystem-1.30.2-1.hum1 noarch nginx-mod-devel-1.30.2-1.hum1 aarch6...

9.2CVSS5.8AI score0.014EPSS

Exploits6References6

RedHat Linux•added 2026/05/14 1:30 a.m.•10 views

Critical: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nginx: nginx-1.30.1-1.hum1 aarch64, x8664 nginx-all-modules-1.30.1-1.hum1 noarch nginx-core-1.30.1-1.hum1 aarch64, x8664 nginx-filesystem-1.30.1-1.hum1 noarch nginx-mod-devel-1.30.1-1.hum1 aarch6...

9.2CVSS6AI score0.23018EPSS

Exploits39References3

OPENSUSE Linux•added 2026/04/23 12:0 a.m.•3 views

Security update for tor (moderate)

openSUSE Security Update: Security update for tor Announcement ID: openSUSE-SU-2026:0147-1 Rating: moderate References: 1262301 1262302 Affected Products: openSUSE Backports SLE-15-SP6 openSUSE Backports SLE-15-SP7 An update that contains security fixes can now be installed. Description: This...

Tenable Nessus•added 2026/04/22 12:0 a.m.•2 views

openSUSE 16 Security Update : tor (openSUSE-SU-2026:20589-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20589-1 advisory. Changes in tor: - update to 0.4.8.23: Fix a memory compare using the wrong length. This could lead to a remote crash when using the conflux subsystem...

OSV•added 2026/04/20 6:28 p.m.•2 views

Exploits0References2

OPENSUSE-SU-2026:20589-1 Security update for tor

This update for tor fixes the following issues: Changes in tor: - update to 0.4.8.23: Fix a memory compare using the wrong length. This could lead to a remote crash when using the conflux subsystem TROVE-2026-004, boo1262302 Fix a series of defense in depth security issues found across the codeba...

Elastic•added 2026/04/08 4:32 p.m.•9 views

Exploits0References2

Logstash 8.19.14, 9.2.8, 9.3.3 Security Update (ESA-2026-29)

Improper Limitation of a Pathname to a Restricted Directory in Logstash Leading to Arbitrary File Write Improper Limitation of a Pathname to a Restricted Directory CWE-22 in Logstash can lead to arbitrary file write and potentially remote code execution via Relative Path Traversal CAPEC-139. The...

9.8CVSS6.6AI score0.00545EPSS

Fedora•added 2026/03/28 12:46 a.m.•7 views

[SECURITY] Fedora 43 Update: suricata-7.0.15-1.fc43

5.9AI score

Fedora•added 2026/03/28 12:19 a.m.•5 views

[SECURITY] Fedora 44 Update: suricata-8.0.4-1.fc44

5.9AI score

Oracle linux•added 2026/03/24 12:0 a.m.•12 views

nginx:1.24 security update

1.24.0-2.0.1 - Remove Red Hat references Orabug: 29498217 1:1.24.0-2 - Resolves: RHEL-146517 - nginx:1.24/nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 1:1.24.0-1 - Resolves: RHEL-14714 - add nginx:1.24 to RHEL 8.10 1:1.22.1-2 - Resolves:...

8.2CVSS6AI score0.99999EPSS

Exploits29

vulnersOsv•added 2025/11/28 12:0 p.m.•2 views

actix-web-location (>=0.1.0 <=0.7.0), bext-waf (=0.2.0) +18 more potentially affected by unknown CVE via maxminddb (>=0.12.0 <=0.24.0)

maxminddb CARGO version =0.12.0, =0.1.0, =0.1.3, =1.5.1, =0.1.0, =0.7.0, =0.4.0, =0.0.1, =0.1.8, =0.3.0, =0.5.0, =0.1.0, =0.1.0, =0.1.0, =0.5.7 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0132...

5.5AI score

EUVD•added 2025/11/24 4:31 p.m.•4 views

EUVD-2025-198946

Malicious code in @posthog/geoip-plugin npm...

6.6AI score