CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

581 matches found

SUSE CVE•added 2 days ago•5 views

SUSE CVE-2026-25680

Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service...

7.5CVSS5.9AI score0.00061EPSS

Exploits0References3

Tenable Nessus•added 2 days ago•5 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-42502)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-42502 advisory. - Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML...

6.1CVSS6AI score0.00031EPSS

Exploits0References1

Tenable Nessus•added 6 days ago•5 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-27136)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-27136 advisory. - Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML...

6.1CVSS6AI score0.00031EPSS

Exploits0References1

Tenable Nessus•added 6 days ago•8 views

SUSE SLES15 Security Update : yq (SUSE-SU-2026:2096-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2096-1 advisory. This update for yq fixes the following issues - CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be...

7.5CVSS7.1AI score0.00018EPSS

Exploits1References13

Tenable Nessus•added 6 days ago•8 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-42506)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-42506 advisory. - Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML...

6.1CVSS6AI score0.00032EPSS

Exploits0References1

SUSE Linux•added 2026/05/27 2:20 p.m.•5 views

Security update for yq

This update for yq fixes the following issues CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction bsc1241719. CVE-2025-47911: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTML...

7.5CVSS6.8AI score0.00018EPSS

Exploits1References16

OSV•added 2026/05/27 2:20 p.m.•5 views

SUSE-SU-2026:2096-1 Security update for yq

This update for yq fixes the following issues - CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction bsc1241719. - CVE-2025-47911: golang.org/x/net/html: various algorithms with quadratic complexity when parsing HTM...

7.5CVSS5.8AI score0.00018EPSS

Exploits1References9

Microsoft CVE•added 2026/05/27 8:6 a.m.•7 views

Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html

...

6.5CVSS5.8AI score0.00061EPSS

Exploits0

Tenable Nessus•added 2026/05/27 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-25680

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Note that Nessus relies on the presence of the...

6.5CVSS6AI score0.00061EPSS

Exploits0References2

Tenable Nessus•added 2026/05/27 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-25681

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications...

6.1CVSS6AI score0.00031EPSS

Exploits0References2

Tenable Nessus•added 2026/05/26 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-42502

6.1CVSS6AI score0.00031EPSS

Exploits0References2

Snyk•added 2026/05/22 5:42 p.m.•4 views

Inefficient Algorithmic Complexity

Overview github.com/golang/net/html is a package that implements an HTML5-compliant tokenizer and parser. Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in parse.go, when checking attributes iteratively. An attacker can cause excessive CPU consumption by...

6.5CVSS5.8AI score0.00061EPSS

Exploits0References3

NVD•added 2026/05/22 4:16 p.m.•4 views

CVE-2026-27136

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

6.1CVSS0.00031EPSS

Exploits0References4

NVD•added 2026/05/22 4:16 p.m.•2 views

CVE-2026-42502

6.1CVSS0.00031EPSS

Exploits0References4

OSV•added 2026/05/22 4:16 p.m.•2 views

DEBIAN-CVE-2026-27136

6.1CVSS6AI score0.00031EPSS

Exploits0References1

OSV•added 2026/05/22 4:16 p.m.•1 views

DEBIAN-CVE-2026-42506