CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/02/06 12:0 a.m.•3 views

PT-2026-6950

CVE-2026-25693 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-25693 Published : Feb. 6, 2026, 4:15 a.m. | 32 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.5AI score

Positive Technologies•added 2026/02/06 12:0 a.m.•4 views

PT-2026-6952

CVE-2026-25695 - Apache HTTP Server Information Disclosure CVE ID : CVE-2026-25695 Published : Feb. 6, 2026, 4:15 a.m. | 32 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.5AI score

Positive Technologies•added 2026/02/06 12:0 a.m.•5 views

PT-2026-6949

CVE-2026-25692 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-25692 Published : Feb. 6, 2026, 4:15 a.m. | 32 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

5.5AI score

Veracode•added 2026/02/05 4:59 a.m.•6 views

OS Command Injection

Apache HTTP Server is vulnerable to OS Command Injection. The vulnerability is due to improper handling of shell-escaped query strings when Server Side Includes SSI with exec cmd="..." are used alongside modcgid, which allows an attacker to inject and execute arbitrary system commands by crafting...

8.3CVSS5.9AI score0.00018EPSS

Exploits0References3Affected Software2

Tenable Nessus•added 2026/02/04 12:0 a.m.•3 views

Ubuntu 25.10 : CRaC JDK 17 vulnerabilities (USN-7997-1)

The remote Ubuntu 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7997-1 advisory. It was discovered that the RMI component of CRaC JDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint...

Positive Technologies•added 2026/02/04 12:0 a.m.•5 views

PT-2026-37040

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.67 Description A heap-based buffer overflow exists in the mod proxy ajp module. If mod proxy ajp connects to a malicious AJP server, that server can send a crafted AJP message causing the system to writ...

10CVSS6AI score0.00648EPSS

Exploits1References95

Tenable Nessus•added 2026/02/04 12:0 a.m.•2 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : OpenJDK 17 vulnerabilities (USN-7998-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7998-1 advisory. It was discovered that the RMI component of OpenJDK 17 would establish RMI TCP endpoint connections to a remo...

7.5CVSS6.1AI score0.00089EPSS

OSV•added 2026/02/03 10:51 a.m.•5 views

CLSA-2026-1770115899 java-17-openjdk: Fix of 5 CVEs

Update to jdk-17.0.18+8 GA - CVE-2026-21925: improve JMX connections - CVE-2026-21933: improve HttpServer Request handling - CVE-2026-21945: enhance Certificate Checking - CVE-2025-64720: libpng: fix buffer overflow - CVE-2025-65018: libpng: fix heap buffer overflow...

Ubuntu•added 2026/02/03 12:56 a.m.•3 views

Exploits5References1

USN-7998-1: OpenJDK 17 vulnerabilities

It was discovered that the RMI component of OpenJDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6AI score0.00089EPSS

Exploits0

Tenable Nessus•added 2026/02/03 12:0 a.m.•2 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : OpenJDK 11 vulnerabilities (USN-8001-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8001-1 advisory. It was discovered that the RMI component of OpenJDK 11 would establish RMI TCP endpoint connections to a remo...

7.5CVSS6.1AI score0.00089EPSS

Tenable Nessus•added 2026/02/03 12:0 a.m.•2 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : OpenJDK 21 vulnerabilities (USN-8002-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8002-1 advisory. It was discovered that the RMI component of OpenJDK 21 would establish RMI TCP endpoint connections to a remote host...

7.5CVSS6.1AI score0.00089EPSS

OSV•added 2026/02/02 11:40 p.m.•1 views

USN-8003-1 openjdk-21-crac vulnerabilities

It was discovered that the RMI component of CRaC JDK 21 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

OSV•added 2026/02/02 11:31 p.m.•3 views

USN-8002-1 openjdk-21 vulnerabilities

It was discovered that the RMI component of OpenJDK 21 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...