CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/02/03 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-21947

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u471-b50. Difficult to exploit vulnerability allows...

3.1CVSS6.8AI score0.00065EPSS

Exploits0References2

Tenable Nessus•added 2026/02/03 12:0 a.m.•2 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : OpenJDK 21 vulnerabilities (USN-8002-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8002-1 advisory. It was discovered that the RMI component of OpenJDK 21 would establish RMI TCP endpoint connections to a remote host...

7.5CVSS6.1AI score0.00089EPSS

Ubuntu•added 2026/02/02 11:31 p.m.•4 views

USN-8002-1: OpenJDK 21 vulnerabilities

It was discovered that the RMI component of OpenJDK 21 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

OSV•added 2026/02/02 11:25 p.m.•0 views

USN-8001-1 openjdk-lts vulnerabilities

It was discovered that the RMI component of OpenJDK 11 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6.6AI score0.00089EPSS

Ubuntu•added 2026/02/02 11:2 p.m.•11 views

USN-8000-1: OpenJDK 8 vulnerabilities

It was discovered that the RMI component of OpenJDK 8 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

OSV•added 2026/02/02 6:10 p.m.•0 views

USN-7997-1 openjdk-17-crac vulnerabilities

It was discovered that the RMI component of CRaC JDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

7.5CVSS6.6AI score0.00089EPSS

Ubuntu•added 2026/02/02 6:5 p.m.•1 views

USN-7996-1: CRaC JDK 25 vulnerabilities

It was discovered that the RMI component of CRaC JDK 25 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

Ubuntu•added 2026/02/02 5:59 p.m.•2 views

USN-7995-1: OpenJDK 25 vulnerabilities

It was discovered that the RMI component of OpenJDK 25 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...

Tenable Nessus•added 2026/01/31 12:0 a.m.•4 views

SUSE SLES12 Security Update : java-11-openjdk (SUSE-SU-2026:0341-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0341-1 advisory. Upgrade to upstream tag jdk-11.0.30+7 January 2026 CPU Security fixes: - CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. -...

7.5CVSS5.9AI score0.00089EPSS

Exploits0References14

OSV•added 2026/01/30 3:26 p.m.•0 views

SUSE-SU-2026:20215-1 Security update for java-25-openjdk

This update for java-25-openjdk fixes the following issues: Update to upstream tag jdk-25.0.2+10 January 2026 CPU Security fixes: - CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. - CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036. - CVE-2026-21933: Fixed...

7.5CVSS5.8AI score0.00089EPSS

Exploits0References9

SUSE Linux•added 2026/01/29 2:58 p.m.•5 views

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.30+7 January 2026 CPU Security fixes: CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036. CVE-2026-21933: Fixed Oracle...

7.5CVSS5.8AI score0.00089EPSS

Exploits0References20

OSV•added 2026/01/28 5:1 p.m.•0 views

SUSE-SU-2026:20190-1 Security update for java-21-openjdk

This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.10+7 January 2026 CPU Security fixes: - CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. - CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036. - CVE-2026-21933: Fixed...

7.5CVSS5.8AI score0.00089EPSS

Exploits0References9

F5 Networks•added 2026/01/27 5:4 a.m.•8 views

K000159716: Oracle Java SE vulnerability CVE-2026-21947

Security Advisory Description Vulnerability in Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u471-b50. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successf...

3.1CVSS6.4AI score0.00065EPSS

Tenable Nessus•added 2026/01/27 12:0 a.m.•5 views

OpenJDK 8 <= 8u472 / 11.0.0 <= 11.0.29 / 17.0.0 <= 17.0.17 / 21.0.0 <= 21.0.9 / 25.0.0 <= 25.0.1 Multiple Vulnerabilities (2026-01-20)

The version of OpenJDK installed on the remote host is 8 prior to 8u472 / 11.0.0 prior to 11.0.29 / 17.0.0 prior to 17.0.17 / 21.0.0 prior to 21.0.9 / 25.0.0 prior to 25.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the 2026-01-20 advisory. Please Note: Java CVEs do...

7.5CVSS6.1AI score0.00089EPSS