CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present malformed UTF-8 header data. Information might be divulged within an error message produced during handling of an unrelated e-mail message...

5.3CVSS6AI score0.00246EPSS

Exploits0References5

Rockylinux•added 2026/04/29 6:0 a.m.•7 views

libxml2 security update

An update is available for libxml2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...

6.2CVSS5.4AI score0.00144EPSS

Exploits0

OSV•added 2026/04/28 10:30 p.m.•3 views

MINI-4MXH-FM5F-P36F

Bulletin has no description...

6.1CVSS4.8AI score0.0024EPSS

Exploits0

OSV•added 2026/04/28 12:0 p.m.•2 views

MINI-8HV2-2CQW-95J4

Bulletin has no description...

8.7CVSS4.8AI score0.0043EPSS

Exploits0

OSV•added 2026/04/28 10:0 a.m.•4 views

MINI-RQG7-6GQM-Q4R5

Bulletin has no description...

6.9CVSS4.8AI score0.00494EPSS

Exploits0

OSV•added 2026/04/28 7:16 a.m.•4 views

UBUNTU-CVE-2026-40356

In MIT Kerberos 5 aka krb5 before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gssacceptseccontext on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process t...

5.9CVSS5.8AI score0.0046EPSS

Exploits0References2

OSV•added 2026/04/28 6:14 a.m.•3 views

BELL-CVE-2026-31678

Bulletin has no description...

7.8CVSS5AI score0.00096EPSS

Exploits0References1

OSV•added 2026/04/28 3:17 a.m.•5 views

MINI-49GX-WCJC-49QV

Bulletin has no description...

3.1CVSS4.8AI score0.00207EPSS

Exploits0

OSV•added 2026/04/27 10:45 p.m.•3 views

MINI-H7CG-5P9C-46F7

Bulletin has no description...

7.5CVSS4.8AI score0.01027EPSS

Exploits0

OSV•added 2026/04/27 10:30 p.m.•3 views

MINI-WX82-86PC-79F8

Bulletin has no description...

7.5CVSS4.9AI score0.00329EPSS

Exploits1

OSV•added 2026/04/27 6:33 p.m.•5 views

JLSEC-2026-272

Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequenc...

8.1CVSS6.2AI score0.00631EPSS

Exploits0References6

OSV•added 2026/04/27 3:16 p.m.•5 views

DEBIAN-CVE-2026-6357

pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update functionality to run...

5.3CVSS5.3AI score0.00138EPSS

Exploits0References1

OSV•added 2026/04/27 3:16 p.m.•2 views

UBUNTU-CVE-2026-6357

5.3CVSS5.8AI score0.00138EPSS

Exploits0References3

OSV•added 2026/04/26 9:1 a.m.•3 views

MINI-7672-V4MM-PPGX

Bulletin has no description...

6.3CVSS4.8AI score0.00395EPSS

Exploits0

OSV•added 2026/04/26 3:0 a.m.•5 views