CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2 days ago•23 views

CVE-2025-71338 Flowise - Arbitrary File Write to Remote Code Execution via document-store API

10CVSS

RedhatCVE•added 2 days ago•4 views

CVE-2026-53047

A flaw was found in the Linux kernel's EFI Extensible Firmware Interface capsule loader. An incorrect size calculation during memory reallocation for physical addresses can lead to an undersized buffer. This issue, specifically on 32-bit systems with Physical Address Extension PAE, may result in ...

5.5CVSS6.3AI score0.00195EPSS

Exploits0References4

OSSF Malicious Packages•added 2 days ago•5 views

Malicious code in base58-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c10874ae13f1937b6974bcaaec72996e54f85fc3de6bf5e53d732f6e1f37c8a3 The package presents itself as a Base58 encoder/decoder but on require arms a malicious payload that is time-gated to activate 72 hours after first...

CVE•added 2 days ago•5 views

Exploits0References4

CVE-2025-60464

GPAC MP4Box contains a use-after-free in gf_sei_load_from_state_internal (in /filters/sei_load.c) affecting builds before 26.02.0. This vulnerability can allow a Denial of Service when processing a crafted MPEG-2 TS file. The issue is described across multiple sources (NVD/NVD variant, AttackersK...

7.8CVSS5.9AI score

Exploits0References6

EUVD•added 3 days ago•3 views

EUVD-2026-38915

In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect sizeof in phys array reallocation The krealloc call for capinfo-phys in eficapsulesetupinfo uses sizeofphysaddrt instead of sizeofphysaddrt, which might be causing an undersized allocation. The...

6AI score0.00195EPSS

Exploits0References8

CVE•added 3 days ago•7 views

CVE-2026-53047

CVE-2026-53047 affects the Linux kernel’s efi/capsule-loader. The vulnerability arises from a mis-sized allocation in __efi_capsule_setup_info(): the krealloc() for cap_info->phys uses sizeof(phys_addr_t *) instead of sizeof(phys_addr_t). This can produce an undersized allocation, inconsistent...

6AI score0.00195EPSS

Exploits0References8

OSSF Malicious Packages•added 3 days ago•8 views

Malicious code in bn-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c14057d91b2283926b2b0c1093a66db17c40efbd0ceb21c29b0bdbfa79736da5 Package is published as 'bn-lint' but ships a verbatim copy of MikeMcl/big.js README, source, version banner v7.0.1, and repo URL all identify as...

Cvelist•added 4 days ago•35 views

CVE-2026-54018 Open WebUI: SSRF Protection Bypass in Playwright Web Loader via HTTP Redirects

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the SafePlaywrightURLLoader implements a validateurl function to prevent SSRF attacks by checking the IP address of the user-provided URL. However, this validation is performed only ...

7.7CVSS0.00292EPSS

Exploits1References1

CVE•added 4 days ago•17 views

CVE-2026-54018

Open WebUI (self-hosted offline AI) contains SSRF protection bypass in the Playwright Web Loader prior to version 0.9.6. The validator checks only the initial URL; Playwright follows redirects (301/302) by default, allowing an attacker-supplied URL that redirects to internal addresses (e.g., loca...

7.7CVSS5.9AI score0.00292EPSS

Exploits1References1Affected Software1

OSSF Malicious Packages•added 4 days ago•5 views

Malicious code in ts-grok (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a981e7e3ba27d859a2c536cbc25c04ebece92e1992035226ea9246d8bd381f1d Package ts-grok ships a verbatim copy of big.js v7.0.1 same banner, author 'Michael Mclaughlin', repository URL https://github.com/MikeMcl/big.js.git...

5.8AI score

ATTACKERKB•added 5 days ago•4 views

CVE-2026-54293

NLTK Natural Language Toolkit is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing. Prior to 3.10.0-rc1, nltk.data.load in NLTK is vulnerable to path traversal via URL-encoded path separators and traversal segments...

7.5CVSS6AI score0.00438EPSS

Exploits1References3Affected Software1

CVE•added 5 days ago•67 views

CVE-2026-53550

js-yaml vulnerability CVE-2026-53550 stems from the merge-key handling (<<) in lib/loader.js, causing quadratic parse-time DoS when processing crafted YAML with repeated aliases prior to version 4.2.0. Affected: js-yaml

5.3CVSS5.8AI score0.00251EPSS

Exploits1References1Affected Software1

OSV•added 5 days ago•3 views

MAL-2026-6313 Malicious code in @zynkit/jwtbytes (npm)

@zynkit/jwtbytes malicious version 0.5.3, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern...

6.5AI score

OSSF Malicious Packages•added 5 days ago•7 views

Malicious code in @glitchpad/throttler (npm)

@glitchpad/throttler malicious version 2.2.3, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern...

OSSF Malicious Packages•added 5 days ago•8 views

Malicious code in @zynkit/jwtbytes (npm)

6.5AI score

OSV•added 5 days ago•3 views

MAL-2026-6307 Malicious code in @glitchpad/throttler (npm)