CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

735 matches found

Veracode•added 2026/05/23 5:11 a.m.•7 views

Remote Code Execution (RCE)

9router is vulnerable to Remote Code Execution RCE. The vulnerability is due to missing authentication checks on /api/cli-tools/ and /api/mcp/ endpoints, which allows an attacker to chain unauthenticated API calls and execute arbitrary OS commands remotely...

6.1AI score

Exploits0References1Affected Software1

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в net-snmp

Net-SNMP provides various tools related to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the INDEX in NET-SNMP-VACM-MIB could lead to an out-of-bounds memory access. A user with read-only credentials could exploit this issue. Version 5.9.2...

8.8CVSS7.2AI score0.00289EPSS

Exploits0References2

EUVD•added 2026/05/18 6:45 p.m.•5 views

EUVD-2026-30793

A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmpparseinboundframe of the file src/apps/snmp/snmpmsg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow. The attack may be...

10CVSS7.7AI score0.00286EPSS

Exploits1References6

ATTACKERKB•added 2026/05/18 6:45 p.m.•6 views

CVE-2026-8836

10CVSS7.7AI score0.00286EPSS

Exploits1References7

CNNVD•added 2026/05/14 12:0 a.m.•3 views

RMCP 访问控制错误漏洞

RMCP is an open-source Rust model context protocol SDK based on Tokio’s asynchronous runtime. Versions prior to RMCP 1.4.0 contained an access control vulnerability. This vulnerability stemmed from the Streamable HTTP server transmitting unvalidated incoming Host headers, allowing malicious publi...

8.8CVSS5.8AI score0.00006EPSS

Exploits0References1

RedhatCVE•added 2026/05/13 8:23 p.m.•4 views

CVE-2026-44863

SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into...

7.2CVSS6.2AI score0.00037EPSS

Exploits0References1

RedhatCVE•added 2026/05/13 8:23 p.m.•5 views

CVE-2026-44862

7.2CVSS6.2AI score0.00037EPSS

Exploits0References1

RedhatCVE•added 2026/05/13 8:23 p.m.•4 views

CVE-2026-44864

7.2CVSS6.2AI score0.00037EPSS

Exploits0References1

NVD•added 2026/05/13 4:16 p.m.•3 views

CVE-2026-42924

An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects through iControl SOAP resulting in privilege escalation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00073EPSS

Exploits0References1

Cvelist•added 2026/05/13 2:12 p.m.•24 views

CVE-2026-40698 iControl REST and TMSH vulnerability

A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell tmsh resulting in privilege escalation. Note: Software versions which...

8.7CVSS0.00073EPSS

Exploits0References1

EUVD•added 2026/05/12 9:31 p.m.•3 views

EUVD-2026-29814

7.2CVSS6.2AI score0.00037EPSS

Exploits0References2

EUVD•added 2026/05/12 9:31 p.m.•6 views

EUVD-2026-29812

7.2CVSS6.2AI score0.00037EPSS

Exploits0References2

EUVD•added 2026/05/12 9:31 p.m.•4 views

EUVD-2026-29810