CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 5 days ago•6 views

CVE-2026-9539

An out-of-bounds heap read and integer underflow in the TCP urgent data handling sosendoob in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments e.g., QEMU allows a privileged guest VM attacker root or CAPNETRAW to leak gigabytes of sensitive host-process heap memory v...

6.5CVSS0.00106EPSS

NVD•added 6 days ago•6 views

CVE-2026-12891

A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds read of up to 8 bytes from adjacent memory. This flaw allows an attacker to craft a malicious H.266...

4.3CVSS0.00265EPSS

OSV•added 6 days ago•3 views

UBUNTU-CVE-2026-12891

4.3CVSS5.7AI score0.00265EPSS

Exploits0References6

CVE•added 6 days ago•19 views

CVE-2026-12891

The CVE-2026-12891 issue affects the GStreamer gst-plugins-bad package, specifically the H.266/VVC parser. A malformed H.266/VVC stream with a crafted aspect ratio indicator value can cause an out-of-bounds read of up to 8 bytes from adjacent memory. This could enable an attacker to craft a malic...

4.3CVSS5.7AI score0.00265EPSS

Positive Technologies•added 6 days ago•10 views

PT-2026-51589

Name of the Vulnerable Software and Affected Versions GStreamer gst-plugins-bad affected versions not specified Description A flaw in the H.266 parser occurs when processing a malformed H.266/VVC video stream containing a crafted aspect ratio indicator value. This leads to an out-of-bounds read o...

4.3CVSS5.7AI score0.00265EPSS

Exploits0References9

Cvelist•added 2026/06/22 9:55 p.m.•23 views

CVE-2026-53923 vLLM GGUF Kernels: int64_t to int truncation of tensor dimensions causes GPU buffer overflow

vLLM is an inference and serving engine for large language models LLMs. From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels csrc/quantization/gguf/ggufkernel.cu causes partial tensor processing. The output tensor is allocated at full size via...

5.3CVSS0.00281EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm: amd: display: Fix memory leakage This commit addresses the memory leakage issue in the dcconstructctx function...

5.5CVSS5.7AI score0.00132EPSS

5.5CVSS6.3AI score0.00232EPSS

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Block: Initialize the integrity buffer to zero before writing it to the media. The metadata added by biointegrityprep uses the plain kmalloc function, which results in random kernel memory being written to the media. For PI...

5.3CVSS6.7AI score0.00496EPSS

Astra Linux – Vulnerability in grub2

A out-of-bounds read flaw was discovered in Grub2’s NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack can result in sensitive data cached in memory or EFI variabl...

Exploits1References2

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in Chromium

In Google Chrome versions prior to 142.0.7444.59, policy bypass in Extensions allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory through a crafted Chrome Extension. Chromium security severity: Medium...

5.9CVSS5.4AI score0.00152EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in Thunderbird, Firefox

On 64-bit CPUs, when the JIT compiler compiles WASM i32 return values, it may pick up bits from remaining memory. This could potentially lead to these values being treated as a different type. This vulnerability has been fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136...

7.6CVSS7AI score0.00294EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•1 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: xfrm/compat: prevented potential Spectre v1 exploits in xfrmxlate32attr int type = nlatypenla; if type XFRMAMAX return -EOPNOTSUPP; @type is then used as an array index and can be exploited as a Spectre v1 exploit. if nlalennl...

2.5CVSS5.4AI score0.00243EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fixed memory leakage This patch addresses potential memory leakage and segmentation faults in the gpuvmimportdmabuf function...

5.5CVSS5.2AI score0.00143EPSS

7.1CVSS6.1AI score0.00215EPSS

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: dma-direct: Leak pages on dmasetdecrypted failure In TDX, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the return of decrypted/membered pages. Callers...

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipv4: Prevent potential spectre v1 exploits in fibmetricsMatch if !type continue; if type RTAXMAX return false; ... fival = fi-fibmetrics-metricstype - 1; Since @type is used as an array index, we need to prevent CPU speculation ...

5.5CVSS6.1AI score0.00246EPSS

5.5CVSS5.8AI score0.00249EPSS

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ipv4: Prevent potential spectre v1 gadgets in ipmetricsconvert if !type continue; if type RTAXMAX return -EINVAL; ... metricstype - 1 = val; @type is used as an array index, and we need to prevent CPU speculation or risk leaking...

Github Security Blog•added 2026/06/19 12:31 a.m.•5 views

Duplicate Advisory: PraisonAI has Memory State Leakage and Path Traversal in MultiAgent Context Handling

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-766v-q9x3-g744. This link is maintained to preserve external references. Original Description PraisonAI before 1.5.115 contains a path traversal vulnerability in MultiAgentMonitor that fails to sanitize agent ID...

8.8CVSS6AI score0.00687EPSS

Exploits0References5Affected Software1

Snyk•added 2026/06/17 2:3 p.m.•9 views

Incorrect Conversion between Numeric Types

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Incorrect Conversion between Numeric Types in the ggmldequantize, ggmlmulmatveca8, ggmlmulmata8, and ggmlmoea8 functions when tensor dimensions are...

7.5CVSS5.9AI score0.00281EPSS