CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 4 days ago•4 views

CVE-2026-27671 Memory Corruption vulnerability in Application Server ABAP of SAP NetWeaver and ABAP Platform

9.8CVSS5.5AI score0.00042EPSS

OSV•added 4 days ago•4 views

DEBIAN-CVE-2026-11696

Uninitialized Use in Video in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.5AI score0.00028EPSS

NVD•added 4 days ago•4 views

CVE-2026-11696

5.3CVSS0.00028EPSS

OSV•added 4 days ago•5 views

DEBIAN-CVE-2026-11678

Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.5AI score0.00028EPSS

NVD•added 4 days ago•6 views

CVE-2026-11678

5.3CVSS0.00028EPSS

NVD•added 4 days ago•10 views

CVE-2026-11669

Out of bounds read in Media in Google Chrome on ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS0.00028EPSS

OSV•added 4 days ago•3 views

DEBIAN-CVE-2026-11669

5.3CVSS5.5AI score0.00028EPSS

Zero Day Initiative•added 4 days ago•5 views

Progress Software Kemp LoadMaster dodelapikey Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is required to exploit this vulnerability. The specific flaw exists within the dodelapikey method. The issue results from the lack of proper...

8.8CVSS7.8AI score0.00438EPSS

Positive Technologies•added 4 days ago•7 views

PT-2026-47758

In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tun xdp one tun xdp one returns -EINVAL on a frame shorter than ETH HLEN without freeing the page that vhost net build xdp allocated for it. tun sendmsg discards that -EINVAL and still...

5.4AI score0.00018EPSS

Exploits0References5

Tenable Nessus•added 4 days ago•5 views

RHEL 10 : thunderbird (RHSA-2026:24719)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:24719 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Memory safety bugs fixed in Firefox E...

9.6CVSS6AI score0.00054EPSS

Exploits0References10

Tenable Nessus•added 4 days ago•5 views

EulerOS 2.0 SP11 : mesa (EulerOS-SA-2026-2217)

According to the versions of the mesa packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an...

9.8CVSS5.5AI score0.00057EPSS

Tenable Nessus•added 4 days ago•4 views

EulerOS 2.0 SP11 : mesa (EulerOS-SA-2026-2254)

9.8CVSS5.5AI score0.00057EPSS

Amd•added 4 days ago•6 views

AMD uProf Vulnerabilities

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2026-0466| Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service...

6.8CVSS5.4AI score0.00014EPSS

Amd•added 4 days ago•5 views

ASP non-Coherent Memory Access

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54509| Improper access control for register interface in the input-output memory management unit IOMMU could allow a privileged attacker to cause non-coherent accesses by the AMD Secure...

4CVSS5.4AI score0.00012EPSS

Redos•added 4 days ago•3 views

ROS-20260609-73-0009

The vulnerability of the ngxhttpsslmodule module in NGINX Plus and NGINX Open Source web servers is related to the use of memory after deallocation. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality and accessibility of protected information...

6.3CVSS5.5AI score0.00044EPSS

Positive Technologies•added 4 days ago•3 views

PT-2026-48259

Name of the Vulnerable Software and Affected Versions Acrobat Reader versions prior to 26.001.21652 Description An out-of-bounds read issue exists where the software reads data outside the intended buffer in memory. This can lead to the disclosure of sensitive memory information. Exploitation...

5.5CVSS5.4AI score0.00022EPSS

Exploits0References3

Positive Technologies•added 4 days ago•5 views

PT-2026-48257

Name of the Vulnerable Software and Affected Versions Acrobat Reader versions 24.001.30365 through 26.001.21651 Description A Use After Free issue exists in the annotation component, which occurs when a program continues to use a pointer after it has been freed, potentially leading to the...

5.5CVSS4.7AI score0.00027EPSS

Exploits0References5

Adobe•added 4 days ago•6 views

APSB26-62 : Security update available for Adobe Dreamweaver

Adobe has released a security update for Adobe Dreamweaver. This update resolves critical and important vulnerabilities that could lead to arbitrary code execution, memory exposure, and arbitrary file system read...

5.8AI score

Exploits0Affected Software1

FreeBSD•added 4 days ago•3 views

FreeBSD -- Arm CPU errata may bypass page table permission changes

Problem Description: Some Arm CPUs have errata where the ordering of stores and the TLBI+DSB sequence may be incorrect. If one CPU stores to a virtual address while another CPU invalidates the translation for that address, the second CPU's TLBI+DSB may complete before the first CPU's store has be...

9.1CVSS5.4AI score0.00026EPSS