Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

341 matches found

Tenable Nessus
Tenable Nessusadded 2026/01/23 12:0 a.m.1 views

Linux Distros Unpatched Vulnerability : CVE-2026-0775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected...

7CVSS7.6AI score0.00012EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/01/23 12:0 a.m.11 views

npm CLI security vulnerabilities

npm CLI is a package manager developed by the American company npm. There is a security vulnerability in npm CLI, which stems from loading modules from insecure locations, potentially leading to privilege escalation and the execution of arbitrary code...

7CVSS7.5AI score0.00012EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2026/01/23 12:0 a.m.3 views

CVE-2026-0775

npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of npm cli. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...

7CVSS7.4AI score0.00012EPSS
Exploits0References2
CVE
CVEadded 2026/01/21 9:13 p.m.13 views

CVE-2026-22807

Vulnerability CVE-2026-22807 affects vLLM versions prior to 0.14.0, where during model resolution the engine loads Hugging Face auto_map dynamic modules without gating on trust_remote_code. This allows attacker-controlled Python code in a model repo or path to execute at server startup, before an...

9.8CVSS6.5AI score0.00029EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/21 9:13 p.m.2 views

CVE-2026-22807 vLLM affected by RCE via auto_map dynamic module loading during model initialization

vLLM is an inference and serving engine for large language models LLMs. Starting in version 0.10.1 and prior to version 0.14.0, vLLM loads Hugging Face automap dynamic modules during model resolution without gating on trustremotecode, allowing attacker-controlled Python code in a model repo/path ...

8.8CVSS6.5AI score0.00029EPSS
Exploits1References4
Github Security Blog
Github Security Blogadded 2026/01/21 4:12 p.m.6 views

vLLM affected by RCE via auto_map dynamic module loading during model initialization

Summary vLLM loads Hugging Face automap dynamic modules during model resolution without gating on trustremotecode, allowing attacker-controlled Python code in a model repo/path to execute at server startup. --- Impact An attacker who can influence the model repo/path local directory or remote...

9.8CVSS5.9AI score0.00029EPSS
Exploits1References6Affected Software1
Zero Day Initiative
Zero Day Initiativeadded 2026/01/12 12:0 a.m.6 views

(0Day) npm cli Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of npm cli. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of modules. The...

7.8CVSS7.5AI score0.00012EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2025/12/31 12:0 a.m.1 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992723)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992723 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if listversions races with module loading listversions will first...

4.7CVSS6.5AI score0.00031EPSS
Exploits0References4
OSV
OSVadded 2025/12/20 9:3 a.m.5 views

RLSA-2023:5360 Important: nodejs:16 security, bug fix, and enhancement update

Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: nodejs 16. BZ2233891 Security Fixes: nodejs: Permissions policies can be bypassed via...

8.8CVSS6.8AI score0.00598EPSS
Exploits2References5
OSV
OSVadded 2025/12/16 2:15 p.m.0 views

UBUNTU-CVE-2025-68173

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix softlockup in ftracemoduleenable A soft lockup was observed when loading amdgpu module. If a module has a lot of tracable functions, multiple calls to kallsymslookup can spend too much time in RCU critical section and...

5.7AI score0.00043EPSS
Exploits0References23
Tenable Nessus
Tenable Nessusadded 2025/12/11 12:0 a.m.1 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991132)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991132 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if listversions races with module loading listversions will first...

4.7CVSS6.5AI score0.00031EPSS
Exploits0References4
EUVD
EUVDadded 2025/12/02 5:34 p.m.3 views

EUVD-2025-200115

vLLM vulnerable to remote code execution via transformersutils/getconfig...

7.1CVSS7.6AI score0.00045EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2025/12/01 12:0 a.m.3 views

PT-2025-48580

Name of the Vulnerable Software and Affected Versions vLLM versions prior to 0.11.1 Description vLLM is an inference and serving engine for large language models LLMs. A critical issue exists in the Nemotron Nano VL Config class where remote code execution can occur. When vLLM loads a model...

8.8CVSS7.7AI score0.00045EPSS
Exploits0References11
Packet Storm
Packet Stormadded 2025/11/27 12:0 a.m.164 views

📄 sudo 1.9.17 Local Privilege Escalation

sudo version 1.9.17 local privilege escalation proof of concept exploit that leverages NSS module loading. ============================================================================================================================================= | Title : sudo 1.9.17 local Privilege Escalation...

9.3CVSS7.6AI score0.57345EPSS
Exploits69
Tenable Nessus
Tenable Nessusadded 2025/11/12 12:0 a.m.1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990770)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990770 advisory. In the Linux kernel, the following vulnerability has been resolved: dm ioctl: fix misbehavior if listversions races with module loading listversions will first...

4.7CVSS6.5AI score0.00031EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2004-0984

Malware in sbrugna...

7.5CVSS6.1AI score0.01269EPSS
Exploits0References11
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2011-1036

Malware in sbrugna...

1.9CVSS6AI score0.00077EPSS
Exploits3References10
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2011-1828

Malware in sbrugna...

8.8CVSS7.2AI score0.00203EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2011-1767

Malware in sbrugna...

5.4CVSS6AI score0.00464EPSS
Exploits2References11
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2021-23358

Malware in sbrugna...

7.8CVSS7.6AI score0.0011EPSS
Exploits0References13
Rows per page
Query Builder