CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/05/29 12:0 a.m.•6 views

PT-2026-44969

A stored cross-site scripting XSS vulnerability exists in certain 1xxx series NVR devices due to insufficient sanitization of user-supplied input in specific functional modules. Attackers can inject malicious scripts, which are then persistently stored on the device backend. When administrators o...

8.4CVSS5.7AI score0.00039EPSS

Tenable Nessus•added 2026/05/29 12:0 a.m.•11 views

SUSE SLES16 Security Update : nginx (SUSE-SU-2026:21832-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21832-1 advisory. This update for nginx fixes the following issues - CVE-2026-27651: denial of service via undisclosed requests when the...

9.2CVSS7.7AI score0.00288EPSS

Exploits34References19

Positive Technologies•added 2026/05/29 12:0 a.m.•14 views

PT-2026-45022

Summary NodeVM supports excluding public network builtins from the wildcard builtin option. With this configuration direct access to http, https, http2, net, dgram, tls, dns, and dns/promises is blocked. However, Node.js also exposes underscored internal HTTP builtins such as http client and http...

8.6CVSS5.8AI score

Exploits0References5

NVD•added 2026/05/28 9:16 p.m.•6 views

CVE-2026-46821

Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite component: Common Components. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

7.7CVSS0.00038EPSS

NVD•added 2026/05/28 9:16 p.m.•9 views

CVE-2026-46820

8.5CVSS0.00047EPSS

RedhatCVE•added 2026/05/28 8:48 p.m.•7 views

CVE-2026-46104

A flaw was found in the Linux kernel's SELinux Security-Enhanced Linux socket permission helpers. In configurations where multiple Linux Security Modules LSMs are active, the system may incorrectly access socket security data. This can lead to invalid security identifiers SIDs and class values...

5.5CVSS5.8AI score0.00022EPSS

EUVD•added 2026/05/28 8:17 p.m.•9 views

EUVD-2026-33044

7.7CVSS5.8AI score0.00038EPSS

ATTACKERKB•added 2026/05/28 8:17 p.m.•7 views

CVE-2026-46821

7.7CVSS5.8AI score0.00038EPSS

Exploits0References2Affected Software1

EUVD•added 2026/05/28 8:17 p.m.•7 views

EUVD-2026-33043

8.5CVSS5.8AI score0.00047EPSS

ATTACKERKB•added 2026/05/28 8:17 p.m.•8 views

CVE-2026-46820

8.5CVSS5.8AI score0.00047EPSS

Exploits0References2Affected Software1

OSV•added 2026/05/28 3:43 p.m.•4 views

RLSA-2026:19216 Important: python3.9 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.1CVSS6.4AI score0.00164EPSS

Rockylinux•added 2026/05/28 3:43 p.m.•17 views

python3.9 security update

An update is available for python3.9. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming language...

9.1CVSS7.6AI score0.00164EPSS

Exploits0

EUVD•added 2026/05/28 12:30 p.m.•8 views

EUVD-2026-32863

In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sockhasperm and nlmsgsockhasextendedperms currently dereference sk-sksecurity directly, which assumes the...

5.8AI score0.00022EPSS

NVD•added 2026/05/28 10:16 a.m.•6 views

CVE-2026-46104

0.00022EPSS

Cvelist•added 2026/05/28 9:35 a.m.•20 views

CVE-2026-46104 selinux: use sk blob accessor in socket permission helpers

0.00022EPSS

OSV•added 2026/05/28 8:45 a.m.•4 views

BIT-JOOMLA-2026-25900 Joomla! Core - [20260501] - XSS in feed modules

Lack of output escaping leads to a XSS vector in the feed modules...

6.9CVSS5.8AI score0.00005EPSS

Exploits0References2

Positive Technologies•added 2026/05/28 12:0 a.m.•6 views

PT-2026-44516

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Financials Common Modules versions 12.2.3 through 12.2.15 Description An issue in the Common Components of the Oracle Financials Common Modules allows a low privileged attacker with network access via HTTP to...

8.5CVSS5.9AI score0.00047EPSS

Tenable Nessus•added 2026/05/28 12:0 a.m.•7 views

RHEL 9 : python3.9 (RHSA-2026:21682)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:21682 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

9.1CVSS6.5AI score0.00164EPSS

Exploits0References6

Positive Technologies•added 2026/05/28 12:0 a.m.•8 views

PT-2026-44517

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite Oracle Financials Common Modules versions 12.2.3 through 12.2.15 Description An issue in the Common Components component of Oracle Financials Common Modules allows a low privileged attacker with network access via HTTP ...

7.7CVSS5.9AI score0.00038EPSS