CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 6 days ago•37 views

CVE-2026-48119

CVE-2026-48119 (Nezha Monitoring) involves authenticated agents forging service-monitor results for other users’ services in versions 0.20.0 through pre-2.0.12. The vulnerability arises from the service-monitor worker not verifying that the reporter server and service ownership align with the rep...

7.1CVSS5.2AI score0.00368EPSS

RedhatCVE•added 2026/06/10 9:0 p.m.•5 views

CVE-2026-42981

Integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network...

RedhatCVE•added 2026/06/10 9:0 p.m.•4 views

CVE-2026-42974

Integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network...

Github Security Blog•added 2026/06/10 5:24 p.m.•12 views

OpenTelemetry Operator for Kubernetes's ServiceMonitor bearerTokenFile reads arbitrary local file and sends contents as bearer auth

Affected Repository: github.com/open-telemetry/opentelemetry-operator Component: cmd/otel-allocator TargetAllocator Companion: Prometheus Operator API types CRDs Summary OpenTelemetry Operator's TargetAllocator watches ServiceMonitor resources via the Prometheus Operator CR watcher and converts...

5.6AI score0.00017EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2026/06/10 2:59 p.m.•5 views

CVE-2026-41031

A Stored Cross-Site Scripting vulnerability in Vinna Process Monitor Version 4.0 Service Pack 1 Build 63255 allows an authenticated remote attacker with low privileges to inject malicious JavaScript code into the application. This enables attackers to steal administrative access tokens and sessio...

9.3CVSS5.6AI score0.00242EPSS

Positive Technologies•added 2026/06/10 12:0 a.m.•7 views

PT-2026-48539

7.7CVSS5.6AI score0.00017EPSS

Exploits0References4

NVD•added 2026/06/09 5:17 p.m.•8 views

CVE-2026-42981

Integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network...

NVD•added 2026/06/09 5:17 p.m.•5 views

CVE-2026-42974

Integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network...

Vulnrichment•added 2026/06/09 5:6 p.m.•5 views

CVE-2026-42974 Windows Performance Monitor Remote Code Execution Vulnerability

...

8.1CVSS5.4AI score0.00524EPSS

Vulnrichment•added 2026/06/09 5:6 p.m.•6 views

CVE-2026-42981 Windows Performance Monitor Remote Code Execution Vulnerability

...

8.1CVSS5.4AI score0.00524EPSS

EUVD•added 2026/06/09 5:6 p.m.•15 views

EUVD-2026-35735

Integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network...

EUVD•added 2026/06/09 5:6 p.m.•15 views

EUVD-2026-35736

Integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network...

CVE•added 2026/06/09 5:6 p.m.•12 views

CVE-2026-42974

CVE-2026-42974 affects Windows Performance Monitor. The issue is an Integer underflow (wrap/wraparound) in a component used by Performance Monitor, enabling a remote attacker to execute code over a network. Exploitation details are not provided in the documents; the CVSS base score is 8.1 (Networ...

Exploits0References1Affected Software6

Cvelist•added 2026/06/09 5:6 p.m.•28 views

CVE-2026-42981 Windows Performance Monitor Remote Code Execution Vulnerability

...

Cvelist•added 2026/06/09 5:6 p.m.•25 views

CVE-2026-42974 Windows Performance Monitor Remote Code Execution Vulnerability

...

CVE•added 2026/06/09 5:6 p.m.•25 views

CVE-2026-42981

The provided documents identify CVE-2026-42981 as a Windows Performance Monitor remote code execution vulnerability caused by an integer underflow (wrap/wraparound). The issue is exploitable over the network without user interaction and with no privileges required (AV:N/PR:N/UI:N), as indicated b...