CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Hacker News•added yesterday•8 views

Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available

Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation. The vulnerability, tracked as CVE-2026-20245 , carries a CVSS score of 7.8 out of a maximum of 10.0. It affects the following deployment types - On-Prem Deployment Cisco SD-WA...

7.8CVSS6.3AI score0.00083EPSS

Exploits0

RedhatCVE•added 2 days ago•4 views

CVE-2026-8271

A vulnerability was identified in D-Link DNS-320 2.06B01. The impacted element is the function cgispeed/cgidhcpdlease/cgiddns/cgisetip/cgiupnpdel/cgidhcpd/cgiupnpadd/cgiupnpedit of the file /cgi-bin/networkmgr.cgi. The manipulation leads to os command injection. The attack is possible to be carri...

7.2CVSS5.3AI score0.00123EPSS

Exploits1References1

NVD•added 3 days ago•9 views

CVE-2026-10805

A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description MUD URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL,...

6.7CVSS0.0002EPSS

CVE•added 3 days ago•14 views

CVE-2026-10805

Summary : CVE-2026-10805 concerns NetworkManager’s dhclient backend, which may misprocess malformed MUD URLs to enable local privilege escalation. What’s affected : NetworkManager (dhclient backend); only when administrator explicitly configures NetworkManager to use dhclient. Default configurati...

EUVD•added 3 days ago•7 views

EUVD-2026-34207

RedhatCVE•added 3 days ago•6 views

CVE-2026-10805

ATTACKERKB•added 3 days ago•5 views

Exploits0References3

CVE-2026-10805

Vulnrichment•added 3 days ago•5 views

Exploits0References3

CVE-2026-10805 Networkmanager: networkmanager: local privilege escalation via malformed mud urls in dhclient backend

OSV•added 2026/05/29 4:3 p.m.•4 views

RLSA-2026:18142 Low: NetworkManager security update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

3.3CVSS5.8AI score0.00004EPSS

OSV•added 2026/05/28 3:43 p.m.•4 views

RLSA-2026:18597 Low: NetworkManager security update

3.3CVSS5.8AI score0.00004EPSS

Tenable Nessus•added 2026/05/28 12:0 a.m.•7 views

RockyLinux 9 : NetworkManager (RLSA-2026:18597)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18597 advisory. networkmanagr: NetworkManager File Access CVE-2025-9615 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Not...

3.3CVSS5.8AI score0.00004EPSS

Exploits0References3

OSV•added 2026/05/27 8:16 p.m.•4 views

DEBIAN-CVE-2026-44724

Debian CVE•added 2026/05/27 7:26 p.m.•7 views

CVE-2026-44724

Vulnrichment•added 2026/05/27 7:26 p.m.•7 views

Exploits0

CVE-2026-44724 systeminformation: Linux command injection in networkInterfaces() via unsanitized NetworkManager connection profile name

CVE•added 2026/05/27 7:26 p.m.•9 views

CVE-2026-44724

CVE-2026-44724 affects the node.js library systeminformation (Linux) from versions 4.17.0 through 5.31.5. The issue is a command-injection flaw in networkInterfaces() caused by unsanitized NetworkManager connection profile names being interpolated into shell commands executed via execSync(), afte...

CNNVD•added 2026/05/27 12:0 a.m.•5 views

WeGIA 安全漏洞

WeGIA is a network manager for a welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.7.3 contained security vulnerabilities. These vulnerabilities stemmed from the use of a salted SHA-256 hash algorithm in login and password change processes, which could lead to rainbow...

5.9CVSS5.8AI score0.00017EPSS

CNNVD•added 2026/05/27 12:0 a.m.•5 views

systeminformation 操作系统命令注入漏洞

SystemInformation is a NPM software library developed by Sebastian Hildebrandt, which allows access to operating system information. Versions of SystemInformation from 4.17.0 to 5.31.5 contain a vulnerability related to operating system command injection. This vulnerability arises on Linux when t...

OSV•added 2026/05/20 10:9 a.m.•4 views

RHSA-2026:18597 Red Hat Security Advisory: NetworkManager security update

Bulletin has no description...

3.3CVSS5.7AI score0.00004EPSS

Exploits0References11

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в network-manager

It was found that nmcli, a command-line interface for NetworkManager, does not honor the 802-1x.ca-path and 802-1x.phase2-ca-path settings when creating a new profile. When a user connects to a network using this profile, authentication does not occur, and the connection is made insecurely...

4.3CVSS6.6AI score0.00252EPSS