CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 3 days ago•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-56131

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.8.2 lacks handler call depth tracking for calls to XMLResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free...

4.9CVSS5.9AI score

Tenable Nessus•added 3 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-55203

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgiconn structure's drl field that allows buffer misparse as...

9CVSS6.1AI score

Tenable Nessus•added 5 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-47178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - libheif - None Ubuntu Linux - Unknown description CVE-2026-47178 Note that Nessus relies on the presence of the package as reported by the vendor...

5.9AI score0.00025EPSS

NVD•added 6 days ago•10 views

CVE-2026-48591

Improper Neutralization of Script in Attributes in a Web Page vulnerability in pragdave earmark allows stored cross-site scripting via unescaped HTML attribute values. 'Elixir.Earmark.Transform':makeatt1/2 in lib/earmark/transform.ex splices attribute values verbatim between two literal " bytes: ...

4.8CVSS0.00133EPSS

Cvelist•added 6 days ago•14 views

CVE-2026-48591 Stored XSS via unescaped HTML attribute values in earmark

4.8CVSS0.00133EPSS

Tenable Nessus•added 6 days ago•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-12466

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page...

8.8CVSS6.6AI score0.00414EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-53613

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - upstream upgrade with security fixes: - CVE-2026-53612 - libmount: TOCTOU attack via ancestor directory swap during mount - CVE-2026-53613 - libmount: SUID bypa...

5.9AI score

Tenable Nessus•added 6 days ago•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-12455

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Tab Strip in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to...

7.5CVSS6AI score0.00221EPSS

Tenable Nessus•added 6 days ago•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-12448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to perform privilege escalation via a...

8.8CVSS6AI score0.00249EPSS

Tenable Nessus•added 6 days ago•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-12443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Web Authentication in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page...

8.8CVSS6.3AI score0.00522EPSS

Tenable Nessus•added 6 days ago•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-12457

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in Extensions. CVE-2026-12457 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900...

4.2CVSS5.9AI score0.00191EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-53612

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - util-linux - None Ubuntu Linux - Local Privilege Escalation via TOCTOU in mount8 hookowner.c chmod/chown CVE-2026-53612 Note that Nessus relies o...

5.9AI score

Tenable Nessus•added 6 days ago•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-12467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform ...

8.3CVSS6AI score0.00217EPSS

Tenable Nessus•added 6 days ago•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-12464

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Browser in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a...

8.3CVSS6AI score0.00216EPSS

Tenable Nessus•added 6 days ago•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-12449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.155 allowed a local attacker to perform OS-level privilege escalation via a malicio...

7.8CVSS5.9AI score0.00133EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-53614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - util-linux - None Ubuntu Linux - Local Privilege Escalation via LIBMOUNTFORCEMOUNT2 Environment Variable - nosuid/noexec Bypass in SUID mount8...

5.9AI score

5.4CVSS5.9AI score0.00164EPSS

Linux Distros Unpatched Vulnerability : CVE-2026-12330

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the Internationalization component. This vulnerability was fixed in Firefox ESR 140.12, Firefox ESR 115.37, and Thunderbird...

Tenable Nessus•added 6 days ago•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-12295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sandbox escape in the DOM: Navigation component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and...

9.6CVSS5.9AI score0.00314EPSS

Tenable Nessus•added 6 days ago•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-12306

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. CVE-2026-12306...

5.3CVSS5.9AI score0.00261EPSS