CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Debian CVE•added 2026/06/12 2:6 p.m.•7 views

CVE-2026-44894

Netty is a network application framework for development of protocol servers and clients. NoQuicTokenHandler is the tokenHandler used when the application does not set one. Prior to version 4.2.15.Final, its writeToken returns false server will not send Retry — acceptable, but validateToken...

7.5CVSS5.2AI score0.00232EPSS

Cvelist•added 2026/06/12 9:27 a.m.•30 views

CVE-2026-11845 IEI Integration Corp｜iVEC-IEI Virtualization Edge Computer - OS Command Injection

The iVEC-IEI Virtualization Edge Computer developed by IEI Integration Corp has a OS Command Injection vulnerability, allowing privileged remote attackers to inject arbitrary OS commands and execute them on the device...

8.6CVSS0.01395EPSS

Exploits0References2

CVE•added 2026/06/12 9:27 a.m.•15 views

CVE-2026-11845

The CVE-2026-11845 entry concerns the iVEC-IEI Virtualization Edge Computer from IEI Integration Corp, describing an OS Command Injection vulnerability. The available documents state that privileged remote attackers could inject arbitrary OS commands and execute them on the device, with high impa...

8.6CVSS5.8AI score0.01395EPSS

Exploits0References2

NVD•added 2026/06/12 4:17 a.m.•11 views

CVE-2026-48610

Under certain network configurations, a malicious actor with access to network could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices...

8.1CVSS0.0025EPSS

Vulnrichment•added 2026/06/12 2:27 a.m.•6 views

CVE-2026-47369

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to escalate privileges within such UniFi OS devices or instances...

9.9CVSS5.2AI score0.00303EPSS

Vulnrichment•added 2026/06/12 2:27 a.m.•8 views

CVE-2026-47370

A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in certain devices running UniFi OS to execute a Command Injection within such UniFi OS devices or instances...

9.9CVSS5.5AI score0.00825EPSS

Vulnrichment•added 2026/06/12 2:27 a.m.•7 views

CVE-2026-48610

8.1CVSS5.2AI score0.0025EPSS

Vulnrichment•added 2026/06/12 2:27 a.m.•9 views

CVE-2026-47368

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to obtain data from such UniFi OS devices or instances...

8.6CVSS5.2AI score0.00355EPSS

CVE•added 2026/06/12 2:27 a.m.•34 views

CVE-2026-48610

CVE-2026-48610 describes an Improper Access Control vulnerability on certain devices running UniFi OS. A remote attacker with network access could cause unauthorized changes to UniFi OS devices. The CVSSv3.1 base score is 8.1 (High) with network attack vector, high impact on confidentiality, inte...

8.1CVSS5.4AI score0.0025EPSS

Wolfi•added 2026/06/12 1:48 a.m.•6 views

GHSA-MHRM-MF55-J4P7 vulnerabilities

Vulnerabilities for packages: chromium...

Wolfi•added 2026/06/12 1:48 a.m.•5 views

GHSA-M2RP-HQMH-CM5F vulnerabilities

Vulnerabilities for packages: chromium...

Wolfi•added 2026/06/12 1:48 a.m.•6 views

GHSA-56WM-H6F8-C34V vulnerabilities

Vulnerabilities for packages: chromium...

Chainguard•added 2026/06/12 1:17 a.m.•4 views

GHSA-282G-W5FH-9Q49 vulnerabilities

Vulnerabilities for packages: chromium...

Tenable Nessus•added 2026/06/12 12:0 a.m.•19 views

Photon OS 5.0: Go PHSA-2026-5.0-0869

An update of the go package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0869. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid320798...

9.8CVSS7AI score0.99999EPSS

Exploits20References61

OSV•added 2026/06/11 10:16 p.m.•3 views

DEBIAN-CVE-2026-12026

Out of bounds read in Video in Google Chrome on ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.4AI score0.00219EPSS

NVD•added 2026/06/11 7:16 p.m.•7 views

CVE-2025-46308

An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to leak sensitive user information...

5.3CVSS0.00302EPSS

Exploits0References2

NVD•added 2026/06/11 7:16 p.m.•10 views

CVE-2025-46315

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data...

7.5CVSS0.0027EPSS

EUVD•added 2026/06/11 6:47 p.m.•6 views

EUVD-2025-210121

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information...

5.5CVSS5.4AI score0.00127EPSS

Exploits0References3

EUVD•added 2026/06/11 6:47 p.m.•7 views

EUVD-2025-210120

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data...

5.5CVSS5.4AI score0.0014EPSS