CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

793 matches found

EUVD-2026-39532

CANBoat through 6.22, fixed in commit a5a22b7, contains an off-by-one global buffer overflow in the searchForPgn function in analyzer/pgn.c that allows remote attackers to crash the application. Attackers can deliver a crafted NMEA-2000 message with an out-of-range PGN value over CAN bus or...

7.3CVSS6.2AI score

Exploits0References4

NVD•added 2026/06/19 2:16 p.m.•10 views

CVE-2026-48140

There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...

7.1CVSS0.00249EPSS

Exploits0References2

CVE•added 2026/06/19 1:32 p.m.•12 views

CVE-2026-48140

NI grpc-device contains an unchecked enum cast vulnerability in BeginSidebandStream affecting version 2.17.0 and earlier. The issue allows triggering invalid enum states and undefined behavior, potentially leading to a denial of service. Exploitation requires sending a specially crafted message w...

7.1CVSS5.8AI score0.00249EPSS

Exploits0References2Affected Software1

AstraLinux•added 2026/06/19 11:10 a.m.•8 views

Astra Linux – Vulnerability in Zabbix

Zabbix Frontend offers a feature that enables administrators to manage the installation and ensure that only certain IP addresses can access it. This way, no user will be able to access the Zabbix Frontend during maintenance, and sensitive data will be protected from being disclosed. An attacker...

9.8CVSS8.2AI score0.01207EPSS

Exploits1References2

AstraLinux•added 2026/06/19 11:10 a.m.•2 views

Astra Linux – Vulnerability in imagemagick

In /MagickCore/statistic.c, there are several places where a sizet cast should have been replaced with an ssizet cast. This causes out-of-range values under certain circumstances when a crafted input file is processed by ImageMagick. Red Hat Product Security classified this as Low severity becaus...

4.3CVSS6.5AI score0.01147EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: tpm2-sessions: Fixed out-of-range indexing in namesize. namesize does not have any range checks; it simply indexes using TPMALGID, which could lead to memory corruption in extreme cases. The issue is addressed by only processi...

5.8AI score0.00166EPSS

Exploits0References2

Positive Technologies•added 2026/06/19 12:0 a.m.•18 views

PT-2026-50891

Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description An unchecked enum cast issue exists in the BeginSidebandStream function. An attacker can trigger invalid enum states and undefined behavior by supplying a specially crafted message containing...

7.1CVSS5.9AI score0.00249EPSS

Exploits0References6

NVD•added 2026/06/10 12:16 a.m.•11 views

CVE-2026-41727

Spring Kafka's retry topic infrastructure did not sufficiently validate user-controlled header values before acting on them. A producer could send a record with a crafted retrytopic-attempts header to supply an out-of-range attempt count and cause the retry topic router to misidentify where the...

6.5CVSS0.0024EPSS

Exploits0References1

RedhatCVE•added 2026/06/08 8:59 p.m.•10 views

CVE-2026-42500

Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image...

5.3CVSS5.4AI score0.00384EPSS

Exploits0References1

OSV•added 2026/06/08 5:16 p.m.•5 views

UBUNTU-CVE-2026-46303

In the Linux kernel, the following vulnerability has been resolved: isofs: validate Rock Ridge CE continuation extent against volume size rockcontinue reads rs-contextent verbatim from the Rock Ridge CE record and passes it to sbbread without checking that the block number is within the mounted I...

8.2CVSS5.5AI score0.00278EPSS

Exploits0References11

EUVD•added 2026/06/08 3:46 p.m.•10 views

EUVD-2026-35168

5.6AI score0.00278EPSS

Exploits0References8

ATTACKERKB•added 2026/06/08 3:46 p.m.•6 views

CVE-2026-46303

5.5AI score0.00278EPSS

Exploits0References9Affected Software1

OSV•added 2026/06/06 3:56 a.m.•7 views

JLSEC-2026-575

A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve Cryptography point ECC multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allow...

8.1CVSS6.5AI score0.01607EPSS

Exploits0References12

RedhatCVE•added 2026/06/05 7:31 p.m.•7 views

CVE-2026-6840

Missing bounds validation for operator could allow out of range operator-code lookup during model loading Affected version is prior to commit 1.30.0...

5.5CVSS5.4AI score0.00105EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:20 p.m.•10 views

CVE-2026-41643

GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service DoS vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during th...

7.5CVSS7.1AI score0.00503EPSS

Exploits1References1

Positive Technologies•added 2026/06/05 12:0 a.m.•6 views

PT-2026-49157

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=519646826 Crash type: Heap-buffer-overflow WRITE Crash state: opus repacketizer out range impl opus repacketizer out range codec parse...

5.2AI score

Exploits0References2