CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added last week•5 views

GHSA-WFQX-GJRF-G28R Crossplane: Signature verification TOCTOU allows installing unverified package content via mutable tag

Summary Crossplane allows package signature verification to be configured via the ImageConfig mechanism. When enabled, the package manager uses cosign to verify that packages are correctly signed before pulling and installing them. When a package is installed using a tag reference e.g., a semanti...

9CVSS5.7AI score

Exploits0References2

OSV•added 2026/06/18 2:17 p.m.•7 views

DEBIAN-CVE-2026-44942

A path traversal in handling the "path" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.19 could be used by attackers to fill directories on the system outside of the zypp cache with content...

6.5CVSS5.8AI score0.00329EPSS

RedhatCVE•added 2026/06/10 8:59 a.m.•9 views

CVE-2026-41984

UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity...

RedhatCVE•added 2026/06/10 8:59 a.m.•9 views

CVE-2026-41985

UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity...

NVD•added 2026/06/09 8:16 a.m.•11 views

CVE-2026-41984

UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity...

5.2CVSS0.00078EPSS

NVD•added 2026/06/09 8:16 a.m.•10 views

CVE-2026-41985

UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity...

5.1CVSS0.00073EPSS

Vulnrichment•added 2026/06/09 6:43 a.m.•8 views

CVE-2026-41985

UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity...

CVE•added 2026/06/09 6:43 a.m.•19 views

CVE-2026-41985

Technical details about CVE-2026-41985 are not publicly available in the provided documents. Monitor for updates from Huawei advisories and NVD/CVE listings for affected products, impact, and remediation.

5.1CVSS5.5AI score0.00073EPSS

Cvelist•added 2026/06/09 6:43 a.m.•32 views

CVE-2026-41985

UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity...

5.1CVSS0.00073EPSS

EUVD•added 2026/06/09 6:43 a.m.•8 views

EUVD-2026-35357

UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity...

CVE•added 2026/06/09 6:42 a.m.•18 views

CVE-2026-41984

Technical details about CVE-2026-41984 are not publicly available in the provided documents. Monitor for updates from the listed vendor references.

5.2CVSS5.5AI score0.00078EPSS

Vulnrichment•added 2026/06/09 6:42 a.m.•10 views

CVE-2026-41984

UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity...

Cvelist•added 2026/06/09 6:42 a.m.•35 views

CVE-2026-41984

UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity...

5.2CVSS0.00078EPSS

EUVD•added 2026/06/09 6:42 a.m.•10 views

EUVD-2026-35356

UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity...

Positive Technologies•added 2026/06/09 12:0 a.m.•11 views

PT-2026-47700

UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity...

Positive Technologies•added 2026/06/09 12:0 a.m.•10 views

Exploits0References4

PT-2026-47701

UAF vulnerability in the package management module. Impact: Successful exploitation of this vulnerability may affect service integrity...