CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/05/29 12:0 a.m.•7 views

PT-2026-44757

7.1CVSS6AI score0.00224EPSS

Exploits0References2

CNNVD•added 2026/05/29 12:0 a.m.•8 views

n8n-MCP 安全漏洞

n8n-MCP is a model context protocol server developed by Romuald Członkowski, an individual developer. Versions of n8n-MCP prior to 2.51.3 contained security vulnerabilities. These vulnerabilities stemmed from the fact that the workflow telemetry cleaner might retain fragments of URL shape node...

6.5CVSS5.8AI score0.00262EPSS

CNNVD•added 2026/05/29 12:0 a.m.•8 views

TP-Link TL-SG108PE 安全漏洞

The TP-Link TL-SG108PE is an 8-port Gigabit Ethernet intelligent managed PoE switch from TP-Link Corporation. The TP-Link TL-SG108PE v5 has a security vulnerability, which stems from improper cleaning of SYSNAM configuration parameters during the file configuration import process in the web...

5.3CVSS5.6AI score0.00239EPSS

Exploits0References3

Positive Technologies•added 2026/05/29 12:0 a.m.•14 views

PT-2026-44797

A flaw was found in the Quay config-tool's GitLab OAuth validator. This vulnerability causes sensitive credentials, specifically client id and client secret, to be transmitted as plaintext in URL query parameters during POST requests to the GitLab endpoint. This insecure transmission can lead to...

2.7CVSS5.7AI score0.00196EPSS

Exploits0References3

Tenable Nessus•added 2026/05/29 12:0 a.m.•11 views

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-39829)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-39829 advisory. - The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted...

7.5CVSS5.8AI score0.00304EPSS

CNNVD•added 2026/05/29 12:0 a.m.•9 views

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Versions of JetBrains TeamCity prior to 2026.1...

7.6CVSS5.9AI score0.00226EPSS

CNNVD•added 2026/05/29 12:0 a.m.•10 views

arcane 跨站脚本漏洞

Arcan is an open-source Docker management software developed by Arcane. Versions of Arcan prior to 1.19.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the unvalidated GET /api/app-images/logo endpoint, which directly replaced user-provided color parameters into...

8.2CVSS5.6AI score0.00185EPSS

Positive Technologies•added 2026/05/29 12:0 a.m.•13 views

PT-2026-44954

Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2026.1 Description Improper permission checks allow for the exposure of build configuration parameters. Recommendations Update to version 2026.1...

7.6CVSS5.8AI score0.00226EPSS

Positive Technologies•added 2026/05/29 12:0 a.m.•11 views

PT-2026-44957

Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2025.11.2 Description Sensitive data is exposed through the use of default agent parameters. Recommendations Update to version 2025.11.2...

4.3CVSS5.8AI score0.00669EPSS

RedhatCVE•added 2026/05/28 9:9 p.m.•13 views

CVE-2026-46179

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA System on Chip ASoC Sound Open Firmware SOF subsystem. This vulnerability occurs when reporting the pointer for a compressed stream, where the I/O frame position is divided by values that can be zero if the stream...

5.5CVSS5.8AI score0.00122EPSS

RedHat Linux•added 2026/05/28 11:9 a.m.•11 views

cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI

A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface UI. An attacker can inject shell metacharacters and command...

OSV•added 2026/05/28 10:16 a.m.•5 views

UBUNTU-CVE-2026-46179

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by dividing the position by the number of channels multiplied by the...

5.5CVSS5.7AI score0.00122EPSS

Exploits0References8

EUVD•added 2026/05/28 9:36 a.m.•11 views

EUVD-2026-32806

5.7AI score0.00122EPSS

Cvelist•added 2026/05/28 9:36 a.m.•29 views

CVE-2026-46179 ASoC: SOF: Don't allow pointer operations on unconfigured streams

0.00122EPSS

Exploits0References6

CVE•added 2026/05/28 9:36 a.m.•29 views

CVE-2026-46157

The CVE-2026-46157 entry concerns the ALSA PCM OSS subsystem in the Linux kernel, where runtime.oss.trigger could be accessed concurrently without protection, causing a data race on a bit field and risking corruption of adjacent fields. The issue is addressed by extending the existing params_lock...

7.8CVSS5.7AI score0.00099EPSS

Exploits0References4Affected Software1

RedHat Linux•added 2026/05/28 8:19 a.m.•12 views

cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI

Positive Technologies•added 2026/05/28 12:0 a.m.•11 views

PT-2026-44302

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the ASoC ALSA System on Chip SOF Sound Open Firmware component where pointer operations are permitted on...

9.8CVSS6AI score0.03663EPSS

Exploits14References291

RedHat Linux•added 2026/05/27 11:11 p.m.•8 views

cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI

RedHat Linux•added 2026/05/27 11:6 p.m.•11 views

cockpit: Cockpit: Arbitrary command execution via crafted links in system logs UI