CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

255433 matches found

Positive Technologies•added 4 days ago•11 views

PT-2026-50233

In NFC, there is a possible way to spoof an NFC event due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS5.5AI score0.00148EPSS

Exploits0References3

Tenable Nessus•added 4 days ago•5 views

RockyLinux 8 : rsync (RLSA-2026:26408)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:26408 advisory. rsync: rsync: Remote memory disclosure via integer overflow in compressed-token decoding CVE-2026-43618 rsync: TOCTOU symlink race condition allowing...

8.1CVSS5.5AI score0.00643EPSS

Exploits0References5

Positive Technologies•added 4 days ago•13 views

PT-2026-50231

In createSessionInternal of PackageInstallerService.java, there is a possible method to remove a DPC app from a managed device without DO consent due to desync from persistence. This could lead to local escalation of privilege if a user can install a malicious app with no additional execution...

10CVSS5.5AI score0.00123EPSS

Exploits0References3

Tenable Nessus•added 4 days ago•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-12289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152,...

8.8CVSS5.9AI score0.00316EPSS

Exploits0References4

Tenable Nessus•added 4 days ago•18 views

Security Update for Microsoft Visual Studio Code (June 2026)

The version of Microsoft Visual Studio Code installed on the remote Windows host is prior to 1.123.2. It is, therefore, affected by multiple vulnerabilities: - Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network. CVE-2026-47281 -...

9.6CVSS5.5AI score0.006EPSS

Exploits0References15

EUVD•added 5 days ago•11 views

EUVD-2026-37194

In numberOfReportBlocks of RtpSession.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.8CVSS5.7AI score0.00231EPSS

Exploits0References2

EUVD•added 5 days ago•7 views

EUVD-2026-37186

In OSMMapPMRGeneric of pmros.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...

7.8CVSS5.5AI score0.00071EPSS

Exploits0References2

EUVD•added 5 days ago•8 views

EUVD-2026-37187

In Write of msgtohostbuffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00068EPSS

Exploits0References2

EUVD•added 5 days ago•8 views

EUVD-2026-37177

In lwisdeviceexternaleventemit of lwisevent.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.6AI score0.00073EPSS

Exploits0References2

EUVD•added 5 days ago•6 views

EUVD-2026-37216

In smmuattachdev of arm-smmu-v3.c, there is a possible way to sign malicious Android Runtime bootclass artifacts due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00067EPSS

Exploits0References2

EUVD•added 5 days ago•5 views

EUVD-2026-37208

In multiple functions of vpuioctl.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5AI score0.00067EPSS

Exploits0References2

EUVD•added 5 days ago•7 views

EUVD-2026-37172

In lwisiobufferwrite of lwisiobuffer.c, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.5AI score0.00073EPSS

Exploits0References2

EUVD•added 5 days ago•10 views

EUVD-2026-37171

In edgetpusyncfencegroupshutdown of edgetpu-dmabuf.c, there is a possible elevation of privilege due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.5AI score0.00073EPSS

Exploits0References2

EUVD•added 5 days ago•7 views

EUVD-2026-37214

In RtpPacket::decodePacket, there is a possible out of bounds access due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

5.6AI score0.00072EPSS

Exploits0References2