CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/06/11 12:0 p.m.•8 views

RUSTSEC-2026-0176 Out-of-bounds read in `nth` / `nth_back` for `PyList` and `PyTuple` iterators

PyO3 0.24.0 added optimized implementations of Iterator::nth and DoubleEndedIterator::nthback for the BoundListIterator and BoundTupleIterator types. These implementations computed the target index using unchecked usize addition index + n before bounds-checking against the sequence length, then...

5.8AI score

RedHat Linux•added 2026/06/11 11:46 a.m.•5 views

kernel: ipv6: use RCU in ip6_output()

A use-after-free flaw was found in ip6finishoutput2 in net/ipv6/ip6output.c in ipv6 access. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...

5.4AI score0.00188EPSS

RedHat Linux•added 2026/06/11 11:46 a.m.•7 views

kernel: netfilter: xt_tcpmss: check remaining length before reading optlen

A flaw was found in the Linux kernel, specifically within the netfilter: xttcpmss module. A remote attacker could exploit this vulnerability by sending a specially crafted TCP packet. The TCP option parser does not properly validate the remaining option length, which results in an out-of-bounds...

8.2CVSS5.5AI score0.00463EPSS

RedHat Linux•added 2026/06/11 11:46 a.m.•5 views

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

9.1CVSS5.4AI score0.00514EPSS

RedHat Linux•added 2026/06/11 11:39 a.m.•3 views

kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()

A flaw was found in the Linux kernel's RDMA/mlx4 component. This vulnerability arises from the incorrect use of Read-Copy Update RCU in the mlx4srqevent function. An attacker could potentially trigger an event before the srq object is fully initialized, leading to a system crash. This could resul...

7.8CVSS5.4AI score0.00136EPSS

Cvelist•added 2026/06/11 10:32 a.m.•25 views

CVE-2026-8464 Path traversal in Neuron Soft Golem OEE MES

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0...

8.3CVSS0.00204EPSS

EUVD•added 2026/06/11 10:32 a.m.•7 views

EUVD-2026-36234

8.3CVSS5.5AI score0.00204EPSS

OSV•added 2026/06/11 10:16 a.m.•2 views

DEBIAN-CVE-2026-11850

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

5CVSS5.2AI score0.00261EPSS

NVD•added 2026/06/11 10:16 a.m.•9 views

CVE-2026-11850

5CVSS0.00261EPSS

OSV•added 2026/06/11 10:16 a.m.•4 views

UBUNTU-CVE-2026-11850

5CVSS5.3AI score0.00261EPSS

Exploits0References6

RedHat Linux•added 2026/06/11 10:5 a.m.•4 views

redis: Remote code execution via use-after-free in Lua scripting

A flaw was found in Redis, an in-memory data structure store. An authenticated attacker can exploit a use-after-free vulnerability in redis-server with Lua scripting. This occurs through the master-replica synchronization mechanism on replicas where replica-read-only is disabled or can be disable...

8.1CVSS5.6AI score0.00894EPSS

Exploits0References6

Cvelist•added 2026/06/11 9:49 a.m.•25 views

CVE-2026-11850 Krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read

5CVSS0.00261EPSS

EUVD•added 2026/06/11 9:49 a.m.•7 views

EUVD-2026-36219

5CVSS5.4AI score0.00261EPSS

Vulnrichment•added 2026/06/11 9:49 a.m.•6 views

CVE-2026-11850 Krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read

5CVSS5.4AI score0.00261EPSS

Debian CVE•added 2026/06/11 9:49 a.m.•6 views

CVE-2026-11850

5CVSS5.3AI score0.00261EPSS

Exploits0

CVE•added 2026/06/11 9:49 a.m.•30 views

CVE-2026-11850

CVE-2026-11850 affects MIT Kerberos 5; the vulnerability is an integer underflow in berval2tl_data() inside ldap_principal2.c, where unsigned bv_len - 2 lacks bounds checking. When bv_len is 0 or 1, the subtraction underflows to 0xFFFE/0xFFFF and is then memcpy’d from a 0–1 byte buffer, causing a...

5CVSS5.4AI score0.00261EPSS

RedhatCVE•added 2026/06/11 8:59 a.m.•7 views

CVE-2025-62851

A path traversal vulnerability has been reported to affect License Center. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: License...

6.9CVSS5.5AI score0.00246EPSS

RedhatCVE•added 2026/06/11 8:59 a.m.•8 views

CVE-2026-24717

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the...

6.5CVSS5.5AI score0.00392EPSS

RedhatCVE•added 2026/06/11 2:59 a.m.•7 views

CVE-2026-46532

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0, an out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser avrcparsvendorcmd in components/bt/host/bluedroid/stack/avrc/avrcparstg.c. This issue has been patched ...

4.6CVSS5.4AI score0.00228EPSS