CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21798 matches found

Oracle linux•added 2026/05/12 12:0 a.m.•15 views

kernel security update

6.12.0-124.56.1 - Add new Oracle Linux Driver Signing key 1 certificate Orabug: 37985782 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list...

8.8CVSS6AI score0.93418EPSS

Exploits30

Tenable Nessus•added 2026/05/12 12:0 a.m.•6 views

Mozilla Firefox < 150.0.3

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 150.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-45 advisory. - Sandbox escape in the Profile Backup component. This vulnerability was fixed in Firefox 150.0.3...

9.8CVSS5.8AI score0.00309EPSS

Exploits0References6

OSV•added 2026/05/11 11:20 p.m.•11 views

MINI-R3H6-5R29-MQ4H

Bulletin has no description...

7.5CVSS5.7AI score0.00565EPSS

Exploits0

OSV•added 2026/05/11 11:20 p.m.•4 views

MINI-PWF8-7H8M-PQHW

Bulletin has no description...

5.3CVSS5.7AI score0.0039EPSS

Exploits0

OSV•added 2026/05/11 11:20 p.m.•2 views

MINI-J3CV-2WCF-W82Q

Bulletin has no description...

6.1CVSS5.7AI score0.00314EPSS

Exploits0

OSV•added 2026/05/11 11:20 p.m.•5 views

MINI-P72F-5CRJ-32FW

Bulletin has no description...

7.5CVSS5.7AI score0.00577EPSS

Exploits0

OSV•added 2026/05/11 11:19 p.m.•5 views

MINI-85WM-WHQ9-P375

Bulletin has no description...

5.3CVSS5.7AI score0.00179EPSS

Exploits0

OSV•added 2026/05/11 11:18 p.m.•4 views

MINI-5WCF-Q463-RW27

Bulletin has no description...

6.1CVSS5.7AI score0.00371EPSS

Exploits0

OSV•added 2026/05/11 11:18 p.m.•5 views

MINI-57VP-2R25-GRC3

Bulletin has no description...

7.5CVSS5.7AI score0.00577EPSS

Exploits0

Circl•added 2026/05/11 10:0 p.m.•18 views

CVE-2026-42950

creationtimestamp| type| source ---|---|--- 2026-05-11 22:00:00+00:00| seen| https://jvn.jp/en/jp/JVN03037325 2026-05-13 15:37:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlqn3qbbyj2k 2026-06-03 01:22:01+00:00| seen|...

5.1CVSS5.5AI score0.00207EPSS

Exploits0References3

Cvelist•added 2026/05/11 8:41 p.m.•46 views

CVE-2026-43883 WWBN AVideo: IDOR in PayPalYPT agreementCancel.json.php Allows Any Authenticated User to Cancel Arbitrary PayPal Subscription Agreements

WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/PayPalYPT/agreementCancel.json.php cancels a PayPal billing agreement using an attacker-supplied agreement parameter without verifying that the authenticated user owns the agreement. A low-privilege...

4.2CVSS0.00167EPSS

Exploits0References2

RedhatCVE•added 2026/05/11 8:26 p.m.•9 views

CVE-2026-42456

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.12.1, GET /api/workspace/:slug/tts/:chatId in AnythingLLM returns the text-to-speech audio for another user's chat response within the same workspace...

4.3CVSS5.7AI score0.00301EPSS

Exploits1References1

RedhatCVE•added 2026/05/11 8:25 p.m.•9 views

CVE-2026-41311

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.7, a circular block reference in % layout % / % block % causes an infinite recursive loop, consuming all available memory 4GB and crashing the Node.js process with FATAL ERROR: JavaScript he...

7.5CVSS5.7AI score0.00382EPSS

Exploits1References1

OSV•added 2026/05/11 7:34 p.m.•2 views

MINI-X8R3-5RR5-WF28

Bulletin has no description...

7.5CVSS5.7AI score0.00577EPSS

Exploits0

OSV•added 2026/05/11 7:34 p.m.•4 views

MINI-X93F-VJ3X-FJ36

Bulletin has no description...

6.1CVSS5.7AI score0.00371EPSS

Exploits0