CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/04/02 10:8 p.m.•5 views

vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin

A flaw was found in Vim, an open-source command-line text editor. Specifically, an operating system OS command injection vulnerability exists in the netrw standard plugin. A remote attacker could exploit this by tricking a user into opening a specially crafted URL, such as one using the scp://...

7.8CVSS6.1AI score0.01162EPSS

Exploits0References7

Metasploit•added 2026/04/02 7:2 p.m.•209 views

HTTPS Fetch, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an HTTPS server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/https/x86/peinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show optio...

5.5AI score

Metasploit•added 2026/04/02 7:2 p.m.•147 views

HTTP Fetch, Windows Upload/Execute, Hidden Bind TCP Stager

Fetch and execute an x86 payload from an HTTP server. Uploads an executable and runs it staged. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/http/x86/upexec/bindhiddentcp msf payloadbindhiddentcp show actions...

5.5AI score

Metasploit•added 2026/04/02 7:2 p.m.•149 views

HTTP Fetch, Hidden Bind TCP Stager

Fetch and execute an x86 payload from an HTTP server. Listen for a connection from a hidden port and spawn a command shell to the allowed host. Module Options msf use payload/cmd/windows/http/x86/patchupmeterpreter/bindhiddentcp msf payloadbindhiddentcp show actions ...actions... msf...

5.5AI score

Debian CVE•added 2026/04/02 9:45 a.m.•3 views

CVE-2026-5246

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature...

8.1CVSS5.1AI score0.00622EPSS

Vulnrichment•added 2026/04/01 11:15 p.m.•1 views

CVE-2026-5315 Nothings stb TTF File stb_truetype.h stbtt__buf_get8 out-of-bounds

A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbttbufget8 in the library stbtruetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The exploit has been publicly...

5.3CVSS5.5AI score0.00506EPSS

Exploits1References4

Cvelist•added 2026/04/01 11:3 p.m.•14 views

CVE-2025-66486 Multiple vulnerabilities have been addressed in IBM Aspera Shares

IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...

4.8CVSS0.00241EPSS

ATTACKERKB•added 2026/04/01 11:3 p.m.•3 views

CVE-2025-66486

4.8CVSS5.9AI score0.00241EPSS

Exploits0References2Affected Software1

AlpineLinux•added 2026/04/01 8:51 p.m.•6 views

CVE-2026-34545

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 32768 can write...

8.4CVSS6.5AI score0.00463EPSS

Exploits1References3

Cisco•added 2026/04/01 4:0 p.m.•19 views

Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability

A vulnerability in Cisco Smart Software Manager On-Prem SSM On-Prem could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected SSM On-Prem host. This vulnerability is due to the unintentional exposure of an internal service. An...

9.8CVSS6.2AI score0.00914EPSS

EUVD•added 2026/04/01 9:31 a.m.•2 views

EUVD-2026-17822

Dell Secure Connect Gateway SCG 5.0 Appliance and Application versions 5.28.00.xx to 5.32.00.xx, contains an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability. A high privileged attacker within the management network could potentially exploit this...

NVD•added 2026/04/01 8:16 a.m.•4 views

CVE-2026-27101

7.2CVSS0.00381EPSS

ATTACKERKB•added 2026/04/01 7:27 a.m.•2 views

CVE-2026-27101

Vulnrichment•added 2026/04/01 7:27 a.m.•1 views

CVE-2026-27101

AlpineLinux•added 2026/04/01 4:41 a.m.•9 views

CVE-2026-5287

Use after free in PDF in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

8.8CVSS6.3AI score0.00417EPSS

Positive Technologies•added 2026/04/01 12:0 a.m.•2 views

PT-2026-29478

CNNVD•added 2026/04/01 12:0 a.m.•4 views

Xenforo 安全漏洞

Xenforo is a forum software developed by the Xenforo company. Versions of Xenforo prior to 2.3.9 and 2.2.18 contained security vulnerabilities, which stemmed from allowing authenticated malicious administrator users to execute code remotely...

8.6CVSS6AI score0.00666EPSS

Positive Technologies•added 2026/04/01 12:0 a.m.•2 views

PT-2026-29690

Name of the Vulnerable Software and Affected Versions Open vSwitch affected versions not specified Description An issue exists in Open vSwitch related to invalid memory access within the conntrack FTP algorithm. Specifically, crafted FTP payloads can trigger invalid memory accesses, potentially...

5.9CVSS6.1AI score0.00405EPSS

Exploits0References45

Amazon•added 2026/04/01 12:0 a.m.•3 views

Important: gstreamer1-plugins-bad-free

Issue Overview: Various out-of-bounds reads and writes in the DVB subtitle decoder that can cause crashes for certain input files. CVE-2026-2923 GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary co...

7.8CVSS7.5AI score0.00648EPSS