CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

951618 matches found

RedHat Linux•added 2026/06/17 11:5 p.m.•10 views

Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation

A flaw was found in Apache Thrift. This vulnerability involves improper validation of a certificate with a host mismatch, which could allow a remote attacker to bypass security checks. By presenting a specially crafted certificate, an attacker may impersonate a legitimate server or client. This...

7.3CVSS5.3AI score0.00294EPSS

Exploits0References5

RedHat Linux•added 2026/06/17 11:5 p.m.•6 views

netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended...

8.1CVSS5.3AI score0.00407EPSS

Exploits0References7

NVD•added 2026/06/17 10:16 p.m.•10 views

CVE-2026-12530

Improper neutralization of argument delimiters in the installpackages method in AWS Bedrock AgentCore Python SDK versions = 1.1.3 and 1.6.1 might allow a remote authenticated user to execute arbitrary commands within the Code Interpreter sandbox via crafted package name arguments. To mitigate thi...

8.4CVSS0.00302EPSS

Exploits0References2

Cvelist•added 2026/06/17 9:5 p.m.•16 views

CVE-2026-12530 Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK install_packages()

8.4CVSS0.00302EPSS

Exploits0References2

CVE•added 2026/06/17 9:5 p.m.•44 views

CVE-2026-12530

The issue CVE-2026-12530 affects the AWS Bedrock AgentCore Python SDK install_packages() in versions >= 1.1.3 and

8.4CVSS6AI score0.00302EPSS

Exploits0References2

NVD•added 2026/06/17 8:17 p.m.•10 views

CVE-2026-55201

Evil-WinRM through 3.9, fixed in commit 6ecd570, contains a path traversal vulnerability in the downloaddir function that allows a rogue or compromised remote Windows server to write files outside the intended download directory by returning filenames with traversal sequences from Get-ChildItem...

7.4CVSS0.00304EPSS

Exploits0References3

NVD•added 2026/06/17 8:17 p.m.•7 views

CVE-2026-55202

Tinyproxy through 1.11.3, fixed in commit 09312a1, fails to properly validate the Host header during stathost detection, allowing unauthenticated attackers to access the stats page by injecting a matching Host header or bypass detection via port manipulation. Remote attackers can trigger...

8.8CVSS0.00335EPSS

Exploits0References3

NVD•added 2026/06/17 8:17 p.m.•6 views

CVE-2026-55200

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2transportread that fails to enforce upper bounds on packetlength field. Remote attackers can send crafted SSH packets with excessively large packetlength values to corrupt heap memory and achieve...

9.2CVSS0.00922EPSS

Exploits0References4

OSV•added 2026/06/17 8:17 p.m.•4 views

DEBIAN-CVE-2026-55200

9.2CVSS6AI score0.00922EPSS

Exploits0References1

NVD•added 2026/06/17 8:16 p.m.•8 views

CVE-2026-32682

When NGINX Gateway Fabric is configured using GRPCRoutes, an authenticated, remote attacker with permission to create or modify GRPCRoute resources can cause the NGINX Gateway Fabric control plane to terminate by sending undisclosed GRPCRoute configurations containing backendRef filters. Note:...

7.1CVSS0.00286EPSS

Exploits0References1

NVD•added 2026/06/17 8:16 p.m.•6 views

CVE-2026-11407

Pimcore CMS/DXP version 12.3.8 contains a sandbox bypass vulnerability that allows authenticated administrative attackers to execute arbitrary methods on PHP objects by exploiting empty checkMethodAllowed and checkPropertyAllowed implementations in the custom Twig SecurityPolicy. Attackers can...

8.6CVSS0.00623EPSS

Exploits0References3

CVE•added 2026/06/17 8:7 p.m.•14 views

CVE-2026-11407

PIMCORE CMS/DXP 12.3.8 contains a sandbox bypass in the Twig SecurityPolicy (checkMethodAllowed and checkPropertyAllowed). Authenticated administrative attackers can craft malicious Twig templates via DataObject ClassDefinition Layout\Text to execute arbitrary PHP object methods, perform file rea...

8.6CVSS6.8AI score0.00623EPSS

Exploits0References3

Cvelist•added 2026/06/17 8:7 p.m.•18 views

CVE-2026-11407 Pimcore CMS 12.3.8 Twig Sandbox Bypass via SecurityPolicy checkMethodAllowed

8.6CVSS0.00623EPSS

Exploits0References3

Metasploit•added 2026/06/17 7:3 p.m.•112 views

NTLM Relay to Self (HTTP to LDAP) - Post Exploitation

This module performs an NTLM relay-to-self privilege escalation attack. It starts an HTTP-to-LDAP relay server on the compromised host, then triggers the WebClient service via an ETW event allowing a low-privilege user to start it, and coerces the local machine account to authenticate via...

5.4AI score

Exploits0

EUVD•added 2026/06/17 7:3 p.m.•8 views

EUVD-2026-37784

9.2CVSS5.8AI score0.00922EPSS

Exploits0References3

AlpineLinux•added 2026/06/17 7:3 p.m.•5 views

CVE-2026-55200

9.2CVSS6.2AI score0.00922EPSS

Exploits0

CVE•added 2026/06/17 7:3 p.m.•276 views

CVE-2026-55200

CVE-2026-55200 affects libssh2 up to version 1.11.1. The vulnerability is an out-of-bounds write in ssh2_transport_read() caused by failure to enforce upper bounds on packet_length, allowing remote attackers to send crafted SSH packets to corrupt heap memory and achieve remote code execution. The...

9.2CVSS5.9AI score0.00922EPSS

Exploits0References4