CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

284 matches found

OSV•added 2026/06/12 6:16 p.m.•5 views

ALPINE-CVE-2026-44169

MariaDB server is a community developed fork of MySQL server. From versions 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, a user getting EXECUTE access to a stored routine via a role, could see the routine definition even without SHOW CREATE ROUTINE privilege. This issue has been...

4.3CVSS5.2AI score0.00161EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:38 p.m.•5 views

CVE-2026-21022

Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...

6.9CVSS5.4AI score0.00093EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:38 p.m.•7 views

CVE-2026-21021

Improper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged activity...

6.8CVSS5.4AI score0.00211EPSS

Exploits0References1

Packet Storm News•added 2026/05/23 12:0 a.m.•8 views

Analyzing Concentration, Temporal Routines and Targeting in Public Ransomware Leak Site Data

Ransomware has grown to become one of the most damaging types of cybercrime, affecting private and public organizations in any sector. While early types of ransomware targeted many victims via automated attacks, ransomware groups have started to specifically target organizations and companies in...

5.8AI score

Exploits0

Github Security Blog•added 2026/05/14 4:16 p.m.•9 views

wger Vulnerable to IDOR: Authenticated Users Can Read Any User's Private Workout Session Data via Template Routine API

Summary Any authenticated user can read another user's private workout session notes, exercise history, and training statistics by calling the /logs/ and /stats/ actions on a routine they do not own. The RoutinePermission class grants read access to any authenticated user when a routine has...

5.8AI score0.00051EPSS

Exploits0References2Affected Software1

OSV•added 2026/05/14 4:16 p.m.•4 views

GHSA-CJ9G-27PH-4CGV wger Vulnerable to IDOR: Authenticated Users Can Read Any User's Private Workout Session Data via Template Routine API

7.5CVSS5.8AI score0.00051EPSS

Exploits0References2

EUVD•added 2026/05/13 6:30 p.m.•10 views

EUVD-2026-29907

Improper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged activity...

6.8CVSS5.8AI score0.00211EPSS

Exploits0References2

EUVD•added 2026/05/13 6:30 p.m.•7 views

EUVD-2026-29908

Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...

6.9CVSS5.8AI score0.00093EPSS

Exploits0References2

OSV•added 2026/05/13 3:33 p.m.•4 views

GHSA-V25J-WQCW-FVHJ wger has an Uncontrolled Resource Consumption issue

Summary Any authenticated user can create a routine spanning an arbitrarily long date range e.g. 100 years and then trigger the datesequence computation via any of the routine detail endpoints. The server iterates once per day in an unbounded while loop with no maximum duration validation, causin...

6.5CVSS5.8AI score

Exploits0References3

NVD•added 2026/05/13 6:16 a.m.•8 views

CVE-2026-21021

Improper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged activity...

6.8CVSS0.00211EPSS

Exploits0References1

NVD•added 2026/05/13 6:16 a.m.•7 views

CVE-2026-21022

Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information...

6.9CVSS0.00093EPSS

Exploits0References1

CVE•added 2026/05/13 4:56 a.m.•15 views

CVE-2026-21022

Technical details about CVE-2026-21022 are not publicly available in the provided documents. Monitor for updates from Samsung security advisories and CVE listings.

6.9CVSS5.8AI score0.00093EPSS

Exploits0References1Affected Software1