CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

56 matches found

OSV•added 2026/05/26 12:1 p.m.•6 views

RLSA-2026:20614 Important: ruby:3.3 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 For more details about the security issues, including...

8.1CVSS6.2AI score0.00048EPSS

Exploits0References2

Tenable Nessus•added 2026/05/26 12:0 a.m.•8 views

RHEL 8 : ruby:3.3 (RHSA-2026:20614)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:20614 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management task...

8.1CVSS6.2AI score0.00048EPSS

Exploits0References4

Tenable Nessus•added 2026/05/19 12:0 a.m.•8 views

Oracle Linux 9 : ruby:3.3 (ELSA-2026-18030)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-18030 advisory. - Fix arbitrary code execution via deserialization bypass in ERB. CVE-2026-41316 Resolves: RHEL-171255 - Fix possible denial of service in resolv gem...

9.8CVSS7.3AI score0.0883EPSS

Exploits0References2

Amazon•added 2026/05/15 12:0 a.m.•3 views

Important: ruby3.4

Issue Overview: ERB is a templating system for Ruby. Ruby 2.7.0 before ERB 2.2.0 was published on rubygems.org introduced an @init instance variable guard in ERBresult and ERBrun to prevent code execution when an ERB object is reconstructed via Marshal.load deserialization. However, three other...

8.1CVSS6.2AI score0.00048EPSS

Chainguard•added 2026/05/06 1:17 a.m.•7 views

CVE-2026-42258 vulnerabilities

Vulnerabilities for packages: ruby3.4-net-imap, ruby3.3-net-imap, ruby4.0-rails, ruby4.0-net-imap, ruby3.4-rails, ruby3.2-net-imap, ruby3.2-rails, logstash, ruby3.3-rails, gitlab-rails-ce-fips, gitlab-rails-ce, kube-logging-operator, logstash-fips...

9.8CVSS5.8AI score0.00092EPSS

Chainguard•added 2026/05/06 1:17 a.m.•5 views

CVE-2026-42257 vulnerabilities

Vulnerabilities for packages: ruby3.4-net-imap, ruby3.3-net-imap, ruby4.0-rails, ruby4.0-net-imap, ruby3.4-rails, ruby3.2-net-imap, ruby3.2-rails, logstash, ruby3.3-rails, gitlab-rails-ce-fips, gitlab-rails-ce, kube-logging-operator, logstash-fips...

9.8CVSS5.8AI score0.00016EPSS

Chainguard•added 2026/05/06 1:17 a.m.•9 views

CVE-2026-42246 vulnerabilities

Vulnerabilities for packages: ruby3.4-net-imap, ruby3.3-net-imap, ruby4.0-rails, ruby4.0-net-imap, ruby3.4-rails, ruby3.2-net-imap, ruby3.2-rails, logstash, ruby3.3-rails, gitlab-rails-ce-fips, logstash-fips, gitlab-rails-ce, kube-fluentd-operator, kube-logging-operator...

7.6CVSS5.8AI score0.00016EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в ruby2.5

REXML is an XML toolkit for Ruby. The REXML gem prior to version 3.3.9 has a ReDoS vulnerability when it parses an XML document containing many digits between “&” and “x…” in a hexadecimal character reference &x…. This issue does not occur in Ruby 3.2 or later versions. Ruby 3.1 is the only...

8.7CVSS6.7AI score0.01645EPSS

Exploits0References2

Wolfi•added 2026/04/11 2:52 a.m.•3 views

GHSA-Q2WW-5357-X388 vulnerabilities

Vulnerabilities for packages: logstash, ruby3.4-rails, ruby3.2-rails...

Wolfi•added 2026/04/11 2:52 a.m.•3 views

GHSA-8VQR-QJWX-82MW vulnerabilities

Vulnerabilities for packages: logstash, ruby3.4-rails, ruby3.2-rails...

Wolfi•added 2026/04/11 2:52 a.m.•3 views

CVE-2026-34829 vulnerabilities

Vulnerabilities for packages: logstash, ruby3.4-rails, ruby3.2-rails...

7.5CVSS5.8AI score0.00065EPSS

Wolfi•added 2026/04/11 2:52 a.m.•3 views

CVE-2026-34230 vulnerabilities

Vulnerabilities for packages: logstash, ruby3.4-rails, ruby3.2-rails...

7.5CVSS5.8AI score0.00022EPSS

Wolfi•added 2026/04/11 2:52 a.m.•2 views

CVE-2026-26962 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, ruby3.2-rails...

6.5CVSS5.8AI score0.00022EPSS

Chainguard•added 2026/04/06 1:18 a.m.•2 views

GHSA-VGPV-F759-9WX3 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, ruby3.2-rails, gitlab-cng, logstash, pact-broker-docker-fips, gitlab-rails-ce-fips, gitlab-rails-ce, pact-broker-docker...

Chainguard•added 2026/04/06 1:18 a.m.•4 views

GHSA-Q2WW-5357-X388 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, ruby3.2-rails, gitlab-cng, logstash, pact-broker-docker-fips, gitlab-rails-ce-fips, gitlab-rails-ce, pact-broker-docker...

Chainguard•added 2026/04/06 1:18 a.m.•2 views

GHSA-QFGR-CRR9-7R49 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, ruby3.2-rails, logstash, pact-broker-docker-fips, pact-broker-docker...

Chainguard•added 2026/04/06 1:18 a.m.•7 views

CVE-2026-32762 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, ruby3.2-rails, logstash, pact-broker-docker-fips, pact-broker-docker...

6.5CVSS5.8AI score0.00048EPSS

Chainguard•added 2026/04/06 1:18 a.m.•3 views

GHSA-V6X5-CG8R-VV6X vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, ruby3.2-rails, logstash, pact-broker-docker-fips, pact-broker-docker...

Wolfi•added 2026/04/04 7:48 a.m.•3 views

GHSA-625H-95R8-8XPM vulnerabilities

Vulnerabilities for packages: ruby3.3-rack...

Chainguard•added 2026/04/02 1:17 a.m.•2 views

GHSA-53P3-C7VP-4MCC vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, ruby3.3-rails, ruby3.2-rails, ruby4.0-rails...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by