Lucene search
K

17073 matches found

OSV
OSV
added 6 days ago2 views

UBUNTU-CVE-2026-53432

fzf is vulnerable to Integer Overflow leading to crash in FuzzyMatchV2 function. When input line length is approximately 2,200,000 bytes and pattern length is 999 bytes, the product overflows. The Go runtime detects the invalid slice bounds and terminates the process immediately with a...

7.5CVSS5.8AI score0.00243EPSS
Exploits0References5
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-40302

fzf is vulnerable to Integer Overflow leading to crash in FuzzyMatchV2 function. When input line length is approximately 2,200,000 bytes and pattern length is 999 bytes, the product overflows. The Go runtime detects the invalid slice bounds and terminates the process immediately with a...

5.6CVSS5.8AI score0.00243EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 6 days ago4 views

CVE-2026-53432

fzf is vulnerable to Integer Overflow leading to crash in FuzzyMatchV2 function. When input line length is approximately 2,200,000 bytes and pattern length is 999 bytes, the product overflows. The Go runtime detects the invalid slice bounds and terminates the process immediately with a...

5.6CVSS5.8AI score0.00243EPSS
Exploits0References4
CVE
CVE
added 6 days ago10 views

CVE-2026-53432

CVE-2026-53432 (fzf) affects the fzf project, specifically the FuzzyMatchV2 function. Affected scenario involves processing extremely long input lines (≈2,200,000 bytes) with a pattern length of 999 bytes, which causes an integer overflow and triggers a non-recoverable panic, terminating the proc...

7.5CVSS5.8AI score0.00243EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 6 days ago4 views

CVE-2026-53432

fzf is vulnerable to Integer Overflow leading to crash in FuzzyMatchV2 function. When input line length is approximately 2,200,000 bytes and pattern length is 999 bytes, the product overflows. The Go runtime detects the invalid slice bounds and terminates the process immediately with a...

7.5CVSS5.8AI score0.00243EPSS
Exploits0
RedhatCVE
RedhatCVE
added 6 days ago10 views

CVE-2026-55276

A flaw was found in Apache Tomcat. Due to an always-incorrect control flow implementation, special roles and empty authorization constraints were not accurately included when the effective web.xml configuration was logged. This could lead to a security oversight where administrators might...

9.1CVSS5.8AI score0.00368EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added last week4 views

kernel: ALSA: aloop: Fix peer runtime UAF during format-change stop

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...

7.8CVSS6.8AI score0.00103EPSS
Exploits0References5
Cvelist
Cvelist
added last week22 views

CVE-2026-54888 Uncontrolled recursion over deeply nested Markdown crashes the BEAM in mdex

Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir %MDEx.Document struct and Comrak's internal AST using two mutually recursive Rust functions, exdocumenttocomrakast and comrakasttoexdocument, in the NI...

6.9CVSS0.00168EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added last week5 views

CVE-2026-53206

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds check for firmware runtime memory Validate that the firmware runtime memory specified in the image header is properly aligned and sized to hold the firmware image. This prevents errors during memory...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References4
OSV
OSV
added last week4 views

PYSEC-2026-329 Django-Unicorn Class Pollution Vulnerability, Leading to XSS, DoS and Authentication Bypass

Summary Django-Unicorn is vulnerable to python class pollution vulnerability, a new type of vulnerability categorized under CWE-915. The vulnerability arises from the core functionality setpropertyvalue, which can be remotely triggered by users by crafting appropriate component requests and feedi...

9.3CVSS6.7AI score0.0047EPSS
Exploits0References7
IBM Security Bulletins
IBM Security Bulletins
added last week6 views

Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.18.0 shipped with IBM Cloud Pak for Business Automation iFixes for June 2026

Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation June 2026 security fixes update this dependency beyond 4.18.0 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2024-45310 DESCRIPTION: runc is a CL...

9.8CVSS8.4AI score0.01945EPSS
Exploits4Affected Software2
OSSF Malicious Packages
OSSF Malicious Packages
added last week8 views

Malicious code in endpointmap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa2ddbcbdd90508af14415a021644c1ab8a57e432b526425e4c5128b23f897bb endpointmap advertises itself as a REST endpoint registry but exhibits a two-package smuggle pattern. lib/registry.js exports two non-printable byte...

5.8AI score
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added last week5 views

Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to multiple Node.js modules (CVE-2026-45736, CVE-2026-45149, CVE-2026-3449 & CVE-2026-8723)

Summary IBM App Connect Enterprise Connector Discovery and OpenAPI Editor, IBM App Connect Enterprise Discovery Connectors and IBM App Connect Enterprise runtime are vulnerable to multiple vulnerabilities due to multiple Node.js modules. Vulnerability Details CVEID:CVE-2026-45736 DESCRIPTION: ws ...

7.5CVSS5.9AI score0.00717EPSS
Exploits1Affected Software1
RedHat Linux
RedHat Linux
added 2026/06/29 2:21 a.m.10 views

libxslt: use-after-free with key data stored cross-RVT

A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...

5.5CVSS6AI score0.00161EPSS
Exploits0References6
Fedora
Fedora
added 2026/06/28 1:10 a.m.5 views

[SECURITY] Fedora 43 Update: moby-engine-29.6.0-1.fc43

Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance a nd everything in between =E2=80=94 and...

9.1CVSS6.3AI score0.005EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.5 views

Fedora 43 : dotnet10.0 (2026-a424c1061e)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a424c1061e advisory. Update to .NET SDK 10.0.109 and Runtime 10.0.9 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...

7.8CVSS7.2AI score0.0243EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.10 views

Fedora 44 : dotnet9.0 (2026-0dce096c13)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0dce096c13 advisory. Update to .NET SDK 9.0.118 and Runtime 9.0.17 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...

7.8CVSS7.2AI score0.0243EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.6 views

Fedora 44 : dotnet8.0 (2026-041785a779)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-041785a779 advisory. Update to .NET SDK 8.0.128 and Runtime 8.0.28 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...

7.8CVSS7.2AI score0.0243EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.9 views

Fedora 43 : dotnet8.0 (2026-2f80369c73)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2f80369c73 advisory. Update to .NET SDK 8.0.128 and Runtime 8.0.28 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...

7.8CVSS7.2AI score0.0243EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.10 views

Fedora 44 : dotnet10.0 (2026-dec081126f)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-dec081126f advisory. Update to .NET SDK 10.0.109 and Runtime 10.0.9 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...

7.8CVSS7.2AI score0.0243EPSS
Exploits0References4
Rows per page
Query Builder