CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

133 matches found

RockyLinux 10 : galera and mariadb11.8 (RLSA-2026:19021)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19021 advisory. MariaDB: MariaDB: Remote Code Execution or Denial of Service via JSONSCHEMAVALID function vulnerability CVE-2026-32710 Tenable has extracted the preceding...

9.9CVSS5.9AI score0.00114EPSS

Exploits1References3

Redos•added 6 days ago•7 views

ROS-20260529-73-0025

The vulnerability of the JSONSCHEMAVALID function in the MariaDB database management system is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to cause service interruptions and execute arbitrary code by sending a specially crafted JSON file...

9.9CVSS6.3AI score0.00114EPSS

Exploits1

Redos•added 6 days ago•7 views

ROS-20260529-73-0026

9.9CVSS6.3AI score0.00114EPSS

Exploits1

OSV•added last week•7 views

RLSA-2026:19182 Moderate: mariadb:11.8 security update

MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: MariaDB: MariaDB: Remote Code Execution or Denial of Service via JSONSCHEMAVALID function vulnerability CVE-2026-32710 For more details about the security issues, including the impact...

7.5CVSS5.9AI score0.00114EPSS

Exploits1References2

Positive Technologies•added 2026/05/27 12:0 a.m.•3 views

PT-2026-44064

Name of the Vulnerable Software and Affected Versions Budibase versions prior to 3.39.0 Description The fetchToken function in the OAuth2 SDK performs a POST request to a URL provided by the builder using node-fetch. This process bypasses the isBlacklisted check used by all other outbound fetch...

8.5CVSS5.8AI score0.00032EPSS

Exploits0References4

OSV•added 2026/05/19 8:53 a.m.•4 views

BIT-MONGODB-2026-8200 Schema validation log messages may not redact user data

When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not have all user data redacted. This issue impacts MongoDB Server v7.0 versions prior to 7.0.34, v8.0 versions prior to 8.0.23, v8.2 version...

5.3CVSS5.8AI score0.00032EPSS

Exploits0References2

Tenable Nessus•added 2026/05/19 12:0 a.m.•3 views

RHEL 9 : mariadb:11.8 (RHSA-2026:19182)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19182 advisory. MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Security Fixes: MariaDB: MariaDB: Remote Code...

9.9CVSS6AI score0.00114EPSS

Exploits1References5

Positive Technologies•added 2026/05/18 12:0 a.m.•5 views

PT-2026-41737

Name of the Vulnerable Software and Affected Versions Dokploy versions prior to 0.26.7 Description OS command injection occurs due to inadequate input sanitization, lack of schema validation, and direct shell interpolation. User-controlled application names are processed by the cleanAppName...

9.9CVSS5.8AI score0.00328EPSS

Exploits0References4

Tenable Nessus•added 2026/05/14 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-8200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When schema validation is enabled on a collection and an update or insert would violate the collection's schema, the local server log message generated may not...

5.3CVSS5.8AI score0.00032EPSS

Exploits0References2

EUVD•added 2026/05/13 6:30 p.m.•5 views

EUVD-2026-29891

4.8CVSS5.8AI score0.00032EPSS

Exploits0References2

NVD•added 2026/05/13 4:17 a.m.•4 views

CVE-2026-8200

5.3CVSS0.00032EPSS

Exploits0References1

UbuntuCve•added 2026/05/13 4:17 a.m.•6 views

CVE-2026-8200

5.3CVSS5.8AI score0.00032EPSS

Exploits0References1

OSV•added 2026/05/13 4:17 a.m.•1 views

UBUNTU-CVE-2026-8200

5.3CVSS5.8AI score0.00032EPSS

Exploits0References2

Vulnrichment•added 2026/05/13 12:8 a.m.•6 views

CVE-2026-8200 Schema validation log messages may not redact user data

4.8CVSS5.8AI score0.00032EPSS

Exploits0References1

MongoDB•added 2026/05/13 12:8 a.m.•7 views

Schema validation log messages may not redact user data

5.3CVSS5.8AI score0.00032EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/05/13 12:8 a.m.•3 views

CVE-2026-8200

4.8CVSS5.8AI score0.00032EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/05/13 12:8 a.m.•30 views

CVE-2026-8200 Schema validation log messages may not redact user data

4.8CVSS0.00032EPSS

Exploits0References1

CVE•added 2026/05/13 12:8 a.m.•32 views

CVE-2026-8200

The CVE-2026-8200 entry covers MongoDB Server: affected versions are v7.0 before 7.0.34, v8.0 before 8.0.23, v8.2 before 8.2.9, and v8.3 before 8.3.2. When schema validation is enabled and an update/insert would violate the schema, the generated local server log message may not redact all user da...

5.3CVSS5.8AI score0.00032EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2026/05/13 12:0 a.m.•6 views

PT-2026-40529

Name of the Vulnerable Software and Affected Versions MongoDB Server versions prior to 7.0.34 MongoDB Server versions prior to 8.0.23 MongoDB Server versions prior to 8.2.9 MongoDB Server versions prior to 8.3.2 Description When schema validation is enabled on a collection, an update or insert...

5.3CVSS5.8AI score0.00032EPSS

Exploits0References4

NVD•added 2026/05/11 10:22 p.m.•8 views

CVE-2026-43890

Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization pattern. When both collectionId and documentId are supplied in the request, the route...

7.7CVSS0.00032EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by