CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/06/12 9:48 p.m.•28 views

CVE-2026-41155 GPU DDK - SharedSecMem mapped into all GPU virtual address spaces

0.00106EPSS

Vulnrichment•added 2026/06/12 9:48 p.m.•7 views

CVE-2026-41155 GPU DDK - SharedSecMem mapped into all GPU virtual address spaces

5.4AI score0.00106EPSS

CVE•added 2026/06/12 9:48 p.m.•9 views

CVE-2026-41155

The CVE-2026-41155 entry describes a vulnerability in GPU DDK where shared secure memory allocations are mapped into all GPU virtual address spaces, enabling cooperative data transfer between secure GPU processes and potential disruption of others, causing image corruption or GPU hardware recover...

5.5CVSS5.4AI score0.00106EPSS

EUVD•added 2026/06/12 3:49 p.m.•6 views

EUVD-2026-36500

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15 fail to sanitize the Remote Cluster API response on PATCH operations, which allows authenticated users with the managesecureconnections permission to obtain remote cluster authentication tokens via a PATCH request to the...

6.5CVSS5.4AI score0.00255EPSS

Vulnrichment•added 2026/06/12 3:49 p.m.•9 views

CVE-2026-7184 Mattermost Remote Cluster PATCH API Leaks Authentication Tokens

6.5CVSS5.4AI score0.00255EPSS

Cvelist•added 2026/06/12 3:49 p.m.•29 views

CVE-2026-7184 Mattermost Remote Cluster PATCH API Leaks Authentication Tokens

6.5CVSS0.00255EPSS

OSV•added 2026/06/12 12:28 p.m.•5 views

OESA-2026-2678 perl-Archive-Tar security update

archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support...

9.1CVSS5.3AI score0.00467EPSS

NVD•added 2026/06/12 7:16 a.m.•12 views

CVE-2026-12059

The SSH service of CelloOS developed by Cellopoint has an Improper Access Control vulnerability, allowing authenticated remote attackers to bypass the enforced command restrictions and execute operating system commands outside the originally authorized scope...

8.8CVSS0.0045EPSS

Cvelist•added 2026/06/12 6:30 a.m.•32 views

CVE-2026-12059 Cellopoint｜CelloOS - Improper Access Control

8.8CVSS0.0045EPSS

SUSE CVE•added 2026/06/12 2:32 a.m.•9 views

SUSE CVE-2026-8863

Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to SecureBoot bypass. An attacker with administrative privileges or the ability to modify the boot process could use one of the vulnerable shim bootloaders to bypass Secure Boot protections and execute arbitrary code before the...

7.8CVSS6AI score0.00078EPSS

SUSE CVE•added 2026/06/12 2:25 a.m.•9 views

SUSE CVE-2026-48855

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh sshsftpd module allows File Discovery. The SSHFXPREADLINK handler in sshsftpd sends the raw result of file:readlink/2 to the client without calling chrootfilename/2 to strip the backend root prefix. An...

2.3CVSS5.3AI score0.00276EPSS

Fedora•added 2026/06/12 1:0 a.m.•7 views

[SECURITY] Fedora 44 Update: openssl-3.5.7-1.fc44

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

9.1CVSS5.4AI score0.01409EPSS

Exploits0

Positive Technologies•added 2026/06/12 12:0 a.m.•10 views

PT-2026-48940

Mattermost versions 11.6.x = 11.6.1, 11.5.x = 11.5.4, 10.11.x = 10.11.15 fail to sanitize the Remote Cluster API response on PATCH operations, which allows authenticated users with the manage secure connections permission to obtain remote cluster authentication tokens via a PATCH request to the...

6.5CVSS5.3AI score0.00255EPSS

Positive Technologies•added 2026/06/12 12:0 a.m.•10 views

PT-2026-49021

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An attacker can cooperatively transfer data between secure GPU processes using shared secure memory allocations within the kernel module. This flaw allows for th...

5.3AI score0.00106EPSS

Positive Technologies•added 2026/06/12 12:0 a.m.•10 views

PT-2026-48830

8.8CVSS5.5AI score0.0045EPSS

Positive Technologies•added 2026/06/12 12:0 a.m.•12 views

PT-2026-48863

Name of the Vulnerable Software and Affected Versions MobaXterm Personal Edition Portable version 26.3 Build 5154 Description The application allows arbitrary code execution by loading malicious DLLs from a predictable temporary directory that can be modified by the user. During startup, the...

8.5CVSS5.9AI score0.00108EPSS

NVD•added 2026/06/11 10:16 p.m.•10 views

CVE-2026-45172

Due to incomplete input validation in Idira Privileged Session Manager for SSH PSMP versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6, an authenticated, low-privileged user could potentially execute arbitrary commands on the PSMP host. CyberArk Security Bulletins: CA26-17 and CA26-18...

8.7CVSS0.00465EPSS

Vulnrichment•added 2026/06/11 9:41 p.m.•8 views

CVE-2026-45172 Idira Privileged Session Manager for SSH (PSMP): Arbitrary Command Execution via Improper Neutralization of Special Elements used in an OS Command

8.7CVSS5.7AI score0.00465EPSS

CVE•added 2026/06/11 9:41 p.m.•22 views

CVE-2026-45172

The CVE describes an input validation flaw in Idira Privileged Session Manager for SSH (PSMP). A authenticated, low-privilege user could potentially execute arbitrary commands on the PSMP host due to incomplete input validation in PSMP versions prior to 15.0.2, 14.6.3, 14.2.5, and 14.0.6. Affecte...

8.7CVSS5.9AI score0.00465EPSS