CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/05/21 9:36 a.m.•6 views

Malicious code in @shadowmd/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51bcabb5263ecf1f1259bd5969a921866dbb808da4fda7b9d7708baeb60c21e6 Package name and description impersonate the Open Whisper Systems libsignal-node library. On require, index.js schedules install.js, which locates an...

5.8AI score

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/i915/perf: added a sentinel to xehpoabcounters Arrays passed to reginrangetable should end with an empty record. The patch fixes a bug detected by KASAN with the following signature: BUG: KASAN: global-out-of-bounds in...

7.1CVSS6.2AI score0.00021EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: phy: ralink: mt7621-pci: add sentinel to quirks table By fixing socdevattr to register the SOC as a device, the kernel will encounter an OOPs error in socdevicematchattr. This quirks test was introduced in the staging driver in t...

5.5CVSS5.7AI score0.00049EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в redis

Redis is an open-source, in-memory database that persists data on disk. The redis-cli command-line tool and the redis-sentinel service may be vulnerable to integer overflow when parsing specially crafted large multi-bulk network replies. This issue arises due to a vulnerability in the hiredis...

9CVSS6.7AI score0.00869EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: adc: axp20xadc: Add a missing sentinel to the AXP717 ADC channel maps. The AXP717 ADC channel maps lacks a sentinel entry at the end. This causes a KASAN warning. Please add the missing sentinel entry...

5.5CVSS5.2AI score0.00018EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: clk: bcm: rpi: Prevent out-of-bounds access The while loop in raspberrypidiscoverclocks relies on the assumption that the ID of the last clock element is zero. Since this data comes from the Videocore firmware, and it does not...

7.1CVSS6AI score0.00067EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Add missing sentinel entries to Spectre-BHB MIDR arrays The commit a5951389e58d “arm64: errata: Add newer ARM cores to the spectrebhbloopaffected lists” added some additional CPUs to the Spectre-BHB workaround. Thi...

5.5CVSS6.4AI score0.00125EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: PCI: mt7621: Add sentinel to quirks table Current driver is missing a sentinel in the struct socdeviceattribute array, which causes an oops when assessed by the socdevicematchmt7621pciequirksmatch call. This was only exposed once...

5.5CVSS6.4AI score0.00022EPSS

GithubExploit•added 2026/04/13 4:35 p.m.•64 views

SENTINELSHIELD-ADVANCED-INTRUSION-DETECTION-WEB-PROTECTION-SYSTEM

No d...

5.8AI score

Exploits0

IBM Security Bulletins•added 2026/04/10 2:21 p.m.•5 views

Security Bulletin: Vulnerabilities in lodash, qs might affect IBM Storage Defender Sentinel Anomaly Scan Engine.

Summary IBM Storage Defender Sentinel Anomaly Scan Engine can be affected by vulnerabilities in lodash, qs, and react-router. Vulnerabilities include allowing an attacker to cause improper modification of object attributes, open redirect, and denial of service. More details are described by the...

7.9CVSS6.4AI score0.0005EPSS

Exploits2Affected Software1

OSV•added 2026/04/08 4:31 p.m.•1 views

MAL-2026-2516 Malicious code in sentinel-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5a2ff07802c4546c40d47d3780971506115297a1e8c177be36ad1e003dd62937 The package installs a remote executable that uses a hardcoded Telegram channel for monitoring the user's activity, including regularly taking screenshots, and...

5.8AI score

OSSF Malicious Packages•added 2026/04/08 4:31 p.m.•4 views

Malicious code in sentinel-tool (PyPI)

6AI score

ICS•added 2026/04/07 8:50 p.m.•2 views

Thales Sentinel LDK Runtime Stored XSS

RISK EVALUATION Thales Sentinel LDK Runtime on Windows allows Stored Cross-site Scripting. 2. RECOMMENDED PRACTICES Upgrade to version 10.22 or later. 3. DESCRIPTION Thales Sentinel LDK Runtime on Windows allows Stored Cross-site Scripting. Fixed in Sentinel LDK Runtime 10.22. 4. EXTRA INFO...

RedhatCVE•added 2026/03/28 10:51 a.m.•2 views

CVE-2026-3457

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Thales Sentinel LDK Runtime on Windows allows Stored XSS.This issue affects Sentinel LDK Runtime: before 10.22...

EUVD•added 2026/03/27 9:31 a.m.•2 views

EUVD-2026-16575

NVD•added 2026/03/27 9:16 a.m.•1 views

CVE-2026-3457

8.3CVSS0.00033EPSS

Vulnrichment•added 2026/03/27 9:5 a.m.•2 views

CVE-2026-3457 Stored XSS vulnerability in Sentinel ACC

ATTACKERKB•added 2026/03/27 9:5 a.m.•1 views

CVE-2026-3457

CVE•added 2026/03/27 9:5 a.m.•8 views

CVE-2026-3457

CVE-2026-3457 refers to an stored XSS vulnerability in Thales Sentinel LDK Runtime on Windows, caused by improper neutralization of input during web page generation. The issue affects Sentinel LDK Runtime prior to 10.22 and can lead to stored cross-site scripting with impact on confidentiality (l...