CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 3 days ago•6 views

CVE-2025-71321

CVE-2025-71321 concerns the Python toolset picker scan showing an arbitrary file writing vulnerability in the package before version 0.0.33. The root cause is bypassing the dangerous blocklist by abusing distutils.file_util.write_file, enabling attackers to craft malicious pickle objects that ove...

9.8CVSS6AI score0.00624EPSS

EUVD•added 3 days ago•5 views

EUVD-2026-37736

Dell PowerFlex Manager, versions Versions, contains an Improper Access Control vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service...

7.1CVSS5.4AI score0.00183EPSS

Cvelist•added 3 days ago•28 views

CVE-2026-35066

7.1CVSS0.00183EPSS

EUVD•added 3 days ago•5 views

EUVD-2026-37734

4.3CVSS5.4AI score0.00195EPSS

Cvelist•added 3 days ago•26 views

CVE-2026-35162

4.3CVSS0.00195EPSS

CVE•added 3 days ago•7 views

CVE-2026-35162

Technical details about CVE-2026-35162 are not publicly available in the provided documents. Monitor for updates from Dell and security advisories.

4.3CVSS5.4AI score0.00195EPSS

Cvelist•added 3 days ago•28 views

CVE-2026-35065

Dell PowerFlex Manager, versions Versions, contains a Missing Authentication for Critical Function vulnerability. An unauthenticated attacker with adjacent network access could potentially exploit this vulnerability, leading to Code execution, Denial of service, Information disclosure, Informatio...

8.8CVSS0.00334EPSS

RedHat Linux•added 3 days ago•6 views

Important: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

9.8CVSS5.6AI score0.00605EPSS

Exploits0References19

RedHat Linux•added 3 days ago•5 views

firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...

7.5CVSS5.2AI score0.00413EPSS

Exploits0References6

RedhatCVE•added 3 days ago•7 views

CVE-2026-12199

A flaw was found in the nltk component, specifically in the nltk.app.wordnetapp. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted GET request to the WordNet Browser HTTP server when it is running in its default mode. This allows the attacker to...

7.5CVSS7.3AI score0.00454EPSS

Exploits0References4

NVD•added 3 days ago•5 views

CVE-2026-54417

An integer overflow in the mtarnext function in src/microtar.c in rxi microtar 0.1.0 allows a remote attacker to cause a denial of service uncontrolled CPU consumption / infinite loop via a crafted tar archive. mtarnext computes the offset to the next record as rounduph.size, 512 +...

8.7CVSS0.00417EPSS

NVD•added 3 days ago•6 views

CVE-2026-10641

Zephyr's Bluetooth Classic Hands-Free Profile HFP Hands-Free role parser subsys/bluetooth/host/classic/hfphf.c contains an out-of-bounds write. During Service Level Connection setup the HF sends AT+CIND=? and parses the AG's +CIND: response in cindhandle, which assigns a per-entry counter index a...

7.1CVSS0.00175EPSS

RedHat Linux•added 3 days ago•4 views

389-ds-base: 389-ds-base: unbounded LDAP controls count in get_ldapmessage_controls_ext() causes CPU and heap amplification (remote DoS)

A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousands of minimal controls...

7.5CVSS5.2AI score0.00815EPSS

Exploits0References4

RedHat Linux•added 3 days ago•8 views

Important: Red Hat Security Advisory: redhat-ds:11 security update

An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.7 E4S for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS5.3AI score0.00815EPSS

Cvelist•added 3 days ago•25 views

CVE-2026-55738 Stack Buffer Overflow in rxi/microtar raw_to_header() via non-null-terminated TAR name field

A stack-based buffer overflow exists in the rawtoheader function in src/microtar.c in rxi microtar 0.1.0. The function copies the 100-byte name and linkname fields of a TAR header with strcpy without guaranteeing null termination of the source. The POSIX ustar format permits these fixed-width...

8.8CVSS0.00635EPSS

EUVD•added 3 days ago•4 views

EUVD-2026-37712

8.8CVSS6.2AI score0.00635EPSS

Cvelist•added 3 days ago•25 views

CVE-2026-54417 Integer Overflow in rxi/microtar mtar_next() Causes Infinite Loop DoS

8.7CVSS0.00417EPSS

EUVD•added 3 days ago•5 views

EUVD-2026-37704

8.7CVSS5.5AI score0.00417EPSS

NVD•added 3 days ago•5 views

CVE-2026-5667

Use of Hard-coded Credentials vulnerability in Mitsubishi Electric Room Air Conditioners for Japan and outside Japan; Wireless LAN Adapters for Room Air Conditioners for Japan and outside Japan; Wireless LAN Adapters for Packaged Air Conditioners for Japan and outside Japan; Refrigerators for...

7.2CVSS0.00151EPSS