CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/11 5:57 p.m.•6 views

CVE-2026-48734

A flaw was found in ImageMagick. A remote attacker could exploit this vulnerability by tricking a user into processing a specially crafted MVG Magick Vector Graphics file. This could lead to a stack overflow due to a missing depth or visited-set check, resulting in a denial of service DoS for the...

5.5CVSS5.5AI score0.00107EPSS

Exploits0References4

Mageia•added 2026/06/11 4:55 p.m.•7 views

Updated gnupg2 packages fix security vulnerabilities

CVE-2025-68973, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. CVE-2026-24882, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC key...

8.4CVSS7.3AI score0.00447EPSS

Exploits2References5

OSV•added 2026/06/11 4:55 p.m.•4 views

MGASA-2026-0197 Updated gnupg2 packages fix security vulnerabilities

8.4CVSS7.3AI score0.00447EPSS

Exploits2References6

RedHat Linux•added 2026/06/11 11:39 a.m.•5 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS6.5AI score0.00514EPSS

Exploits0References5

SUSE CVE•added 2026/06/11 11:14 a.m.•4 views

SUSE CVE-2026-48734

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions 6.9.13-49 and 7.1.2-24...

5.5CVSS5.2AI score0.00107EPSS

RedhatCVE•added 2026/06/11 2:59 a.m.•7 views

CVE-2026-41711

Applications using Spring Data Commons may be vulnerable to a Denial of Service DoS attack leading to a StackOverflowException when parsing Sort parameters. Affected versions: Spring Data Commons 4.0.0 through 4.0.5; 3.5.0 through 3.5.11; 3.4.0 through 3.4.14; 3.3.0 through 3.3.16; 3.2.0 through...

5.9CVSS5.4AI score0.00274EPSS

RedhatCVE•added 2026/06/11 2:59 a.m.•7 views

CVE-2026-44634

SimpleBLE is a cross-platform library and bindings for Bluetooth Low Energy BLE. Prior to version 0.14.0, there are multiple stack-based buffer overflow vulnerabilities in SimpleBLE. There is a stack overflow vulnerability in the dongl backend’s Protocol::simpleblewrite function local,...

8.7CVSS5.8AI score0.00333EPSS

Positive Technologies•added 2026/06/11 12:0 a.m.•7 views

PT-2026-48725

Name of the Vulnerable Software and Affected Versions GStreamer affected versions not specified Description A stack buffer overflow exists in the GStreamer H.265 codec parser library gst-plugins-bad. The issue occurs when parsing a buffering period SEI message, where the parser utilizes an...

6.5CVSS5.6AI score0.00227EPSS

Exploits0References10

Tenable Nessus•added 2026/06/11 12:0 a.m.•8 views

FreeBSD : Erlang/OTP -- stack overflow in ei_s_print_term for very large integer terms (d87de755-64d4-11f1-ab11-4c526214c986)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d87de755-64d4-11f1-ab11-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-xcxj-5pg2-v72j reports: Fixed a stack overflow i...

6.9CVSS5.4AI score0.00138EPSS

Tenable Nessus•added 2026/06/11 12:0 a.m.•5 views

TencentOS Server 2: libxml2 (TSSA-2026:0497)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0497 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

6.2CVSS6AI score0.00144EPSS

NVD•added 2026/06/10 11:16 p.m.•6 views

CVE-2026-48734

5.5CVSS0.00107EPSS

OSV•added 2026/06/10 11:16 p.m.•3 views

DEBIAN-CVE-2026-48734

5.5CVSS5.4AI score0.00107EPSS

NVD•added 2026/06/10 11:16 p.m.•6 views

CVE-2026-46557

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-23, due to a missing depth check a stack overflow can occur in the fx operation by passing a crafted argument. This issue has been patched in version 7.1.2-23...

6.2CVSS0.00157EPSS

OSV•added 2026/06/10 11:16 p.m.•2 views

UBUNTU-CVE-2026-48734

5.5CVSS5.2AI score0.00107EPSS

Snyk•added 2026/06/10 11:12 p.m.•4 views

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

6.8CVSS5.3AI score0.00107EPSS

Snyk•added 2026/06/10 11:12 p.m.•3 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the MVG decoder when processing a crafted file due to a missing depth or visited-set check. An attacker can cause a denial of service by supplying a specially crafted MVG file that triggers a stack overflow...

6.8CVSS5.3AI score0.00107EPSS

NVD•added 2026/06/10 10:17 p.m.•6 views

CVE-2026-46689

Kanidm is an identity management platform. Prior to version 1.9.3, a single unauthenticated GET to any /scim/v1/... endpoint with a ?filter= query string of a few thousand nested parentheses ≈ 4–12 KB drives the recursive-descent PEG parser past the worker thread's stack guard page. Rust responds...

8.7CVSS0.00317EPSS