CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.3, kitty's OSC 21 color-control query reply reflects attacker-controlled bytes, includin...

7.8CVSS5.9AI score0.00166EPSS

Exploits1References3

Debian CVE•added 2026/06/12 5:35 p.m.•10 views

CVE-2026-48165

MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.27, 10.11.1 to before 10.11.18, 11.4.1 to before 11.4.12, 11.8.1 to before 11.8.8, and 12.3.1, a high-privileged MariaDB user could've used wsrepsstreceiveaddress or wsrepsstdonor global system...

8CVSS5.5AI score0.00444EPSS

Exploits0

OSV•added 2026/06/12 4:11 p.m.•11 views

MAL-2026-5700 Malicious code in transportator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f40d878023c5462d17916a03d22d7c2e9e1573ab590f50532aa2e620e7a5a13 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.4AI score

Exploits0References1

Debian CVE•added 2026/06/12 2:59 p.m.•8 views

CVE-2026-50560

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty HTTP/2 max header size handling produces an attack similar to HTTP/2 Rapid Reset. There is a setting in the http2 specification called...

6.9CVSS5.3AI score0.00302EPSS

Exploits0

Debian CVE•added 2026/06/12 2:42 p.m.•9 views

CVE-2026-48059

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, the HAProxy PROXY protocol v2 codec in netty leaks native or heap memory on every connection when a client sends a syntactically valid header containing nest...

8.7CVSS5.5AI score0.00435EPSS

Exploits0

Debian CVE•added 2026/06/12 2:33 p.m.•8 views

CVE-2026-47691

Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisoning. An attacker controlling an authoritative name...

10CVSS5.3AI score0.00218EPSS

Exploits0

OSV•added 2026/06/12 2:32 p.m.•4 views

MAL-2026-5688 Malicious code in ecto-nightly-spirit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5dea0702101217f4a918a23191023bbd9e7d3b5478028bb0868341a574526e97 On npm install, postinstall.js executes unconditionally and performs three installer-harming actions. 1 It enumerates every key/value pair in...

5.4AI score

Exploits0References7

OSV•added 2026/06/12 2:32 p.m.•5 views

MAL-2026-5689 Malicious code in ecto-rust-read-f3a9c1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e73d10b993d9601d0dfe78d143a550ed008b8233beb8b88b7443208e4d0fa89d On install, postinstall.js evaluates a targeting heuristic isRealTarget that fires only when the build environment looks like a real corporate...

5.5AI score

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by