CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

GithubExploit•added 2026/05/07 1:50 p.m.•70 views

CVE-Hunter-2026

CVE Hunter 2026 AI-assisted penetration testing tool that det...

5.8AI score

Debian CVE•added 2026/05/06 11:28 a.m.•7 views

CVE-2026-43245

In the Linux kernel, the following vulnerability has been resolved: ntfs: -dcompare must not block ... so don't use getname there. Switch it and ntfsdhash, while we are at it to kmallocPATHMAX, GFPNOWAIT. Yes, ntfsdhash almost certainly can do with smaller allocations, but let ntfs folks deal wit...

7.5CVSS5.7AI score0.00441EPSS

NVD•added 2026/05/05 4:16 p.m.•17 views

CVE-2026-7412

In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requests. An unauthenticated remote attacker can exploit this design flaw to force the BaSyx server to execute blind HTTP POST requests to...

8.6CVSS0.00516EPSS

hivepro•added 2026/05/04 4:7 p.m.•4 views

Why VM Programs Suck

& From the Trenches This is the conversation I have with VM leads every week. It usually starts at minute thirty of a discovery call, after the official agenda is over and the Zoom faces relax. Someone says "can I be honest with you for a second?" — and then I get the list. Same complaints...

5.6AI score

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX – Prevent RSB underflow before vmenter On VMX, there is some timing balance between the time the guest’s SPECCTRL value is written and the vmenter. Balanced returns matched by a preceding call are usually acceptable...

5.5CVSS6.2AI score0.0021EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mtd: Fixed a NULL pointer dereferencing issue caused by the ftl notifier. If both ftl.ko and gluebi.ko are loaded, the ftl notifier triggers a NULL pointer dereferencing when attempting to access ‘gluebi-desc’ in gluebiread. In t...

5.5CVSS5.5AI score0.00242EPSS

EUVD•added 2026/05/03 1:30 a.m.•3 views

EUVD-2026-26808

A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects the function startsingleservice of the component Web Management Interface. Executing a manipulation of the argument vpnpptpserver/vpnl2tpserver can lead to buffer overflow. The attack can be executed...

9CVSS7.7AI score0.00481EPSS

Exploits0References5

Cvelist•added 2026/05/03 1:30 a.m.•42 views

CVE-2026-7674 Shenzhen Libituo Technology LBT-T300-HW1 Web Management start_single_service buffer overflow

9CVSS0.00481EPSS

Exploits0References5

Tenable Nessus•added 2026/05/02 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-42476

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because...

7.1CVSS5.6AI score0.00106EPSS

Tenable Nessus•added 2026/05/02 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-42478

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in VrmlDataIndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of...

7.5CVSS5.5AI score0.00219EPSS

Tenable Nessus•added 2026/05/02 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-42481

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open CASCADE Technology OCCT V800rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files...

5.5CVSS5.5AI score0.00098EPSS

NVD•added 2026/05/01 4:16 p.m.•4 views

CVE-2026-42480

A stack-based out-of-bounds read vulnerability in VrmlDataScene::ReadLine in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because the quoted-string escape handler uses ptr++anOffset without proper...

5.5CVSS0.00098EPSS

NVD•added 2026/05/01 4:16 p.m.•6 views

CVE-2026-42481

Open CASCADE Technology OCCT V800rc5 contains multiple vulnerabilities in its IGES and STEP file parsers that can be triggered by crafted IGES or STEP files. These issues include an out-of-bounds read in Geom2dBSplineCurve::EvalD0 during IGES B-spline curve evaluation, an out-of-bounds read in...

5.5CVSS0.00098EPSS

OSV•added 2026/05/01 4:16 p.m.•6 views

DEBIAN-CVE-2026-42480

5.5CVSS5.9AI score0.00098EPSS

OSV•added 2026/05/01 4:16 p.m.•5 views

UBUNTU-CVE-2026-42481

5.5CVSS5.8AI score0.00098EPSS

UbuntuCve•added 2026/05/01 4:16 p.m.•3 views

CVE-2026-42481

5.5CVSS5.8AI score0.00098EPSS

NVD•added 2026/05/01 3:16 p.m.•3 views

CVE-2026-42476

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V800rc5 exist in RWStlReader::ReadAscii because buffers returned by StandardReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

7.1CVSS0.00106EPSS

NVD•added 2026/05/01 3:16 p.m.•2 views

CVE-2026-42479

An out-of-bounds read vulnerability in VrmlDataIndexedLineSet::TShape in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because coordIndex values from parsed input are used as direct array indices...

5.5CVSS0.00099EPSS

OSV•added 2026/05/01 3:16 p.m.•4 views

DEBIAN-CVE-2026-42479

5.5CVSS5.8AI score0.00099EPSS