Lucene search
+L

1924 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/20 9:17 a.m.41 views

CVE-2026-32792

NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support '--enable-dnscrypt'. A bad DNSCrypt query could underflow Unbound's DNSCrypt packet reading procedure that may lead to heap overflow. A malicious actor can exploit...

8.2CVSS6AI score0.00337EPSS
Exploits0References2Affected Software1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in exim4

Exim: Improper Neutralization of Special Elements Leading to Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected Exim installations. Authentication is not required to exploit this vulnerability. The specific flaw resides within the...

9.8CVSS8.6AI score0.05673EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

A NULL pointer dereference flaw was discovered in the Linux kernel’s X.25 set of standardized network protocol functions. This flaw allows a local user to crash the system by terminating their session using a simulated Ethernet card while continuing to use that connection...

5.5CVSS6.6AI score0.00328EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.13 views

PT-2026-42168

Name of the Vulnerable Software and Affected Versions Twig versions 2.16.x Twig versions 3.9.0 through 3.25.x Description A sandbox bypass exists when using a SourcePolicyInterface. This occurs because a runtime check fails to use the current template source, allowing attackers with template...

9.9CVSS6.3AI score0.00738EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.14 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : nginx vulnerability (USN-8271-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8271-1 advisory. It was discovered that the nginx ngxhttprewritemodule component incorrectly handled certain rewrite directives. A remote attacker...

9.2CVSS6.4AI score0.61469EPSS
Exploits40References2
GithubExploit
GithubExploit
added 2026/05/19 5:45 a.m.193 views

offensive-claude

Offensive Security Research Config for Claude Code A comprehe...

6AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.9 views

@antv/l7 (>=2.1.13 <=2.25.10), @antv/l7-draw (>=2.1.13 <=2.1.14) +5 more potentially affected by unknown CVE via @antv/l7-scene (>=2.10.0 <=2.25.9)

@antv/l7-scene NPM version =2.10.0, =2.1.13, =2.1.13, =2.10.0, =2.1.13, =2.10.0, =1.0.0, =1.0.17, =1.0.18 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVL7SCENE-16754481...

5.5AI score
Exploits0
CVE
CVE
added 2026/05/12 5:19 p.m.29 views

CVE-2026-34643

CVE-2026-34643 affects Adobe After Effects versions 26.0, 25.6.4 and earlier with an out-of-bounds write (CWE-787) that could enable arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. The entry provides CVSS ...

7.8CVSS6.3AI score0.00148EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/12 5:19 p.m.43 views

CVE-2026-34642 After Effects | Heap-based Buffer Overflow (CWE-122)

After Effects versions 26.0, 25.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00187EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 5:16 p.m.29 views

CVE-2026-34640

Media Encoder CVE-2026-34640 affects versions 26.0.2, 25.6.4 and earlier with an Integer Overflow or Wraparound (CWE-190). The issue could allow arbitrary code execution in the context of the current user and requires user interaction (victim must open a malicious file). These details confirm the...

7.8CVSS6.3AI score0.0017EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2026/05/11 2:35 p.m.13 views

CVE-2025-9973

creationtimestamp| type| source ---|---|--- 2026-05-11 14:35:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mllio6quir2p...

7.2CVSS5.8AI score0.00366EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/05 4:44 p.m.11 views

NPM: VM2 Has a WASM Sandbox Escape (Node 25 only)

NPM: VM2 Has a WASM Sandbox Escape Node 25 only vulnerability discovered by ? in WordPress Npm vm2 versions 3.10.4...

9.8CVSS6AI score0.00921EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/05/05 4:44 p.m.8 views

GHSA-FFH4-J6H5-PG66 VM2 Has a WASM Sandbox Escape

Summary Full sandbox escape with arbitrary code execution. Attacker code inside VM.run obtains host process object and runs host commands with zero host cooperation. Details Confirmed on: vm2 3.10.4, Node.js v25.6.1 x64 Linux Trigger: Attacker-controlled code passed to VM.run Requires: Node.js...

9.8CVSS6.2AI score0.00921EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/05/05 4:44 p.m.10 views

VM2 Has a WASM Sandbox Escape

Summary Full sandbox escape with arbitrary code execution. Attacker code inside VM.run obtains host process object and runs host commands with zero host cooperation. Details Confirmed on: vm2 3.10.4, Node.js v25.6.1 x64 Linux Trigger: Attacker-controlled code passed to VM.run Requires: Node.js...

9.8CVSS6.2AI score0.00921EPSS
Exploits1References4Affected Software1
Circl
Circl
added 2026/05/05 3:0 p.m.6 views

CVE-2025-61311

creationtimestamp| type| source ---|---|--- 2026-05-05 15:00:32+00:00| seen| https://gist.github.com/ZeroBreach-GmbH/424005738e819e14c724feb9c7c5f40b...

7.3CVSS5.8AI score0.00292EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/05/05 12:0 a.m.7 views

CVE-2026-43002

An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before authentication and thus storage can be exhausted by unauthenticated requests. This is a regression of the CVE-2014-8124 fix...

5.3CVSS5.8AI score0.00365EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/04 4:37 p.m.36 views

CVE-2026-26956 vm2: WASM Sandbox Escape (Node 25 only)

vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 is vulnerable to full sandbox escape with arbitrary code execution. Attacker code inside VM.run obtains host process object and runs host commands with zero host cooperation. This issue has been patched in version 3.10.5...

9.8CVSS0.00921EPSS
Exploits1References2
OSV
OSV
added 2026/05/04 4:37 p.m.2 views

CVE-2026-26956 vm2: WASM Sandbox Escape (Node 25 only)

vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 is vulnerable to full sandbox escape with arbitrary code execution. Attacker code inside VM.run obtains host process object and runs host commands with zero host cooperation. This issue has been patched in version 3.10.5...

9.8CVSS7.5AI score0.00921EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.9 views

RHCOS 4 : OpenShift Container Platform 4.18.25 (RHSA-2025:16729)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16729 advisory. - podman: Build Context Bind Mount CVE-2025-4953 Note that Nessus has not tested for this issue but has instead relied only on the...

7.4CVSS5.8AI score0.00596EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/03 4:45 p.m.36 views

EUVD-2026-26842

A vulnerability has been found in AV Stumpfl Pixera Two Media Server up to 25.1 R2. The affected element is an unknown function of the component Service Port 1338. Such manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. Upgrading to version 25.2 R3...

5.3CVSS5.2AI score0.00381EPSS
Exploits0References5
Rows per page
Query Builder