CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

5.7CVSS7.1AI score0.00249EPSS

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: microcode_ctl (UTSA-2026-016523)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016523 advisory. Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution for some IntelR Processors may allow an authenticated user to...

Exploits0References4

5.3CVSS6.1AI score0.00124EPSS

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: vim (UTSA-2026-016514)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016514 advisory. Vim is an open source command line text editor. Vim v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be...

Exploits0References5

7.8CVSS7.2AI score0.00632EPSS

Unity Linux 20.1050e / 20.1070e Security Update: perl-Module-ScanDeps (UTSA-2026-016505)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016505 advisory. Qualys discovered that if unsanitized input was used with the library Modules::ScanDeps, before version 1.36 a local attacker could possibly execute arbitrary shell...

Exploits3References4

7.8CVSS7.4AI score0.00057EPSS

Unity Linux 20.1050e / 20.1070e Security Update: NetworkManager-libreswan (UTSA-2026-016510)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016510 advisory. A flaw was found in the libreswan client plugin for NetworkManager NetkworkManager-libreswan, where it fails to properly sanitize the VPN configuration from the loca...

Exploits0References4

Tenable Nessus•added 2026/05/07 12:0 a.m.•4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-pip (UTSA-2026-016506)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016506 advisory. Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint...

6.1CVSS6.5AI score0.05933EPSS

Exploits1References4

4.5CVSS6.2AI score0.0008EPSS

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: vim (UTSA-2026-016507)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016507 advisory. Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check...

Exploits0References5

7.2CVSS6.3AI score0.01153EPSS

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: php (UTSA-2026-016509)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016509 advisory. In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, when using streams with configured proxy and requestfulluri option, the URI is not proper...

Exploits1References4

7.5CVSS5.8AI score0.0041EPSS

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: rubygem-rack (UTSA-2026-016518)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016518 advisory. Rack is a modular Ruby web server interface. Carefully crafted Range headers can cause a server to respond with an unexpectedly large response. Responding with such...

Exploits1References4

EUVD•added 2026/05/06 6:30 p.m.•4 views

EUVD-2026-27848

A vulnerability in the web UI of Cisco Unity Connection Web Inbox could allow an unauthenticated, remote attacker to conduct SSRF attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by...

EUVD•added 2026/05/06 6:30 p.m.•2 views

Exploits0References2

EUVD-2026-27847

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability ...

NVD•added 2026/05/06 5:16 p.m.•10 views

Exploits0References2

CVE-2026-20034

8.8CVSS0.00474EPSS

NVD•added 2026/05/06 5:16 p.m.•5 views

CVE-2026-20035

7.2CVSS0.00026EPSS

ATTACKERKB•added 2026/05/06 4:16 p.m.•4 views

CVE-2026-20034

Exploits0References2Affected Software1

CVE•added 2026/05/06 4:16 p.m.•12 views

CVE-2026-20034

Cisco Unity Connection’s web-based management interface is affected by a vulnerability where insufficient validation of user-supplied input enables an authenticated attacker, with valid credentials, to submit a crafted API request and execute arbitrary code as root. The impact is potentially comp...

Vulnrichment•added 2026/05/06 4:16 p.m.•4 views

CVE-2026-20034 Cisco Unity Connection Remote Code Execution Vulnerability

Cvelist•added 2026/05/06 4:16 p.m.•25 views

CVE-2026-20034 Cisco Unity Connection Remote Code Execution Vulnerability

8.8CVSS0.00474EPSS

CVE•added 2026/05/06 4:15 p.m.•9 views

CVE-2026-20035

Cisco Unity Connection Web Inbox SSRF: unauthenticated attacker can cause the affected device to issue arbitrary network requests via crafted HTTP requests due to improper input validation. Affected component is the web UI; CVSS 3.1 base score 7.2 (NETWORK, HIGH). Exploitation status and remediat...

ATTACKERKB•added 2026/05/06 4:15 p.m.•5 views

CVE-2026-20035

Exploits0References2Affected Software1

Vulnrichment•added 2026/05/06 4:15 p.m.•4 views

CVE-2026-20035 Cisco Unity Connection Server-Side Request Forgery Vulnerability