CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

485 matches found

RedHat Linux•added 2026/03/02 1:26 a.m.•4 views

cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy

A flaw was found in Go's 'cgo tool'. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then "smuggled" into the compiled cgo binary. An attacker could exploit this to embed and execute arbitrary...

8.6CVSS7.3AI score0.00205EPSS

Exploits0References8

RedHat Linux•added 2026/03/02 1:25 a.m.•5 views

cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy

8.6CVSS7.3AI score0.00205EPSS

Exploits0References8

Chainguard•added 2026/02/28 1:17 a.m.•5 views

GHSA-XH87-MX6M-69F3 vulnerabilities

Vulnerabilities for packages: kibana...

5.9AI score

Exploits0

AlpineLinux•added 2026/02/27 9:58 p.m.•3 views

CVE-2026-28418

Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-style tags file parsing logic. When processing a malformed tags file, Vim can be tricked into reading up to 7 bytes beyond the allocated memory boundar...

5.5CVSS6AI score0.0022EPSS

Exploits0References4

Wolfi•added 2026/02/25 1:48 a.m.•4 views

GHSA-9F29-V6MM-PW6W vulnerabilities

Vulnerabilities for packages: opa-envoy...

5.3AI score

Exploits0

Chainguard•added 2026/02/25 1:17 a.m.•9 views

GHSA-WH2J-26J7-9728 vulnerabilities

Vulnerabilities for packages: airflow...

5.3AI score

Exploits0

RedHat Linux•added 2026/02/24 12:1 p.m.•5 views

cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy

8.6CVSS7.3AI score0.00205EPSS

Exploits0References8

Chainguard•added 2026/02/23 7:17 p.m.•6 views

GHSA-QVHC-9V3J-5RFW vulnerabilities

Vulnerabilities for packages: dotnet...

5.3AI score

Exploits0

AlpineLinux•added 2026/02/21 2:32 p.m.•2 views

CVE-2026-2869

A vulnerability was identified in janet-lang janet up to 1.40.1. Affected by this vulnerability is the function janetcvarset of the file src/core/specials.c of the component handleattr Handler. The manipulation leads to out-of-bounds read. The attack can only be performed from a local environment...

5.5CVSS4.2AI score0.0018EPSS

Exploits1References8

Chainguard•added 2026/02/21 7:17 a.m.•6 views

GHSA-69X3-G4R3-P962 vulnerabilities

Vulnerabilities for packages: caddy-fips, step-ca, step, step-ca-fips, step-fips, step-issuer-fips, caddy, step-issuer...

5.8AI score

Exploits0

Wolfi•added 2026/02/21 1:48 a.m.•4 views

GHSA-FPJ8-GQ4V-P354 vulnerabilities

Vulnerabilities for packages: thingsboard...

5.4AI score

Exploits0

Wolfi•added 2026/02/20 1:48 a.m.•4 views

GHSA-3PPC-4F35-3M26 vulnerabilities

Vulnerabilities for packages: pnpm-stage0, vitess, opensearch-dashboards, renovate, prism, serve, kubeflow-katib, tileserver-gl, rancher-api-ui, saf, npm, lerna, ts-patch, argo-workflows, kubeflow-centraldashboard, langfuse, node-gyp, kubeflow-pipelines, code-server, pulumi, sqlpad, eslint...

5.8AI score

Exploits0

Chainguard•added 2026/02/19 1:17 p.m.•4 views

GHSA-2G4F-4PWH-QVX6 vulnerabilities

Vulnerabilities for packages: saf, vitess, langfuse-fips, tileserver-gl-fips, gitlab-rails-ce, librechat, kubeflow-pipelines, wazuh-dashboard, argo-workflows, renovate, eslint, kubeflow-centraldashboard, langfuse, prism, opensearch-dashboards, kibana, tileserver-gl, serve, gitlab-rails-ce-fips,...

5.8AI score

Exploits0

Chainguard•added 2026/02/17 7:17 p.m.•22 views

CVE-2025-14505 vulnerabilities

Vulnerabilities for packages: librechat, opensearch-dashboards, opensearch-dashboards-fips...

5.6CVSS5.8AI score0.00161EPSS

Exploits0

RedHat Linux•added 2026/02/17 3:59 p.m.•3 views

freerdp: FreeRDP: Arbitrary code execution and denial of service via malicious server

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. A malicious server can exploit a use-after-free vulnerability by enticing a client to connect to it. This can lead to a client-side crash, resulting in a Denial of Service DoS, and potentially allow for arbitrary...

9.8CVSS6.2AI score0.00538EPSS

Exploits1References9

RedHat Linux•added 2026/02/11 5:28 p.m.•5 views

fontforge: FontForge: Arbitrary code execution via SFD file parsing buffer overflow

A flaw was found in FontForge. A remote attacker could exploit a heap-based buffer overflow vulnerability during SFD file parsing. This issue arises from insufficient validation of user-supplied data length before copying it to a buffer. Successful exploitation requires user interaction, such as...

8.8CVSS6.5AI score0.0058EPSS

Exploits0References5

Wolfi•added 2026/02/11 7:48 a.m.•1 views

GHSA-PQXR-3G65-P328 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

5.4AI score

Exploits0

CBLMariner•added 2026/02/09 11:37 p.m.•4 views

CVE-2025-38022 affecting package kernel for versions less than 6.6.121.1-1

CVE-2025-38022 affecting package kernel for versions less than 6.6.121.1-1. A patched version of the package is available...

7.8CVSS5.5AI score0.00161EPSS

Exploits0

AlpineLinux•added 2026/02/09 4:2 p.m.•5 views

CVE-2026-2241

A vulnerability was found in janet-lang janet up to 1.40.1. This affects the function osstrftime of the file src/core/os.c. Performing a manipulation results in out-of-bounds read. The attack must be initiated from a local position. The exploit has been made public and could be used. The patch is...

6.1CVSS5.1AI score0.00169EPSS

Exploits1References8

CBLMariner•added 2026/02/05 10:21 p.m.•5 views

CVE-2025-11961 affecting package nmap for versions less than 7.93-4

CVE-2025-11961 affecting package nmap for versions less than 7.93-4. A patched version of the package is available...

1.9CVSS5.3AI score0.00098EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by