CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Mbed TLS is a light-weight open source cryptographic and SSL/TLS library written in C. Mbed TLS makes it easy for developers to include cryptographic and SSL/TLS capabilities in their embedded applications with as little hassle as possible...

9.1CVSS5.9AI score0.00308EPSS

Exploits0

Wolfi•added 2026/04/09 8:48 p.m.•6 views

GHSA-P9FF-H696-F583 vulnerabilities

Vulnerabilities for packages: langfuse, vite, vitess...

5.8AI score

Exploits0

Wolfi•added 2026/04/09 8:48 p.m.•5 views

CVE-2026-39363 vulnerabilities

Vulnerabilities for packages: langfuse, vite, vitess...

8.2CVSS5.8AI score0.0229EPSS

Exploits3

Debian CVE•added 2026/04/09 3:50 p.m.•2 views

CVE-2026-39853

osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.12, A stack buffer overflow vulnerability exists in osslsigncode in several signature verification paths. During verification of a PKCS7 signature, the code copies the digest value from a parsed...

7.8CVSS5.9AI score0.00163EPSS

Exploits0

Wolfi•added 2026/04/09 1:48 a.m.•5 views

GHSA-5458-7HH9-V7P4 vulnerabilities

Vulnerabilities for packages: nextflow...

5.9AI score

Exploits0

Chainguard•added 2026/04/08 7:17 p.m.•3 views

GHSA-53MR-6C8Q-9789 vulnerabilities

Vulnerabilities for packages: litellm, airflow...

5.8AI score

Exploits0

Wolfi•added 2026/04/08 1:48 a.m.•6 views

GHSA-WH4C-J3R5-MJHP vulnerabilities

Vulnerabilities for packages: saf, sqlpad...

5.8AI score

Exploits0

Chainguard•added 2026/04/07 7:17 p.m.•3 views

GHSA-9F5J-8JWJ-X28G vulnerabilities

Vulnerabilities for packages: awx, airflow...

5.8AI score

Exploits0

Chainguard•added 2026/04/07 7:17 a.m.•5 views

CVE-2026-35172 vulnerabilities

Vulnerabilities for packages: envoy-gateway-fips, gitness, envoy-gateway, portieris, zot, portieris-fips, kots...

7.5CVSS5.8AI score0.00286EPSS

Exploits1

Wolfi•added 2026/04/07 1:48 a.m.•9 views

GHSA-V3RJ-XJV7-4JMQ vulnerabilities

Vulnerabilities for packages: renovate...

5.9AI score

Exploits0

Wolfi•added 2026/04/07 1:48 a.m.•8 views

CVE-2026-34525 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, airflow, open-webui, dask-kubernetes, checkov, py3-cassandra-medusa, kserve...

6.3CVSS5.8AI score0.00288EPSS

Exploits0

UbuntuCve•added 2026/04/07 12:0 a.m.•4 views

CVE-2026-31789

Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker c...

9.8CVSS6.5AI score0.00225EPSS

Exploits0References3

UbuntuCve•added 2026/04/07 12:0 a.m.•2 views

CVE-2026-28387

Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequenc...

8.1CVSS6.1AI score0.00631EPSS

Exploits0References4

Wolfi•added 2026/04/05 1:48 a.m.•7 views

GHSA-8CPQ-38P9-67GX vulnerabilities

Vulnerabilities for packages: langfuse...

5.9AI score

Exploits0

Chainguard•added 2026/04/05 1:17 a.m.•5 views

CVE-2026-27121 vulnerabilities

Vulnerabilities for packages: langfuse, langfuse-fips...

5.4CVSS5.8AI score0.00189EPSS

Exploits0