CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2 days ago•8 views

CVE-2026-11400

An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rdssuperuser, via a crafted function created by the...

8.6CVSS0.00129EPSS

ATTACKERKB•added 2 days ago•5 views

CVE-2026-11401

Exploits0References4Affected Software1

EUVD•added 2 days ago•3 views

EUVD-2026-34901

CVE•added 2 days ago•9 views

CVE-2026-11401

The CVE-2026-11401 entry describes an untrusted search path vulnerability in the GlobalDatabasePlugin of the AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL. A remote authenticated low-privilege actor can escalate to other Amazon RDS user privileges (including rds_superuser) via a crafted fu...

EUVD•added 2 days ago•5 views

EUVD-2026-34900

Cvelist•added 2 days ago•20 views

CVE-2026-11400 Privilege Escalation in AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL

8.6CVSS0.00129EPSS

ATTACKERKB•added 2 days ago•5 views

CVE-2026-11400

Exploits0References4Affected Software1

Positive Technologies•added 2 days ago•8 views

PT-2026-47034

Name of the Vulnerable Software and Affected Versions AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL versions prior to 4.0.1 Description An untrusted search path issue exists in the GlobalDatabasePlugin. This allows a remote authenticated low-privilege actor to escalate privileges to thos...

Positive Technologies•added 2 days ago•7 views

Exploits0References5

PT-2026-47035

Name of the Vulnerable Software and Affected Versions AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL versions prior to 2026-05-26 Description An untrusted search path issue exists in the GlobalDatabasePlugin. This allows a remote authenticated low-privilege actor to escalate privileges to...

RedhatCVE•added 2026/05/30 2:12 a.m.•9 views

Exploits0References5

CVE-2026-44358

Espressif Shared GitHub DangerJS is a reusable GitHub Action CI DangerJS workflow for Espressif GitHub projects. Prior to 1.0.1, the action's entrypoint.sh invoked DangerJS from the caller's workspace after copying the fork's checkout into it, creating an untrusted search path for both binary...

NVD•added 2026/05/28 4:16 p.m.•11 views

CVE-2026-44358

8.2CVSS0.00029EPSS

EUVD•added 2026/05/28 2:28 p.m.•7 views

EUVD-2026-32908

Vulnrichment•added 2026/05/28 2:28 p.m.•6 views

CVE-2026-44358 Espressif Shared GitHub DangerJS: Untrusted Search Path in DangerJS Action Entrypoint

CVE•added 2026/05/28 2:28 p.m.•13 views

CVE-2026-44358

The CVE-2026-44358 affects Espressif Shared GitHub DangerJS, a reusable GitHub Action for Espressif projects. Before 1.0.1, the action’s entrypoint.sh invoked DangerJS from the caller’s workspace after copying the fork’s checkout, creating an untrusted search path for binary and Node.js module re...

Cvelist•added 2026/05/28 2:28 p.m.•25 views

CVE-2026-44358 Espressif Shared GitHub DangerJS: Untrusted Search Path in DangerJS Action Entrypoint

8.2CVSS0.00029EPSS

Positive Technologies•added 2026/05/28 12:0 a.m.•6 views

PT-2026-44387

CVE•added 2026/05/27 7:17 a.m.•7 views

CVE-2025-41670

Technical details about CVE-2025-41670 are not publicly available in the provided documents. Monitor for updates from official advisories; no affected products, vulnerable components, or remediation are specified here.

8.7CVSS5.8AI score0.00033EPSS

Cvelist•added 2026/05/27 7:17 a.m.•25 views

CVE-2025-41670 Untrusted Search Path

A local user with low privileges may be able to influence the behavior of a privileged system service by manipulating configuration or application-related files located in user-writable areas of the filesystem. The affected service processes data from locations that are not sufficiently protected...

8.7CVSS0.00033EPSS

Vulnrichment•added 2026/05/27 7:17 a.m.•5 views

CVE-2025-41670 Untrusted Search Path

8.7CVSS5.8AI score0.00033EPSS