Lucene search
K

3283 matches found

CVE
CVE
added 54 minutes ago4 views

CVE-2026-56015

Net::IP::LPM versions through 1.10 for Perl allow a heap out-of-bounds read via an unbounded prefix length. add passes the prefix string to the trie builder addPrefixToTrie without checking it against the address width. addPrefixToTrie then walks the prefix buffer by prefixlength bits, reading...

6AI score
Exploits0References2
NVD
NVD
added yesterday4 views

CVE-2026-57680

Unauthenticated Insecure Direct Object References IDOR in Kirki = 6.0.11 versions...

6.5CVSS
Exploits0References1
CVE
CVE
added yesterday5 views

CVE-2025-69154

CVE-2025-69154 affects the SpaLab | Beauty Salon WordPress Theme up to version 6.7. It is an unauthenticated Cross-Site Scripting (XSS) vulnerability in the theme. The CVSS v3.1 base score is 7.1 (HIGH) with network attack, no privileges required, user interaction required, and low impacts to con...

7.1CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added yesterday18 views

CVE-2025-69153 WordPress Trendy Travel theme <= 6.7 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Trendy Travel = 6.7 versions...

7.1CVSS
Exploits0References1
OSV
OSV
added yesterday3 views

RHSA-2026:34368 Red Hat Security Advisory: Satellite 6.18.7 Async Update

Bulletin has no description...

8.8CVSS6.8AI score0.00671EPSS
Exploits0References36
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-57720 WordPress ThumbPress plugin <= 6.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Codexpert Inc ThumbPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ThumbPress: from n/a through 6.3.2...

4.3CVSS0.00203EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2 days ago5 views

kernel: mptcp: fix slab-use-after-free in __inet_lookup_established

A flaw was found in the Linux kernel's Multipath TCP MPTCP implementation. Due to incorrect memory allocation for IPv6 subflow child sockets, a use-after-free vulnerability exists. A remote attacker could exploit this by triggering concurrent lookups in the kernel's hash table, potentially leadin...

9.8CVSS6.5AI score0.004EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2 days ago4 views

kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftinner module. This vulnerability arises from an incorrect handling of IPv6 inner packet processing, where the transport header offset innerthoff becomes desynchronized from the Layer 4 protocol l4proto. A remot...

9.1CVSS7.2AI score0.00302EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 3 days ago4 views

kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()

A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...

9.8CVSS7AI score0.00563EPSS
Exploits0References5
CVE
CVE
added 3 days ago10 views

CVE-2026-53916

CVE-2026-53916 describes a memory allocation issue in Apache ActiveMQ families (ActiveMQ, ActiveMQ All, ActiveMQ Stomp) caused by an unauthenticated STOMP NIO client that can emit header bytes that never terminate. This unbounded header buffering can exhaust the JVM heap. Affected versions are be...

7.5CVSS5.9AI score0.00524EPSS
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 3 days ago6 views

Important: Red Hat Security Advisory: redis:6 security update

An update for the redis:6 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

8.8CVSS6.4AI score0.02995EPSS
Exploits0References2
NVD
NVD
added 4 days ago9 views

CVE-2026-7656

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6nbr.c handlerainput, handlensinput, handlenainput used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was 'length/hop/source/target checks...

8.1CVSS0.00232EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 4 days ago4 views

kernel: tcp: fix potential race in tcp_v6_syn_recv_sock()

A flaw was found in the Linux kernel. A race condition exists in the TCP Transmission Control Protocol IPv6 Internet Protocol version 6 socket handling, specifically within the tcpv6synrecvsock function. This occurs because a child socket becomes visible in the TCP hash table before its...

9.8CVSS6.5AI score0.0028EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-57339

Unauthenticated Broken Access Control in Business Directory = 6.4.23 versions...

6.5CVSS5.8AI score0.00196EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-57328 WordPress Business Directory plugin <= 6.4.22 - Cross Site Scripting (XSS) vulnerability

Subscriber Cross Site Scripting XSS in Business Directory = 6.4.22 versions...

6.5CVSS0.00211EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-40098

Subscriber Broken Access Control in MainWP = 6.1.1 versions...

6.3CVSS5.8AI score0.00249EPSS
Exploits0References1
OSV
OSV
added 4 days ago5 views

PYSEC-2026-359 InvokeAI has External Control of File Name or Path

Path Traversal Vulnerability in InvokeAI A path traversal vulnerability in InvokeAI versions 6.7.0 allows an unauthenticated remote attacker to read files outside the intended media directory via the bulk downloads API. The endpoint accepts a user-controlled file/item name and concatenates it int...

9.8CVSS7.5AI score0.00353EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 4 days ago4 views

kernel: netfilter: flowtable: strictly check for maximum number of actions

A flaw was found in the Netfilter flowtable component of the Linux kernel. This vulnerability occurs because the system does not strictly check the maximum number of hardware offload actions for IPv6, allowing it to process more actions than supported. This could potentially lead to system...

7.8CVSS5.7AI score0.00141EPSS
Exploits0References5
CVE
CVE
added 6 days ago25 views

CVE-2026-49412

The CVE-2026-49412 issue affects FreeBSD’s IPv6_MSFILTER in the kernel: the handler drops a serializing lock to copy the source-filter list and later reacquires it, creating a window where another thread can free the multicast filter structure and leave a stale pointer. This use-after-free enable...

7.8CVSS5.8AI score0.00104EPSS
Exploits0References1Affected Software1
Microsoft CVE
Microsoft CVE
added 6 days ago7 views

ipv6: sit: reload inner IPv6 header after GSO offloads

...

9.8CVSS5.8AI score0.00559EPSS
Exploits0
Rows per page
Query Builder