CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

224 matches found

NVD•added 2026/06/16 5:16 p.m.•8 views

CVE-2026-42089

Yeoman Environment provides an API to discover, create, and run generators, and to configure where and how a generator is resolved. Versions 2.9.0 through 6.0.0 install missing local generator packages from caller-supplied package names without user confirmation. In downstream consumers that pass...

8.6CVSS0.00139EPSS

Exploits0References3

OSV•added 2026/06/12 12:25 p.m.•52 views

OESA-2026-2645 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A vulnerability, which was classifie...

8.8CVSS4.6AI score0.00541EPSS

Exploits4References5

CNNVD•added 2026/06/10 12:0 a.m.•12 views

ESP-IDF 输入验证错误漏洞

ESP-IDF is an open-source development framework for Espressif’s SoCs, supported on Windows, Linux, and macOS. Versions 5.5.4 and 6.0 of ESP-IDF contain input validation vulnerabilities. These vulnerabilities stem from issues with the security service wrapper component in the esptee module, which...

9.3CVSS5.3AI score0.00126EPSS

Exploits0References1

Vulnrichment•added 2026/06/09 7:15 p.m.•8 views

CVE-2026-34710 Substance3D - Sampler | Out-of-bounds Write (CWE-787)

Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.1AI score0.00144EPSS

Exploits0References1

Cvelist•added 2026/06/09 7:15 p.m.•31 views

CVE-2026-34709 Substance3D - Sampler | Out-of-bounds Write (CWE-787)

7.8CVSS0.00138EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:46 p.m.•9 views

CVE-2026-33565

in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS...

3.3CVSS5.4AI score0.00094EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:29 p.m.•7 views

CVE-2026-28733

in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution...

6.5CVSS5.7AI score0.00131EPSS

Exploits0References1

SUSE CVE•added 2026/06/04 2:30 a.m.•11 views

SUSE CVE-2026-8404

An issue was discovered in Django 5.2 before 5.2.15 and 6.0 before 6.0.6. django.middleware.cache.UpdateCacheMiddleware in Django does not match Cache-Control response directives case-insensitively, which allows remote attackers to read responses that were incorrectly cached because their...

5.9CVSS5.8AI score0.00285EPSS

Exploits0References4

Debian CVE•added 2026/06/03 1:16 p.m.•9 views

CVE-2026-7666

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...

3.1CVSS5.7AI score0.0015EPSS

Exploits0

NVD•added 2026/05/25 9:16 p.m.•8 views

CVE-2026-24574

Cross-Site Request Forgery CSRF vulnerability in Recorp Export WP Page to Static HTML/CSS allows Cross Site Request Forgery. This issue affects Export WP Page to Static HTML/CSS: from n/a through 6.0.0...

6.5CVSS0.0014EPSS

Exploits0References1

OSV•added 2026/05/22 10:16 p.m.•6 views

UBUNTU-CVE-2026-41074

RT is an open source, enterprise-grade issue and ticket tracking system. Versions 6.0.0 through 6.0.2 contain a Cross-Site Request Forgery CSRF vulnerability. An attacker who can induce a logged-in RT user to visit a malicious web page can trigger arbitrary state-changing actions in RT on that...

7.1CVSS5.9AI score0.00117EPSS

Exploits0References4