CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

291 matches found

CVE-2026-54699

Warp contains an OS command injection in the WSL URL-opening fallback. When Warp runs under WSL and cannot open a URL via wslview, it uses a Windows command processor path, and a URL controlled through terminal output can reach this fallback when opened. Affected versions range from 0.2024.03.12....

7.7CVSS5.9AI score

Exploits0References2

AstraLinux•added 5 days ago•3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb: client: fixed the off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value. However, eadata is located at offset sizeofstruct smb2filefulleainfo = 8 from ea, not ...

7.1CVSS6.2AI score0.00126EPSS

Exploits0References1

OSSF Malicious Packages•added 2026/06/10 5:11 p.m.•9 views

Malicious code in requests-toolbelt-plus (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38c64ca050de4910f56bc4a652890b0a378082859cb62153762c6ae08b4b8eae The package impersonates the popular requests-toolbelt library but ships an empty requeststoolbeltplus/init.py and places its real logic in setup.py...

6.1AI score

Exploits0References3

OSV•added 2026/06/10 5:11 p.m.•9 views

MAL-2026-5519 Malicious code in requests-toolbelt-plus (PyPI)

6.1AI score

Exploits0References3

CNNVD•added 2026/05/28 12:0 a.m.•9 views

Zed 安全漏洞

Zed is a code editor developed by Zed Industries. Versions of Zed prior to 0.227.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of shell references or validations for environment variable keys during SSH/WSL remote command execution. This allowed attackers to...

8.6CVSS6.2AI score0.00257EPSS

Exploits1References1

RedhatCVE•added 2026/04/24 8:32 p.m.•2 views

CVE-2026-31614

A flaw was found in the Linux kernel's Server Message Block SMB client. An untrusted server can exploit an out-of-bounds read vulnerability within the checkwsleas function. This flaw allows the server to read up to 8 bytes beyond the intended memory boundary, leading to information disclosure. Th...

7.1CVSS5.2AI score0.00126EPSS

Exploits0References4

NVD•added 2026/04/24 3:16 p.m.•1 views

CVE-2026-31614

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offset sizeofstruct smb2filefulleainfo = 8 from ea, not at offset 0. The...

7.1CVSS0.00126EPSS

Exploits0References6

ATTACKERKB•added 2026/04/24 2:42 p.m.•3 views

CVE-2026-31614

7.1CVSS5.2AI score0.00126EPSS

Exploits0References7Affected Software1

RedhatCVE•added 2026/02/11 7:44 p.m.•6 views

CVE-2026-21237

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

7CVSS5.7AI score0.00261EPSS

Exploits0References1

RedhatCVE•added 2026/02/11 7:44 p.m.•4 views

CVE-2026-21242

Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

7CVSS5.5AI score0.0034EPSS

Exploits0References1

OSV•added 2026/02/10 6:16 p.m.•3 views

CVE-2026-21242

Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.0034EPSS

Exploits0References1

NVD•added 2026/02/10 6:16 p.m.•2 views

CVE-2026-21242

Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

7CVSS0.0034EPSS

Exploits0References1

OSV•added 2026/02/10 6:16 p.m.•2 views

CVE-2026-21237

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

7CVSS5.9AI score0.00261EPSS

Exploits0References1

NVD•added 2026/02/10 6:16 p.m.•3 views

CVE-2026-21237

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

7CVSS0.00261EPSS

Exploits0References1

UbuntuCve•added 2026/02/10 6:16 p.m.•3 views

CVE-2026-21242

Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.0034EPSS

Exploits0References2

UbuntuCve•added 2026/02/10 6:16 p.m.•3 views

CVE-2026-21237

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

7CVSS6.1AI score0.00261EPSS

Exploits0References2

Vulnrichment•added 2026/02/10 5:51 p.m.•3 views

CVE-2026-21237 Windows Subsystem for Linux Elevation of Privilege Vulnerability

...

7CVSS5.3AI score0.00261EPSS

Exploits0References1

ATTACKERKB•added 2026/02/10 5:51 p.m.•4 views

CVE-2026-21237

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...

7CVSS5.7AI score0.00261EPSS

Exploits0References2Affected Software11

CVE•added 2026/02/10 5:51 p.m.•26 views

CVE-2026-21237

Technical details of CVE-2026-21237 are not publicly provided in the supplied documents; no affected products, vulnerable components, or fixes are described here. Monitor for updates from official sources.

7CVSS5.7AI score0.00261EPSS

Exploits0References1Affected Software8