CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

81 matches found

NVD•added 2026/06/11 8:16 p.m.•12 views

CVE-2026-49949

CodexBar before 0.33.0 contains a credential forwarding vulnerability that allows network-adjacent attackers to intercept sensitive credentials by issuing cross-origin or HTTP-downgrade redirects to the shared ProviderHTTPClient transport. Attackers can redirect credentialed provider requests...

6CVSS0.00253EPSS

Exploits0References4

NVD•added 2026/03/11 5:16 p.m.•3 views

CVE-2026-20074

A vulnerability in the Intermediate System-to-Intermediate System IS-IS multi-instance routing feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the IS-IS process to restart unexpectedly. This vulnerability is due to insufficient input validation of ingre...

7.4CVSS0.0016EPSS

Exploits0References1

Vulnrichment•added 2026/03/11 4:31 p.m.•6 views

CVE-2026-20074 Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability

7.4CVSS5.8AI score0.0016EPSS

Exploits0References1

CVE•added 2026/03/11 4:31 p.m.•57 views

CVE-2026-20074

The CVE concerns Cisco IOS XR Software’s IS-IS multi-instance routing feature. An unauthenticated, Layer-2 adjacent attacker can trigger the IS-IS process to restart by sending crafted ingress IS-IS packets after forming an adjacency, due to insufficient input validation. The resulting impact is ...

7.4CVSS5.8AI score0.0016EPSS

Exploits0References1

Zero Day Initiative•added 2026/02/05 12:0 a.m.•3 views

(Pwn2Own) Lexmark CX532adwe getCFFNames Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX532adwe printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getCFFNames function. The issue results from the lack of proper...

8.8CVSS6.2AI score0.00477EPSS

Exploits0References1

GithubExploit•added 2025/12/20 5:41 p.m.•131 views

Exploit for CVE-2025-14558

CVE-2025-14558 FreeBSD rtsold DNSSL Command Injection RCE...

8.4AI score0.06272EPSS

Exploits7

CVE•added 2025/10/27 12:0 a.m.•31 views

CVE-2025-61102

FRRouting/frr versions v4.0–v10.4.1 are affected by a NULL pointer dereference in ospf_ext.c show_vty_ext_link_adj_sid, enabling DoS via crafted OSPF packets. Connected advisories indicate patches exist (e.g., Mariner packages <8.5.5-5 or

7.5CVSS6.7AI score0.00457EPSS

Exploits1References4Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-18339

Malware in sbrugna...

8.8CVSS9.2AI score0.02331EPSS

Exploits0References8

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-39753