CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/01/06 5:5 a.m.•3 views

mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals

An integer overflow flaw has been discovered in the Apache HTTP server. The integer overflow in the case of failed ACME certificate renewal leads, after a number of failures 30 days in default configurations, to the backoff timer becoming 0. Attempts to renew the certificate then are repeated...

7.5CVSS5.8AI score0.00402EPSS

RedHat Linux•added 2026/01/06 5:4 a.m.•3 views

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...

8.3CVSS5.7AI score0.015EPSS

RedHat Linux•added 2026/01/06 5:4 a.m.•5 views

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.3CVSS7.2AI score0.015EPSS

RedHat Linux•added 2026/01/06 1:44 a.m.•6 views

Important: Red Hat Security Advisory: mod_md security update

An update for modmd is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.1AI score0.00402EPSS

RedHat Linux•added 2026/01/06 1:44 a.m.•2 views

mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals

7.5CVSS5.8AI score0.00402EPSS

RedHat Linux•added 2026/01/06 1:23 a.m.•2 views

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

8.3CVSS5.7AI score0.015EPSS

RedHat Linux•added 2026/01/06 12:47 a.m.•2 views

mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals

7.5CVSS5.8AI score0.00402EPSS

RedHat Linux•added 2026/01/06 12:47 a.m.•7 views

Important: Red Hat Security Advisory: mod_md security update

An update for modmd is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.1AI score0.00402EPSS

IBM Security Bulletins•added 2026/01/06 12:17 a.m.•5 views

Security Bulletin: IBM Event Processing is affected by multiple Vulnerabilities in IBM Operator for Apache Flink

Summary IBM Event Processing is affected by multiple Vulnerabilities in IBM Operator for Apache Flink 1.4.5 Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers...

7.5CVSS6AI score0.02164EPSS

Exploits1Affected Software1

Positive Technologies•added 2026/01/06 12:0 a.m.•4 views

PT-2026-2100

Name of the Vulnerable Software and Affected Versions Openclaw BlueBubbles affected versions not specified Apache HTTP Server affected versions not specified Description An authentication bypass exists due to loopback trust. The issue involves a cross-site request forgery. Recommendations At the...

5.2AI score

Positive Technologies•added 2026/01/06 12:0 a.m.•3 views

PT-2026-2096

CVE-2026-21746 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-21746 Published : Jan. 6, 2026, 4:15 a.m. | 1 hour, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

Positive Technologies•added 2026/01/06 12:0 a.m.•5 views

PT-2026-2097

CVE-2026-21747 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-21747 Published : Jan. 6, 2026, 4:15 a.m. | 1 hour, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Positive Technologies•added 2026/01/06 12:0 a.m.•2 views

PT-2026-2095

CVE-2026-21745 - Apache HTTP Server Denial of Service CVE ID : CVE-2026-21745 Published : Jan. 6, 2026, 4:15 a.m. | 1 hour, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Positive Technologies•added 2026/01/06 12:0 a.m.•5 views

PT-2026-2099

CVE-2026-21749 - Apache CSRF CVE ID : CVE-2026-21749 Published : Jan. 6, 2026, 4:15 a.m. | 1 hour, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Positive Technologies•added 2026/01/06 12:0 a.m.•6 views

PT-2026-2098

CVE-2026-21748 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-21748 Published : Jan. 6, 2026, 4:15 a.m. | 1 hour, 39 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...