CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/12 6:16 p.m.•8 views

CVE-2026-31239

The mamba language model framework thru 2.2.6 is vulnerable to insecure deserialization CWE-502 when loading pre-trained models from HuggingFace Hub. The MambaLMHeadModel.frompretrained method uses torch.load to load the pytorchmodel.bin weight file without enabling the security-restrictive...

9.8CVSS0.00409EPSS

OSV•added 2026/05/12 6:16 p.m.•7 views

DEBIAN-CVE-2026-31236

The llm CLI tool thru 0.27.1 contains a critical code injection vulnerability via its --functions command-line argument. This argument is intended to allow users to provide custom Python function definitions. However, the tool directly executes the provided code using the unsafe exec function...

9.8CVSS6.3AI score0.00508EPSS

ATTACKERKB•added 2026/05/12 6:13 p.m.•5 views

CVE-2026-34682

Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Cvelist•added 2026/05/12 6:13 p.m.•32 views

CVE-2026-34682 Substance3D - Designer | Out-of-bounds Write (CWE-787)

7.8CVSS0.00148EPSS

CVE•added 2026/05/12 6:13 p.m.•16 views

CVE-2026-34682

CVE-2026-34682 affects Substance3D Designer

Vulnrichment•added 2026/05/12 6:13 p.m.•8 views

CVE-2026-34684 Substance3D - Designer | Out-of-bounds Write (CWE-787)

7.8CVSS6.3AI score0.00149EPSS

Vulnrichment•added 2026/05/12 6:13 p.m.•7 views

CVE-2026-34681 Substance3D - Designer | Out-of-bounds Write (CWE-787)

CVE•added 2026/05/12 6:13 p.m.•15 views

CVE-2026-34681

CVE-2026-34681 affects Substance3D Designer up to version 15.1.0. The issue is an out-of-bounds write (CWE-787) that could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction; a victim must open a malicious file. No remediation details are p...

CVE•added 2026/05/12 6:13 p.m.•12 views

CVE-2026-34684

Substance3D Designer before or equal to v15.1.0 is affected by an out-of-bounds write (CWE-787) that can lead to arbitrary code execution in the current user context. The vulnerability arises from an out-of-bounds write condition and requires user interaction (the victim must open a malicious fil...

7.8CVSS6.3AI score0.00149EPSS

CVE•added 2026/05/12 6:13 p.m.•18 views

CVE-2026-34683

CVE-2026-34683 affects Substance3D Designer up to version 15.1.0. The issue is an out-of-bounds write (CWE-787) that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious file. The connected documents provid...

7.8CVSS6.3AI score0.00149EPSS

ATTACKERKB•added 2026/05/12 6:13 p.m.•4 views

CVE-2026-34683

5.5CVSS6.3AI score0.00149EPSS

Cvelist•added 2026/05/12 6:13 p.m.•31 views

CVE-2026-34683 Substance3D - Designer | Out-of-bounds Write (CWE-787)

7.8CVSS0.00149EPSS

NCSC•added 2026/05/12 5:53 p.m.•9 views

vulnerabilities handled in Microsoft Developer Tools

Microsoft has addressed vulnerabilities in various Developer Tools. A malicious individual could exploit these vulnerabilities to carry out attacks that can cause the following types of damage: - Denial-of-Service DoS attacks - Bypass of security measures - Execution of arbitrary code user rights...

10CVSS6.2AI score0.01177EPSS

Exploits0

CVE•added 2026/05/12 5:49 p.m.•15 views

CVE-2026-34687

CVE-2026-34687 affects Adobe Illustrator versions 29.8.6, 30.3 and earlier. It is a heap-based buffer overflow vulnerability that could allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: the victim must open a malicious file. The connected d...

7.8CVSS6.3AI score0.00174EPSS

CVE•added 2026/05/12 5:42 p.m.•16 views

CVE-2026-34676

Affected product : Substance3D Painter; versions 12.0.2 and earlier. Vulnerability : out-of-bounds write (CWE-787) that can lead to arbitrary code execution in the context of the current user. Impact : arbitrary code execution if exploited. Conditions : exploitation requires user interaction; a v...

7.8CVSS6.3AI score0.00138EPSS

Cvelist•added 2026/05/12 5:42 p.m.•30 views

CVE-2026-34676 Substance3D - Painter | Out-of-bounds Write (CWE-787)

Substance3D - Painter versions 12.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00138EPSS

Vulnrichment•added 2026/05/12 5:42 p.m.•9 views

CVE-2026-34676 Substance3D - Painter | Out-of-bounds Write (CWE-787)

7.8CVSS6.3AI score0.00138EPSS

Vulnrichment•added 2026/05/12 5:19 p.m.•8 views

CVE-2026-34643 After Effects | Out-of-bounds Write (CWE-787)

After Effects versions 26.0, 25.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Vulnrichment•added 2026/05/12 5:16 p.m.•7 views

CVE-2026-34640 Media Encoder | Integer Overflow or Wraparound (CWE-190)

Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.3AI score0.0017EPSS