CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/05/27 8:19 p.m.•8 views

CVE-2026-44710

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/device.c passed the return values of udisksdrivegetserial, udisksdrivegetvendor, and udisksdrivegetmodel directly to strcmp without NULL checks. The GIO/UDisks API documentation states these...

4.6CVSS5.8AI score0.00038EPSS

Exploits0References2Affected Software1

HackRead•added 2026/05/27 8:0 p.m.•8 views

Can Big Data Predict Market Movements Accurately?

Can Big Data predict markets? Learn how AI, investor behavior, and digital signals shape modern forecasting across stocks and crypto trends...

OSSF Malicious Packages•added 2026/05/27 7:15 p.m.•13 views

Malicious code in @polka-ui/config (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 662c2a1b8ad5d264ec01b078f95c130c96398305ba009a2c2de33cc9d7db7486 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD•added 2026/05/27 4:50 p.m.•6 views

EUVD-2026-32586

Budibase is an open-source low-code platform. Prior to 3.35.10, the Plugin URL upload endpoint POST /api/plugin validates the submitted URL with a single substring check: url.includes".tar.gz". Any URL containing .tar.gz anywhere in the string — in the path, query string, or fragment — passes thi...

7.7CVSS5.8AI score0.00032EPSS

The Hacker News•added 2026/05/27 3:44 p.m.•23 views

Malicious npm Package Stole Files From Claude AI User Directory via GitHub

Cybersecurity researchers have discovered a new malicious package on the npm registry that comes with information stealing capabilities. According to OX Security, the package, named "mouse5212-super-formatter," is designed to upload files from "/mnt/user-data," a dedicated directory used by...

5.9AI score

OSV•added 2026/05/27 2:17 p.m.•3 views

UBUNTU-CVE-2026-46080

In the Linux kernel, the following vulnerability has been resolved: ocfs2: split transactions in dio completion to avoid credit exhaustion During ocfs2 dio operations, JBD2 may report warnings via following call trace: ocfs2dioendiowrite ocfs2markextentwritten ocfs2changeextentflag ocfs2splitexte...

5.7AI score0.00032EPSS

Exploits0References3

CVE•added 2026/05/27 2:13 p.m.•15 views

CVE-2026-48918

Technical details about CVE-2026-48918 are not publicly available in the provided documents; monitor for updates from official advisories (e.g., Jenkins security notices) for new information.

6.6CVSS5.8AI score0.00255EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/05/27 12:59 p.m.•8 views

CVE-2026-46101

In the Linux kernel, the following vulnerability has been resolved: netfilter: reject zero shift in nftbitwise Reject zero shift operands for nftbitwise left and right shift expressions during initialization. The carry propagation logic computes the carry from the adjacent 32-bit word using...

5.8AI score0.00032EPSS

Exploits0References9Affected Software1

EUVD•added 2026/05/27 12:59 p.m.•8 views

EUVD-2026-32484

5.8AI score0.00032EPSS

Exploits0References5

EUVD•added 2026/05/27 12:58 p.m.•8 views

EUVD-2026-32458

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL, nestedsvml2tlbflushenabled is true, and the hypercall is something...

5.8AI score0.00013EPSS

Exploits0References4

Cvelist•added 2026/05/27 12:17 p.m.•35 views

CVE-2026-45896 mtd: intel-dg: Fix accessing regions before setting nregions

In the Linux kernel, the following vulnerability has been resolved: mtd: intel-dg: Fix accessing regions before setting nregions The regions array is counted by nregions, but it's set only after accessing it: UBSAN: array-index-out-of-bounds in drivers/mtd/devices/mtdinteldg.c:750:15 index 0 is o...

0.00022EPSS

Exploits0References3

OSV•added 2026/05/27 4:45 a.m.•5 views

MAL-2026-4830 Malicious code in editorial-code (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d7404afc131a113ef01d7eb896439a8719bb0f1b8d67e491d53321fdd5981e97 The OpenSSF Package Analysis project identified 'editorial-code' @ 99.0.1 npm as malicious. It is considered malicious because: - The package...

OSV•added 2026/05/27 4:35 a.m.•6 views

MAL-2026-4832 Malicious code in mse-authentication (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a953627a77037de50d82384daca1d98d101c4c09b315ab91fd597a43557fbd99 The OpenSSF Package Analysis project identified 'mse-authentication' @ 99.0.1 npm as malicious. It is considered malicious because: - The packag...

OSSF Malicious Packages•added 2026/05/27 4:35 a.m.•8 views

Malicious code in mse-authentication (npm)

CNNVD•added 2026/05/27 12:0 a.m.•5 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the svmcopylbrs function in KVM nSVM, where the VMCBLBR bit is cleared in vmcb12, potentially leading t...

5.8AI score0.00022EPSS

Exploits0References3

CNNVD•added 2026/05/27 12:0 a.m.•4 views

pam_usb 代码问题漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 have code vulnerabilities. This vulnerability stems from the fact that in src/device.c, the return values of udisksdrivegetserial, udisksdrivegetvendo...

4.6CVSS5.9AI score0.00038EPSS

CNNVD•added 2026/05/27 12:0 a.m.•8 views

LangSmith Client SDKs 代码问题漏洞

LangSmith Client SDKs are a developer toolkit open-sourced by LangChain. Versions of LangSmith Client SDKs prior to 0.8.0 and JS/TS versions prior to 0.6.0 have code vulnerabilities. This vulnerability stems from the lack of differentiation between public prompts and internal organization-specifi...

7.1CVSS5.9AI score0.00036EPSS