CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/04/29 5:16 p.m.•2 views

UBUNTU-CVE-2026-6914

Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB Server v8.0 versions prior to 8.0.21, MongoDB Server v7.0 versions prior...

7.5CVSS5.8AI score0.00255EPSS

CVE•added 2026/04/29 4:47 p.m.•16 views

CVE-2026-6914

CVE-2026-6914 : The vulnerability arises from computing the MD5 checksum of a malformed BSON object, potentially causing loss of availability on MongoDB Server. Affected are all MongoDB Server v8.2, all v8.1, v8.0 prior to 8.0.21, and v7.0 prior to 7.0.32. The provided documents do not specify ex...

7.5CVSS5.2AI score0.00255EPSS

Exploits0References1Affected Software1

Packet Storm News•added 2026/04/29 12:0 a.m.•2 views

angr 9.2.213

angr is an open-source binary analysis platform for Python. It combines both static and dynamic symbolic "concolic" analysis, providing tools to solve a variety of tasks...

5.2AI score

Packet Storm News•added 2026/04/29 12:0 a.m.•4 views

Formulating Subgroup Discovery As a Quantum Optimization Problem for Network Security

While current network intrusion detection systems achieve satisfactory accuracy, they often lack explainability. Subgroup Discovery SD addresses this by building interpretable rules that characterize feature interactions associated with attack traffic. With large datasets, classical heuristic bea...

5.8AI score

CNNVD•added 2026/04/29 12:0 a.m.•10 views

MongoDB Server 数字错误漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a numerical error vulnerability in MongoDB Server, where the MD5 checks...

7.5CVSS5.8AI score0.00255EPSS

Exploits0References1

FreeBSD•added 2026/04/29 12:0 a.m.•12 views

MongoDB Server -- Multiple vulnerabilities

https://jira.mongodb.org/browse/SERVER-119981 reports: Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. An authorization flaw in the user management command could allow an authenticated user to make limited changes t...

7.5CVSS5.8AI score0.00255EPSS

Snyk•added 2026/04/28 9:0 p.m.•5 views

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution in crypto/algifaead.c. The authencesn cryptographic template has a 4-byte overwrite past the end of its buffer, which can be controlled to write into the page cache of any readable file. This allows a...

8.5CVSS7.5AI score0.96775EPSS

Exploits228References2

Cvelist•added 2026/04/28 1:13 p.m.•28 views

CVE-2026-40551 Use of Client-Side Authentication in mpGabinet

mpGabinet performs client-side authentication. An attacker with access to any application instance connected to the backend server can bypass the login verification process by manipulating the application binary and authenticate as an arbitrary user. This issue affects mpGabinet version 23.12.19...

8.4CVSS0.00132EPSS

ATTACKERKB•added 2026/04/28 1:13 p.m.•7 views

CVE-2026-40551

Vulnrichment•added 2026/04/28 1:13 p.m.•3 views

Exploits0References3

CVE-2026-40551 Use of Client-Side Authentication in mpGabinet

CVE•added 2026/04/28 1:13 p.m.•7 views

CVE-2026-40551

mpGabinet is affected by a vulnerability where client-side authentication can be bypassed. An attacker with access to any application instance connected to the backend can manipulate the application binary to authenticate as an arbitrary user, bypassing login verification. Affected versions are 2...

EUVD•added 2026/04/28 1:13 p.m.•4 views

EUVD-2026-26045

Microsoft Secure•added 2026/04/28 1:0 p.m.•8 views

Simplifying AWS defense with Microsoft Sentinel UEBA

In this article 1. Under the hood: The tables 2. Traditional vs. new approach 3. Real-world attack scenarios: Microsoft Sentinel UEBA in action 4. Practical implementation: Getting started 5. Limitations and constraints 6. From raw logs to behavioral context With the expansion of Microsoft Sentin...

5.9AI score

Microsoft Secure•added 2026/04/28 1:0 p.m.•9 views

Simplifying AWS defense with Microsoft Sentinel UEBA

5.9AI score

CNNVD•added 2026/04/28 12:0 a.m.•7 views

BinSoft mpGabinet 安全漏洞

BinSoft mpGabinet is a medical clinic management system developed by the Polish company BinSoft. Versions of BinSoft mpGabinet prior to December 23, 2019, contained security vulnerabilities. These vulnerabilities stemmed from the execution of client-side authentication processes, which could allo...

8.4CVSS6AI score0.00132EPSS

Exploits0References1

Positive Technologies•added 2026/04/28 12:0 a.m.•5 views

PT-2026-35721

Packet Storm News•added 2026/04/28 12:0 a.m.•2 views

Exploits0References3

Large Language Models As Explainable Cyberattack Detectors for Energy Industrial Control Systems

In modern energy systems, industrial control systems ICS and power-system SCADA require intrusion detection that is not only accurate but also auditable by operators. The ICS intrusion-detection landscape is currently dominated by established supervised detectors. In this paper, we study whether ...

5.3AI score