CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/03/17 6:49 a.m.•7 views

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...

8.4CVSS5.7AI score0.00526EPSS

Exploits1References5

Tenable Nessus•added 2026/03/17 12:0 a.m.•2 views

EulerOS Virtualization 2.12.0 : bind (EulerOS-SA-2026-1474)

Tenable Nessus•added 2026/03/17 12:0 a.m.•4 views

EulerOS Virtualization 2.12.1 : dhcp (EulerOS-SA-2026-1422)

According to the versions of the dhcp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into...

Tenable Nessus•added 2026/03/17 12:0 a.m.•5 views

EulerOS Virtualization 2.12.1 : bind (EulerOS-SA-2026-1417)

OpenVAS•added 2026/03/17 12:0 a.m.•5 views

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2026-1570)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenVAS•added 2026/03/17 12:0 a.m.•5 views

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2026-1598)

OSSF Malicious Packages•added 2026/03/16 12:0 a.m.•5 views

Malicious code in syntax-function-bind (npm)

The package 'syntax-function-bind' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score

OSSF Malicious Packages•added 2026/03/16 12:0 a.m.•5 views

Malicious code in transform-function-bind (npm)

The package 'transform-function-bind' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score

Tenable Nessus•added 2026/03/16 12:0 a.m.•6 views

EulerOS 2.0 SP12 : dhcp (EulerOS-SA-2026-1356)

According to the versions of the dhcp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an attacker to inject forged data into the cache. This...

Tenable Nessus•added 2026/03/16 12:0 a.m.•3 views

EulerOS 2.0 SP11 : bind (EulerOS-SA-2026-1598)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the...

Tenable Nessus•added 2026/03/16 12:0 a.m.•3 views

EulerOS 2.0 SP11 : bind (EulerOS-SA-2026-1570)

Tenable Nessus•added 2026/03/16 12:0 a.m.•6 views

EulerOS 2.0 SP12 : dhcp (EulerOS-SA-2026-1387)

OpenVAS•added 2026/03/16 12:0 a.m.•2 views

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2026-1417)

OpenVAS•added 2026/03/16 12:0 a.m.•5 views

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2026-1474)

OSV•added 2026/03/16 12:0 a.m.•3 views

MAL-2026-1567 Malicious code in transform-function-bind (npm)

5.6AI score

OSV•added 2026/03/16 12:0 a.m.•5 views

MAL-2026-1551 Malicious code in syntax-function-bind (npm)

5.6AI score