CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 4 days ago•7 views

EUVD-2026-38121

4.8CVSS5.9AI score0.00165EPSS

Cvelist•added 4 days ago•28 views

CVE-2026-56294 capacitor-native-biometric - Authentication Bypass via Unvalidated CryptoObject in onAuthenticationSucceeded

4.8CVSS0.00165EPSS

CVE•added 4 days ago•16 views

CVE-2026-56294

The CVE-2026-56294 vulnerability affects capacitor-native-biometric (before 12.128.2). The onAuthenticationSucceeded() path fails to validate CryptoObject parameters, enabling an attacker to bypass biometric authentication by hooking the function via dynamic instrumentation. This can allow access...

4.8CVSS5.9AI score0.00165EPSS

Wired Threat Level•added 2026/06/10 10:0 a.m.•22 views

Soccer Fans, You’re Being Watched

From anti-drone tech to face recognition, 2026 World Cup stadiums in the US, Canada, and Mexico are subjecting fans to an array of surveillance tech. Here’s what you need to know...

5.5AI score

Malwarebytes•added 2026/06/09 1:57 p.m.•8 views

Meta’s face-recognition code raises new concerns about smart glasses

Meta’s smart glasses are once again at the center of a privacy debate due to face recognition. WIRED reports that Meta had quietly embedded unreleased face-recognition code, internally called “NameTag,” into its Meta AI companion app, which powers the company’s smart glasses. The code was not...

5.6AI score

Packet Storm News•added 2026/06/09 12:0 a.m.•13 views

On the Study of Biometric Spoofing Detection Using Deep Learning

Biometric systems are increasingly deployed in security applications; however, they remain vulnerable to spoofing attacks, in which attackers exploit counterfeit biometric data to gain unauthorized access. This research evaluates the effectiveness of state-of-the-art machine learning models,...

5.3AI score

Wired Threat Level•added 2026/06/04 5:28 p.m.•12 views

Meta Silently Added Face-Recognition Code for Its Smart Glasses to Millions of Phones

Code reviewed by WIRED uncovered an unreleased face-recognition system embedded in Meta’s smart glasses platform. It’s designed to identify people via biometric data stored on users’ phones...

5.8AI score

RedhatCVE•added 2026/05/28 8:12 p.m.•9 views

CVE-2025-68712

SpSoft AppLock com.sp.protector.free 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to consistently enforce...

5.5CVSS5.8AI score0.00136EPSS

NVD•added 2026/05/27 5:16 p.m.•15 views

CVE-2025-68712

5.5CVSS0.00136EPSS

Exploits0References3

CVE•added 2026/05/27 12:0 a.m.•13 views

CVE-2025-68712

SpSoft AppLock (com.sp.protector.free) v7.9.40 for Android is affected. A local attacker with physical access can bypass fingerprint/PIN due to a custom overlay that does not consistently enforce authentication. Cascading interface flows and exposed routes via ads or browser intents allow exiting...

5.5CVSS5.8AI score0.00136EPSS

Exploits0References3

ATTACKERKB•added 2026/05/27 12:0 a.m.•6 views

CVE-2025-68712

5.8AI score0.00136EPSS

Exploits0References4

Vulnrichment•added 2026/05/27 12:0 a.m.•7 views

CVE-2025-68712

5.8AI score0.00136EPSS

Exploits0References3

Malwarebytes•added 2026/05/19 3:56 p.m.•10 views

Biometrics, diagnoses, and bank details exposed in major healthcare breach

NYC Health + Hospitals NYC H+H posted a data breach notice about a months‑long breach via a third‑party vendor that exposed highly sensitive patient and employee data for at least 1.8 million people, including medical records, government IDs, geolocation data, and even fingerprint and palm‑print...

5.7AI score

Malwarebytes•added 2026/05/19 10:51 a.m.•12 views

YouTube wants your face to fight deepfakes

If you're worried about deepfake likenesses of yourself showing up online, you're not alone; YouTube is worried for you. It wants to protect you by having you upload a selfie video and government ID to its site. The idea is that the video giant will use its own AI to patrol the service for fake...

5.7AI score

Talos Blog•added 2026/05/13 10:0 a.m.•6 views

Breaking things to keep them safe with Philippe Laulheret

In the latest Humans of Talos, Amy sits down with Senior Vulnerability Researcher Philippe Laulheret to demystify the world of ethical hacking. Philippe shares his unique journey from French engineering school to the front lines of cybersecurity, explaining how his lifelong love for solving puzzl...

5.9AI score

CNNVD•added 2026/04/17 12:0 a.m.•7 views

Anviz CX7和Anviz CX2 Lite 安全漏洞

Both Anviz CX7 and Anviz CX2 Lite are products of the American company Anviz. The Anviz CX7 is a smart terminal device integrated with biometric identification and access control functions. The Anviz CX2 Lite is also a smart terminal device that integrates face recognition and access control...

8.8CVSS6.3AI score0.00301EPSS

RedhatCVE•added 2026/04/15 7:24 p.m.•1 views

CVE-2026-32088

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Biometric Service allows an unauthorized attacker to bypass a security feature with a physical attack...

6.1CVSS6AI score0.00193EPSS

EUVD•added 2026/04/14 6:30 p.m.•2 views

EUVD-2026-22524

6.1CVSS5.9AI score0.00193EPSS

NVD•added 2026/04/14 6:17 p.m.•2 views

CVE-2026-32088

6.1CVSS0.00193EPSS