CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 5 hours ago•4 views

CVE-2026-48092

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain a heap memory disclosure via SquashFS fragment offset integer overflow on 32-bit builds. 32-bit integer overflow in the SquashFS ReadBlock function allows an attacker-controlled node.Offset value to bypass...

4.3CVSS

CVE•added 7 hours ago•6 views

CVE-2026-48092

7-Zip (versions 9.34–26.00) contains a heap memory disclosure via a SquashFS fragment offset integer overflow on 32-bit builds. A 32-bit integer overflow in the SquashFS ReadBlock function allows an attacker-controlled node.Offset to bypass the fragment bounds check, causing memcpy to read heap m...

Cvelist•added 7 hours ago•4 views

CVE-2026-48092 7-Zip SquashFS Fragment Offset Overflow (GHSL-2026-116)

4.3CVSS

EUVD•added 7 hours ago•3 views

EUVD-2026-34837

ATTACKERKB•added 7 hours ago•2 views

CVE-2026-48092

Exploits0References2Affected Software1

Positive Technologies•added 21 hours ago•6 views

PT-2026-46964

Tenable Nessus•added yesterday•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-46257

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - clocksource/drivers/timer-sp804: Fix an Oops when readcurrenttimer is called on ARM32 platforms where the SP804 is not registered as the schedclock. On SP804, t...

5.6AI score0.00018EPSS

RedHat Linux•added 2 days ago•8 views

libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling

A flaw was found in libexif. A local attacker on a 32-bit system could exploit an unsigned 32-bit integer overflow vulnerability in the Nikon MakerNote handling. This could lead to application crashes or the disclosure of sensitive information...

7.1CVSS5.8AI score0.00019EPSS

Exploits0References5

EUVD•added 4 days ago•7 views

EUVD-2026-33719

Nextcloud is an open source content collaboration platform. From versions 0.9.0 to before 0.9.7, and 1.0.0 to before 1.0.2, a missing sanitization in the Tables app allowed a user with access to the tables app to perform a limited SQL injection in the ORDER BY statement of a query. Compared to...

7.1CVSS5.8AI score0.00028EPSS

Exploits0References3

GithubExploit•added 4 days ago•61 views

Exploit for Integer Overflow to Buffer Overflow in Perl

CVE-2026-8376-Perl-Heap-Buffer-Overflow-PoC-Exploit Perl vers...

9.8CVSS6AI score0.00048EPSS

Exploits1

Positive Technologies•added 4 days ago•8 views

PT-2026-45510

FlexRIC v2.0.0 uses a uint16 t counter for xapp id assignment but stores the value in uint32 t message fields. After 65,530+ E42 SETUP REQUESTs, the 16-bit counter wraps around and produces duplicate xapp ids. The iApp port 36422 crashes when attempting to register a duplicate ID in its internal...

5.8AI score0.00105EPSS

Exploits1References3

NVD•added 2026/05/29 8:16 p.m.•8 views

CVE-2026-46384

iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, several Avro decoder paths read attacker-controlled 64-bit values from the wire format and either narrowed them to platform-sized int before bounds-checking, or summed them with overflow-prone signed-int arithmetic. On 32-bit targets...

8.7CVSS0.00055EPSS

RedhatCVE•added 2026/05/29 8:13 p.m.•11 views

CVE-2026-45787

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confidentiality and integrity failures for synced bookmark/profile data. Attackers can crack common...

9.1CVSS5.8AI score0.00008EPSS

Vulnrichment•added 2026/05/29 7:58 p.m.•10 views

CVE-2026-46384 iskorotkov/avro: Integer Overflow in Avro Decoder

8.7CVSS5.9AI score0.00055EPSS

CVE•added 2026/05/29 7:58 p.m.•9 views

CVE-2026-46384

CVE-2026-46384 affects iskorotkov/avro (Go) prior to v2.33.0. The root causes are integer overflow and narrowing in Avro decoding paths, including: ReadBlockHeader narrowing on 32-bit targets; cumulative size overflow in arrayDecoder.Decode / mapDecoder.Decode / mapDecoderUnmarshaler.Decode; MinI...

8.7CVSS5.9AI score0.00055EPSS

RustSec•added 2026/05/29 12:0 p.m.•8 views

Out-of-bounds writes due to integer overflow in jxl-grid on 32-bit platforms

On 32-bit platforms, decoding a crafted image may lead to out-of-bounds writes due to integer overflow in length calculation. This could allow arbitrary code execution. Details & PoC The test listed below fail under miri with command cargo +nightly miri test --release -p jxl-grid Or you can use...

6.2AI score

Exploits0Affected Software1

Tenable Nessus•added 2026/05/29 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-46195

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: validate dacloffset before building DACL pointers parsesecdesc, buildsecdesc, and the chown path in idmodetocifsacl all add the server-supplied...

9.8CVSS5.8AI score0.0006EPSS

Exploits0References3

Tenable Nessus•added 2026/05/29 12:0 a.m.•12 views

Linux Distros Unpatched Vulnerability : CVE-2026-46190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mtd: spi-nor: debugfs: fix out-of-bounds read in spinorparamsshow Sashiko noticed an out-of-bounds read 1. In spinorparamsshow, the snorfnames array is passed t...

7.1CVSS5.8AI score0.00013EPSS

Exploits0References3

EUVD•added 2026/05/28 5:17 p.m.•12 views

EUVD-2026-32959

6CVSS5.8AI score0.00008EPSS