CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/05/08 12:31 a.m.•8 views

EUVD-2026-28455

OSV•added 2026/05/08 12:31 a.m.•4 views

GHSA-MM7J-MHHJ-HJ36 OpenStack Cyborg uses rule:allow (check_str='@') as the default policy for multiple API endpoints

Github Security Blog•added 2026/05/08 12:31 a.m.•7 views

Exploits0References5

OpenStack Cyborg uses rule:allow (check_str='@') as the default policy for multiple API endpoints

Exploits0References5Affected Software1

UbuntuCve•added 2026/05/07 10:16 p.m.•6 views

CVE-2026-40213

7.4CVSS5.8AI score0.00206EPSS

Exploits0References4

Positive Technologies•added 2026/05/07 12:0 a.m.•11 views

PT-2026-38596

Name of the Vulnerable Software and Affected Versions OpenStack Cyborg versions prior to 16.0.1 Description Multiple API endpoints use rule:allow check str='@' as the default policy, which unconditionally authorizes any request containing a valid Keystone token. This occurs regardless of the user...

7.4CVSS5.6AI score0.00206EPSS

Exploits0References17

Cvelist•added 2026/05/07 12:0 a.m.•29 views

CVE-2026-40213

7.4CVSS0.00206EPSS

ATTACKERKB•added 2026/05/07 12:0 a.m.•7 views

CVE-2026-40213

Exploits0References3Affected Software1

Vulnrichment•added 2026/05/07 12:0 a.m.•9 views

CVE-2026-40213

Debian CVE•added 2026/05/07 12:0 a.m.•8 views

CVE-2026-40213

CNNVD•added 2026/03/20 12:0 a.m.•6 views

Exploits0

libde265 缓冲区错误漏洞

libde265 is a video codec developed by Struktur AG as open source. Versions of libde265 prior to 1.0.17 contained a buffer error vulnerability. This vulnerability arises from out-of-bounds heap writes when processing specially crafted HEVC bitstreams...

5.5CVSS6AI score0.00232EPSS

Exploits1References3

OSV•added 2026/02/19 8:25 p.m.•4 views

ALPINE-CVE-2026-26203

PJSIP is a free and open source multimedia communication library. Versions prior to 2.17 have a critical heap buffer underflow vulnerability in PJSIP's H.264 packetizer. The bug occurs when processing malformed H.264 bitstreams without NAL unit start codes, where the packetizer performs unchecked...

6.5CVSS5.7AI score0.00101EPSS

OSV•added 2026/02/19 8:25 p.m.•4 views

DEBIAN-CVE-2026-26203

6.5CVSS5.7AI score0.00101EPSS

UbuntuCve•added 2026/02/19 8:25 p.m.•4 views

CVE-2026-26203

6.5CVSS6AI score0.00101EPSS

OSV•added 2026/02/19 8:25 p.m.•1 views

UBUNTU-CVE-2026-26203

6.5CVSS6AI score0.00101EPSS

Exploits0References4

Cvelist•added 2026/02/19 7:28 p.m.•23 views

CVE-2026-26203 PJSIP's pjmedia-video has use-after-free in H264 packetizer when packetizing fragmented NAL

5.1CVSS0.00101EPSS

Exploits0References2

Debian CVE•added 2026/02/19 7:28 p.m.•3 views

CVE-2026-26203

6.5CVSS5.7AI score0.00101EPSS

Exploits0

Positive Technologies•added 2025/10/14 12:0 a.m.•7 views

PT-2025-42572

Name of the Vulnerable Software and Affected Versions Dolby UDC versions 4.5 through 4.13 Description An out-of-bounds write exists in the Dolby Unified Decoder UDC when processing malformed Dolby Digital Plus DD+ bitstreams. The issue occurs in the evo priv.c file during the processing of...

9.8CVSS7.8AI score0.01613EPSS

Exploits1References67

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-24749

Malicious code in bioql PyPI...

3.3CVSS6.6AI score0.00102EPSS

CNNVD•added 2025/02/04 12:0 a.m.•5 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Jan-2025 Release 1, which originates from an out-of-bounds read issue contained in the...

5.5CVSS6.4AI score0.00133EPSS