CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 6 days ago•12 views

CVE-2026-8594

Summary: CVE-2026-8594 affects Text::LineFold (Perl) up to version 2019.001, which is part of the Unicode-LineBreak distribution. The issue arises because the line-breaking logic applies the break function to the entire input string, not just each segment, causing the full input to be duplicated ...

6.2CVSS5.8AI score0.00004EPSS

Exploits0References4

EUVD•added 6 days ago•17 views

EUVD-2026-33466

5.8AI score0.00004EPSS

Positive Technologies•added 6 days ago•9 views

PT-2026-45104

Name of the Vulnerable Software and Affected Versions Text::LineFold versions prior to 2019.002 Description Text::LineFold splits input strings into segments using specific line break characters, such as Vertical Tab VT and Form Feed FF. However, the break function is applied to the entire string...

6.2CVSS5.8AI score0.00004EPSS

Exploits0References9

SUSE CVE•added 2026/05/28 3:58 a.m.•11 views

SUSE CVE-2026-42789

Improper Following of a Certificate's Chain of Trust vulnerability in Erlang OTP publickey pubkeycert module allows a non-CA certificate to be accepted as an intermediate issuer, enabling certificate chain forgery. In lib/publickey/src/pubkeycert.erl, pubkeycert:validateextensions/7 contains two...

7CVSS5.9AI score0.00037EPSS

OSV•added 2026/05/27 8:42 p.m.•1 views

GHSA-QPMX-3RFJ-7RHV Symfony has Email Header / SMTP Command Injection via CRLF in Symfony\Component\Mime\Address

Description Symfony\Component\Mime\Address is the value-object every Symfony Mailer address to/cc/bcc/from/reply-to flows through; its constructor is documented as validating the address and throwing on invalid input, so developers treat it as a security boundary. The constructor accepts email...

7.1CVSS5.8AI score

Exploits0References6

GithubExploit•added 2026/05/23 11:37 p.m.•51 views

programming-for-penetration-testing-buffer-overflow-exploit

Buffer Overflow Exploit in Ruby Overview This project was...

6.1AI score

Exploits0

SUSE CVE•added 2026/05/22 2:19 a.m.•5 views

SUSE CVE-2026-44075

A missing break statement in DSI OpenSession processing in Netatalk 1.5.0 through 4.4.2 causes a DSIOPTATTNQUANT switch case to fall through into DSIOPTSERVQUANT, resulting in unintended session option handling that may allow a remote attacker to cause a minor service disruption via crafted DSI...

CVE•added 2026/05/21 8:14 a.m.•15 views

CVE-2026-44075

Netatalk versions 1.5.0–4.4.2 are affected by a missing break in DSI OpenSession processing. This causes DSIOPT_ATTNQUANT to fall through into DSIOPT_SERVQUANT, leading to unintended handling of session options. The result is a potential remote-induced minor service disruption through crafted DSI...

ATTACKERKB•added 2026/05/21 8:14 a.m.•6 views

Exploits0References1

CVE-2026-44075

Exploits0References2Affected Software1

AlpineLinux•added 2026/05/21 8:14 a.m.•6 views

CVE-2026-44075

CNNVD•added 2026/05/21 12:0 a.m.•6 views

Exploits0

Netatalk 安全漏洞

Netatalk is an open-source software developed by Netatalk Inc. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 1.5.0 to 4.4.2 of Netatalk contained security vulnerabilities. These vulnerabilities stemmed from the lack of a break...

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Prevent the connection from being released during the oplock break notification. The ksmbdwork object can be freed after the connection is released. Increase the value of rcount for ksmbdconn to indicate that the requests...

5.5CVSS6.2AI score0.00017EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•7 views

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: smb: Client: Fixed a potential Use-after-Free UAF in isvalidoplockbreak. Skipped sessions that are being torn down status == SESEXITING to avoid UAF...

7.8CVSS6.1AI score0.00013EPSS

SUSE CVE•added 2026/05/12 3:30 a.m.•6 views

SUSE CVE-2026-43379

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smblazyparentleasebreakclose opinfo pointer obtained via rcudereferencefp-fopinfo is being accessed after rcureadunlock has been called. This creates a race condition where the memory could be freed b...

9.8CVSS5.7AI score0.0006EPSS

Snyk•added 2026/05/11 2:53 p.m.•5 views

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input via the emission of non-finite color values in the content stream. An attacker can cause PDF viewers to reject the content stream, affected page, or entire document by supplying special...

5.3CVSS5.8AI score