CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1035475 matches found

CVE-2026-12448

An inappropriate implementation flaw was found in the WebView component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513458233...

8.8CVSS5.8AI score0.00255EPSS

Exploits0References5

RedhatCVE•added last week•7 views

CVE-2026-12441

An use after free flaw was found in the File Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=520157118...

8.8CVSS5.8AI score0.00301EPSS

Exploits0References5

Cvelist•added last week•26 views

CVE-2026-11576

The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fxfileclose even when the file was never successfully opened. Multiple error branches jump to t...

7.5CVSS0.00263EPSS

Exploits0References1

RedHat Linux•added 2026/06/19 2:3 a.m.•7 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: dotnet9.0: aspnetcore-runtime-9.0-9.0.17-1.hum1 aarch64, x8664 aspnetcore-runtime-dbg-9.0-9.0.17-1.hum1 aarch64, x8664 aspnetcore-targeting-pack-9.0-9.0.17-1.hum1 aarch64, x8664...

7.5CVSS5.2AI score0.00473EPSS

Exploits1References3

AlmaLinux•added 2026/06/19 12:0 a.m.•5 views

Important: kernel-rt security, bug fix, and enhancement update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip...

9.8CVSS6.5AI score0.00353EPSS

Exploits0References18

OSV•added 2026/06/18 9:16 p.m.•6 views

DEBIAN-CVE-2026-45696

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

8.3CVSS6AI score0.00271EPSS

Exploits1References1

NVD•added 2026/06/18 6:16 p.m.•9 views

CVE-2026-48986

pamusb provides hardware authentication for Linux using removable media. In pamusb 0.9.1 and earlier, usbgetprocessparentid can cause an infinite loop DoS because it does not initialize ppid on failure. In pusblocallogin, the same variable is reused as input and output in a process-tree while loo...

4.7CVSS0.00104EPSS

Exploits0References2

EUVD•added 2026/06/18 6:1 p.m.•9 views

EUVD-2026-37928

A flaw in Node.js HTTP/2 server API can cause servers to keep accepting data even after sending a GOAWAY frame. This vulnerability affects two supported release lines: Node.js 22 and Node.js 24...

5.3CVSS5.4AI score0.00397EPSS

Exploits0References2

Wordfence Blog•added 2026/06/18 4:42 p.m.•7 views

Critical Unauthenticated Arbitrary File Deletion Vulnerability Patched in Avada Builder WordPress Plugin

On May 13th, 2026, we received a submission for a critical Unauthenticated Arbitrary File Deletion vulnerability in Avada Builder, a premium WordPress plugin with an estimated 1,000,000 active installations. This vulnerability makes it possible for unauthenticated attackers to delete arbitrary...

9.1CVSS6.6AI score0.01193EPSS

Exploits0

RedHat Linux•added 2026/06/18 4:11 p.m.•10 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.64 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.64 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

8.2CVSS6AI score0.03663EPSS

Exploits13References8

CVE•added 2026/06/18 4:5 p.m.•34 views

CVE-2026-55203

HAProxy

9.1CVSS5.6AI score0.00294EPSS

Exploits0References2Affected Software1

Debian CVE•added 2026/06/18 1:46 p.m.•8 views

CVE-2026-42487

HVM guest I/O port accesses are subject to either emulation or at least translation. Translations are managed by the device model via XENDOMCTLioportmapping, and hence the linked list used may changed at any time. Traversal of those lists while handling guest I/O port accesses therefore needs...

7.9CVSS5.2AI score0.00095EPSS

Exploits0

EUVD•added 2026/06/18 11:52 a.m.•10 views

EUVD-2026-37880

An authentication bypass vulnerability exists in the generic opaque token validation path validateOpaqueToken of googleapis/mcp-toolbox. When the toolbox validates an opaque token via an OAuth 2.0 introspection endpoint RFC 7662, it decodes the response into an introspectResp struct. However, the...

9.3CVSS5.4AI score0.00204EPSS

Exploits0References1

OSV•added 2026/06/18 10:10 a.m.•5 views

RHSA-2026:26994 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

Bulletin has no description...

7.5CVSS4.8AI score0.01176EPSS

Exploits1References20

OSV•added 2026/06/18 10:10 a.m.•4 views

RHSA-2026:26709 Red Hat Security Advisory: xorg-x11-server security, bug fix, and enhancement update

Bulletin has no description...

7.8CVSS4.8AI score0.00158EPSS

Exploits0References49