CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/01/27 9:15 a.m.•3 views

CVE-2026-24794

9.2CVSS0.00082EPSS

EUVD•added 2026/01/27 8:21 a.m.•1 views

EUVD-2026-4718

Cvelist•added 2026/01/27 8:21 a.m.•29 views

CVE-2026-24794 Chunk Unloading Security Vulnerability in CardboardPowered/cardboard

9.2CVSS0.00082EPSS

CVE•added 2026/01/27 8:21 a.m.•11 views

CVE-2026-24794

CVE-2026-24794 affects CardboardPowered/cardboard, specifically the WorldImpl.Java components. It is described as Improper Restriction of Operations within the Bounds of a Memory Buffer and is noted to affect cardboard versions before 1.21.4. The CVSS metrics indicate a CRITICAL base score of 9.2...

Vulnrichment•added 2026/01/27 8:21 a.m.•0 views

CVE-2026-24794 Chunk Unloading Security Vulnerability in CardboardPowered/cardboard

Positive Technologies•added 2026/01/27 12:0 a.m.•3 views

PT-2026-4863

CNNVD•added 2026/01/27 12:0 a.m.•1 views

Cardboard security vulnerabilities

Cardboard is an open-source module development interface created by Bukkit for Fabric. Versions of cardboard prior to 1.21.4 contained security vulnerabilities. These vulnerabilities stemmed from improper restrictions on memory buffer operations, which could allow vulnerabilities in the program...

Snyk•added 2025/10/29 10:46 p.m.•1 views

Malicious Package

Overview iot-cardboard-js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score

OSSF Malicious Packages•added 2025/10/29 10:46 p.m.•2 views

Malicious code in iot-cardboard-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 55bbfa86675a8cd534e3602af7ba1fb1f55c45cf15c8090af9ef87542d107c2e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score

EUVD•added 2025/10/29 10:46 p.m.•1 views

EUVD-2025-36850

Malicious code in iot-cardboard-js npm...

6.6AI score

OSV•added 2025/10/29 10:46 p.m.•1 views

MAL-2025-49012 Malicious code in iot-cardboard-js (npm)

6.8AI score

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2001-1561

Malware in sbrugna...

7.5CVSS6.4AI score0.00945EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-10824

Malware in sbrugna...

5.3CVSS5.5AI score0.00048EPSS

Openbugbounty•added 2020/11/04 12:58 p.m.•9 views

cheap-cardboard-boxes.co.uk Cross Site Scripting vulnerability OBB-1482603

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0

CNVD•added 2018/11/12 12:0 a.m.•1 views

Google Cardboard Information Disclosure Vulnerability

Google Cardboard application is a VR application from Google USA. A security vulnerability exists in version 1.8 of the Google Cardboard application for the Android platform and version 1.2 for the iOS platform. An attacker can exploit the vulnerability to obtain sensitive information...

5.3CVSS5.3AI score0.00048EPSS

NVD•added 2018/11/08 8:29 a.m.•10 views

CVE-2018-19111

The Google Cardboard application 1.8 for Android and 1.2 for iOS sends potentially private cleartext information to the Unity 3D Stats web site, as demonstrated by device make, model, and OS...

5.3CVSS5AI score0.00048EPSS

OSV•added 2018/11/08 8:29 a.m.•0 views

CVE-2018-19111

The Google Cardboard application 1.8 for Android and 1.2 for iOS sends potentially private cleartext information to the Unity 3D Stats web site, as demonstrated by device make, model, and OS...

5.3CVSS5.8AI score