CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/03/20 9:22 p.m.•1 views

CVE-2026-30836

A flaw was found in Step CA, an online certificate authority. A remote attacker can exploit this vulnerability by sending an unauthenticated SCEP Simple Certificate Enrollment Protocol Update Request. This allows the attacker to issue unauthorized certificates, potentially leading to a compromise...

10CVSS5.8AI score0.00011EPSS

Exploits0References7

Vulnrichment•added 2026/03/19 8:37 p.m.•1 views

CVE-2026-30836 Step CA: Unauthenticated Certificate Issuance via SCEP UpdateReq (MessageType=18)

Step CA is an online certificate authority for secure, automated certificate management for DevOps. Versions 0.30.0-rc6 and below do not safeguard against unauthenticated certificate issuance through the SCEP UpdateReq. This issue has been fixed in version 0.30.0...

10CVSS5.7AI score0.00011EPSS

Exploits0References3

CNVD•added 2026/03/12 12:0 a.m.•2 views

Huawei HarmonyOS Certificate Management Module Data Handling Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A data handling vulnerability exists in the Huawei HarmonyOS certificate management module, which can be exploited by an attacker to compromise confidentiali...

CNVD•added 2026/03/12 12:0 a.m.•1 views

Exploits0References1

Huawei HarmonyOS Certificate Management Module Path Traversal Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A path traversal vulnerability exists in the Huawei HarmonyOS certificate management module, which can be exploited by an attacker to cause availability to b...

RedhatCVE•added 2026/03/06 2:37 p.m.•1 views

Exploits0

CVE-2026-28539

Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.2CVSS5.8AI score0.00005EPSS

Exploits0References1

RedhatCVE•added 2026/03/06 7:52 a.m.•1 views

CVE-2026-28538

Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability...

5.9CVSS5.8AI score0.00005EPSS

Exploits0References1

EUVD•added 2026/03/05 9:30 a.m.•2 views

EUVD-2026-9800

Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

EUVD•added 2026/03/05 9:30 a.m.•3 views

Exploits0References3

EUVD-2026-9799

Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability...

NVD•added 2026/03/05 8:15 a.m.•4 views

Exploits0References3

CVE-2026-28538

Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability...

5.9CVSS0.00005EPSS

OSV•added 2026/03/05 8:15 a.m.•0 views

CVE-2026-28538

Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability...

5.5CVSS5.8AI score

OSV•added 2026/03/05 8:15 a.m.•0 views

CVE-2026-28539

Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

5.5CVSS5.8AI score

NVD•added 2026/03/05 8:15 a.m.•2 views

CVE-2026-28539

Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.2CVSS0.00005EPSS

Vulnrichment•added 2026/03/05 7:52 a.m.•1 views

CVE-2026-28539

Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

ATTACKERKB•added 2026/03/05 7:52 a.m.•2 views

CVE-2026-28539

Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

Exploits0References3Affected Software1

Cvelist•added 2026/03/05 7:52 a.m.•25 views

CVE-2026-28539

Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

6.2CVSS0.00005EPSS

CVE•added 2026/03/05 7:52 a.m.•5 views

CVE-2026-28539

CVE-2026-28539 is a data processing vulnerability in the certificate management module. The vulnerability is assessed with CVSS 3.1 (MEDIUM, 6.2) with Local attack vector, Low attack complexity, no privileges required, and no user interaction, but Confidentiality impact is HIGH while Integrity an...

Exploits0References2Affected Software1

Vulnrichment•added 2026/03/05 7:51 a.m.•1 views

CVE-2026-28538

Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability...

ATTACKERKB•added 2026/03/05 7:51 a.m.•4 views

CVE-2026-28538

Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability...