CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 5 days ago•11 views

CVE-2026-55200

An out-of-bounds write vulnerability exists in the libssh2 client. A remote attacker can exploit this by sending a specially crafted SSH packet with an abnormally large length value. This corrupts the application's memory and can potentially allow the attacker to execute arbitrary code on the...

9.8CVSS6.3AI score0.00922EPSS

Exploits1References6

CVE•added 5 days ago•7 views

CVE-2026-48491

CVE-2026-48491 (Traefik) describes a high-severity vulnerability in Traefik 3.7.0–3.7.3 where SNICheck ignores wildcard TLSOptions mappings. An unauthenticated client can complete a TLS handshake with a permissive SNI on the same entrypoint and then send a Host header targeting a wildcard-protect...

10CVSS5.9AI score0.00216EPSS

Exploits1References2Affected Software1

4.2CVSS5.8AI score0.00149EPSS

DEBIAN-CVE-2026-52846

Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, Caddy’s stripHTML template function cannot reliably remove all HTML tags from input strings. Certain malformed HTML, such as img src=x onerror=alert, can bypass the tag-stripping logic, potentially leaving dangerous...

NVD•added 5 days ago•8 views

CVE-2026-52846

4.2CVSS0.00149EPSS

Cvelist•added 5 days ago•32 views

CVE-2026-52846 Caddy: stripHTML template function bypass

4.2CVSS0.00149EPSS

4.3CVSS5.2AI score0.00419EPSS

ROOT-APP-MAVEN-CVE-2026-33227 CVE-2026-33227 in io.root.org.apache.activemq:activemq-client - Patched by Root

Root has patched CVE-2026-33227 in the io.root.org.apache.activemq:activemq-client package for Root:Maven. Multiple fixed versions available...

OSV•added 5 days ago•15 views

ROOT-APP-MAVEN-CVE-2026-39304 CVE-2026-39304 in io.root.org.apache.activemq:activemq-client - Patched by Root

Root has patched CVE-2026-39304 in the io.root.org.apache.activemq:activemq-client package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00683EPSS

Cvelist•added 5 days ago•31 views

CVE-2026-56968

GNU SASL before 2.2.4 lacks sanitization of a short challenge in gsaslntlmclientstep in the NTLM client, which could result in memory disclosure via a crafted server...

3.7CVSS0.0023EPSS

Exploits0References4

Debian CVE•added 5 days ago•5 views

CVE-2026-56968

GNU SASL before 2.2.4 lacks sanitization of a short challenge in gsaslntlmclientstep in the NTLM client, which could result in memory disclosure via a crafted server...

3.7CVSS5.8AI score0.0023EPSS

EUVD•added 5 days ago•5 views

EUVD-2026-38506

A missing sanitisation of user input in the zone-include.php script of Revive Adserver 6.0.6 and earlier. A low‑privileged user could exploit the clientid parameter to perform blind SQL injection attacks. Input sanitisation has been improved to ensure that all parameters processed by the script a...

8.3CVSS6.6AI score0.00285EPSS

Exploits1References1

Debian CVE•added 5 days ago•5 views

CVE-2026-56117

dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabled. Attackers can connect to the control socket...

5.7CVSS5.9AI score0.00093EPSS

EUVD•added 5 days ago•6 views

EUVD-2026-38496

dhcpcd through 10.3.2, fixed in commit 708b4a5, contains a memory leak vulnerability in the IPv6 Router Advertisement route information handling that allows an unauthenticated same-link attacker to cause denial of service by sending crafted Router Advertisements. Attackers can repeatedly send...

7.1CVSS5.8AI score0.00187EPSS

Cvelist•added 5 days ago•32 views

CVE-2026-56116 dhcpcd Memory Leak DoS via IPv6 Router Advertisement Handling

7.1CVSS0.00187EPSS

EUVD•added 5 days ago•5 views

EUVD-2026-38457

Guzzle is an extensible PHP HTTP client. Prior to 7.12.1, CookieJar incorrectly accepts cookies with a dot-only Domain attribute and whitespace-padded variants. SetCookie::matchesDomain removes leading dots from the cookie domain, normalizing dot-only values to the empty string; SetCookie::valida...

5.8CVSS5.9AI score0.00111EPSS

JLSEC-2026-616 HTTP/1 client request smuggling via CR/LF in method, target, or host in HTTP.jl

Description The HTTP/1 client serialized request.method and request.target and, in forward-proxy absolute-form, the host verbatim onto the wire with no CR/LF/CTL filtering; the only target validator was wired solely into the server parse path. A caller passing an attacker-influenced URL or method...

6AI score

JLSEC-2026-624 HTTP/2 client HPACK desynchronization via header blocks for unknown streams in HTTP.jl

Description The HTTP/2 client's processincomingframe! dropped HEADERS/CONTINUATION frames for stream ids absent from conn.streams without passing the header block through the connection's HPACK decoder. Because HPACK's dynamic table is connection-scoped and mutated as a side effect of decoding ea...

5.9AI score

RedHat Linux•added 5 days ago•5 views

urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

A flaw was found in urllib3, an HTTP client library for Python. This vulnerability allows a remote attacker to cause excessive resource consumption, such as high CPU usage and massive memory allocation, on the client side. This occurs when urllib3 attempts to decompress an entire HTTP response,...

8.9CVSS5.9AI score0.00388EPSS

Exploits0References5

NVD•added 5 days ago•13 views

CVE-2026-55655

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...

6.1CVSS0.00082EPSS