Lucene search
K

486609 matches found

RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.10 views

CVE-2026-34698

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.9 views

CVE-2026-34695

InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS6.2AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.8 views

CVE-2026-24180

NVIDIA DALI contains a vulnerability in a component where an attacker could cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead to code execution, data tampering, denial of service, and information disclosure...

7.3CVSS6AI score0.00154EPSS
Exploits0References1
OSV
OSV
added 2026/06/10 8:17 p.m.7 views

DEBIAN-CVE-2026-6893

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS6AI score0.01131EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 8:17 p.m.7 views

CVE-2026-46529

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

8.4CVSS0.00529EPSS
Exploits0References16
OSV
OSV
added 2026/06/10 8:17 p.m.3 views

UBUNTU-CVE-2026-6893

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS6.4AI score0.01131EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/06/10 8:9 p.m.7 views

kernel: netfilter: nf_tables: release flowtable after rcu grace period on error

A flaw was found in the Linux kernel's netfilter component, specifically within the nftables subsystem. An error in releasing a flowtable after an RCU Read-Copy-Update grace period could lead to a use-after-free vulnerability. This issue could expose the flowtable to the packet path and...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/10 7:49 p.m.9 views

CVE-2026-6893 Dracut: dracut: root code execution via dhcp options command injection

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS6AI score0.01131EPSS
Exploits0References6
CVE
CVE
added 2026/06/10 7:49 p.m.84 views

CVE-2026-6893

CVE-2026-6893 affects the dracut project, specifically the legacy DHCP path. A remote attacker on an adjacent network can trigger root code execution in the initramfs by sending specially crafted DHCP options (for example, a malicious hostname). The options are improperly handled and written into...

7.5CVSS6AI score0.01131EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/10 7:49 p.m.34 views

CVE-2026-6893 Dracut: dracut: root code execution via dhcp options command injection

A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP Dynamic Host Configuration Protocol options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and...

7.5CVSS0.01131EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/10 7:46 p.m.33 views

CVE-2026-46529 PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

8.4CVSS0.00529EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/10 7:46 p.m.8 views

EUVD-2026-36109

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

9.6CVSS8.2AI score0.0234EPSS
Exploits2References3
AlpineLinux
AlpineLinux
added 2026/06/10 7:46 p.m.13 views

CVE-2026-46529

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

8.4CVSS6.5AI score0.00529EPSS
Exploits0
CVE
CVE
added 2026/06/10 7:46 p.m.125 views

CVE-2026-46529

Technical details such as affected versions, impact, and remediation are not provided in the supplied documents; monitor for updates from official advisories.

8.4CVSS6.5AI score0.00529EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2026/06/10 7:46 p.m.8 views

CVE-2026-46529 PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

8.4CVSS6.4AI score0.00529EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/10 7:46 p.m.8 views

CVE-2026-46529

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...

8.4CVSS6.5AI score0.00529EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2026/06/10 7:33 p.m.11 views

Claude Code Action: Malicious MCP Server Configuration in PRs Enables Remote Code Execution and Secret Exfiltration

Due to the combination of checking out PR head branches attacker-controlled, reading .mcp.json from the working directory via default setting sources, and unconditionally enabling all project MCP servers via enableAllProjectMcpServers, it was possible for an attacker who opened a PR containing a...

6.3AI score0.00069EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/10 7:33 p.m.18 views

GHSA-8Q5R-MMJF-575Q Claude Code Action: Malicious MCP Server Configuration in PRs Enables Remote Code Execution and Secret Exfiltration

Due to the combination of checking out PR head branches attacker-controlled, reading .mcp.json from the working directory via default setting sources, and unconditionally enabling all project MCP servers via enableAllProjectMcpServers, it was possible for an attacker who opened a PR containing a...

5.3CVSS6.3AI score0.00069EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/10 6:46 p.m.12 views

Malicious code in chai-check-error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e290b42de2cbd4aa74afa6550fc9a0381dfcb0f6996dcdc22254268b391f9f8 [email protected] impersonates the legitimate chaijs/check-error utility copied README, author metadata, repository URL, and exported API surfac...

5.5AI score
Exploits0References5
OSV
OSV
added 2026/06/10 6:46 p.m.9 views

MAL-2026-5526 Malicious code in chai-check-error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e290b42de2cbd4aa74afa6550fc9a0381dfcb0f6996dcdc22254268b391f9f8 [email protected] impersonates the legitimate chaijs/check-error utility copied README, author metadata, repository URL, and exported API surfac...

5.6AI score
Exploits0References5
Rows per page
Query Builder