CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1085582 matches found

OSV•added 2026/06/17 4:37 p.m.•5 views

MAL-2026-6068 Malicious code in swift-parse-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ab8561c6c561b045d817d4fab3aa0754ce7cd767a3c5ec07b95151dda6b92c8 swift-parse-stream advertises itself as an SVG sanitizer/minifier but ships an undocumented getPlugin export in index.js that, when invoked, performs...

6.5AI score

Exploits0References3

OSSF Malicious Packages•added 2026/06/17 4:37 p.m.•6 views

Malicious code in quirky-token (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b263413912feb72882ee0b52e7025c636ed98472ba90e6db4714b3b111b4e2e8 The package is advertised as an SVG sanitizer but exposes an undocumented getPlugin export whose returned function fetches JSON from...

6AI score

Exploits0References4

OSV•added 2026/06/17 4:37 p.m.•6 views

MAL-2026-6066 Malicious code in quirky-token (npm)

6AI score

Exploits0References4

OSV•added 2026/06/17 4:23 p.m.•6 views

MINI-3RQP-FPC4-6CQ4

Bulletin has no description...

6.5CVSS5AI score0.00103EPSS

Exploits0

OSV•added 2026/06/17 4:23 p.m.•4 views

MINI-HHF9-42WC-2657

Bulletin has no description...

7CVSS5AI score0.00216EPSS

Exploits0

OSV•added 2026/06/17 4:22 p.m.•3 views

MINI-XQMJ-VWC5-7H5J

Bulletin has no description...

5.1CVSS5AI score0.00117EPSS

Exploits0

OSV•added 2026/06/17 4:22 p.m.•3 views

MINI-Q4QV-CQW5-C9W2

Bulletin has no description...

4.8CVSS5AI score0.00114EPSS

Exploits0

Cvelist•added 2026/06/17 4:17 p.m.•20 views

CVE-2026-20220 Cisco Crosswork Network Controller Remote Code Execution Vulnerability

A vulnerability in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to insufficient input validation in the configuration template engine of the...

6.3CVSS0.00253EPSS

Exploits0References1

CVE•added 2026/06/17 4:17 p.m.•19 views

CVE-2026-20220

Cisco CVE-2026-20220 affects the web-based management interface of Cisco Crosswork Network Controller. The root cause is insufficient input validation in the configuration template engine. An authenticated attacker with write permissions to a template user can send crafted requests to execute arb...

6.3CVSS6.2AI score0.00253EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/06/17 4:16 p.m.•23 views

CVE-2026-20181 Cisco Identity Services Engine Remote Code Execution Vulnerability

A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...

9.1CVSS0.00748EPSS

Exploits0References1

CVE•added 2026/06/17 4:16 p.m.•58 views

CVE-2026-20181

Cisco ISE/ISE-PIC in Cisco IOS XE is affected by CVE-2026-20181. The CVE entry describes authenticated remote command execution via crafted HTTP input with privilege escalation to root and potential DoS in single-node deployments. Connected PT-security material (PT-2026-34270) references a separa...

9.1CVSS5.9AI score0.00748EPSS

Exploits0References1Affected Software1

OSV•added 2026/06/17 4:12 p.m.•3 views

MINI-C92J-XQ3P-P2RH

Bulletin has no description...

10CVSS4.9AI score0.00218EPSS

Exploits0

Cisco•added 2026/06/17 4:0 p.m.•8 views

Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow a remote attacker to achieve remote code execution or conduct information disclosure attacks on an affected device. For more information about these vulnerabilities, see the...

9.1CVSS6.3AI score0.00748EPSS

Exploits0References1

RedHat Linux•added 2026/06/17 3:44 p.m.•8 views

firefox: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been...

8.8CVSS5.8AI score0.00332EPSS

Exploits0References6

RedHat Linux•added 2026/06/17 3:44 p.m.•7 views

firefox: Memory safety bugs fixed in Firefox ESR 115.36, Firefox ESR 140.11 and Firefox 151

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.35, Firefox ESR 140.10 and Firefox 150. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these...

8.8CVSS5.8AI score0.00343EPSS

Exploits0References6

OSV•added 2026/06/17 3:37 p.m.•5 views

USN-8442-1 kitty vulnerabilities

It was discovered that kitty incorrectly handled certain image data. An attacker able to write to the terminal's input could possibly use this issue to cause kitty to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2026-33633 It was discovered that kitty incorrect...

9.9CVSS6AI score0.00367EPSS

Exploits2References3

RedHat Linux•added 2026/06/17 3:24 p.m.•7 views

firefox: Memory safety bugs fixed in Firefox ESR 140.11 and Firefox 151

8.8CVSS5.8AI score0.00332EPSS

Exploits0References6

OSV•added 2026/06/17 3:20 p.m.•5 views

CGA-RW78-F2MF-MH53

Bulletin has no description...

5.9CVSS5AI score0.00292EPSS

Exploits0

OSV•added 2026/06/17 3:20 p.m.•4 views