CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1084439 matches found

CVE-2025-71365 picklescan - Arbitrary Code Execution via numpy.f2py.crackfortran.myeval Detection Bypass

picklescan before 0.0.33 fails to detect malicious pickle files that invoke numpy.f2py.crackfortran.myeval function through the reduce method. Attackers can craft malicious pickle files embedding arbitrary code that evades picklescan detection and executes remote code when loaded...

8.1CVSS

Exploits0References2

EUVD•added 11 hours ago•5 views

EUVD-2025-210306

8.1CVSS6.3AI score

Exploits0References2

EUVD•added 11 hours ago•6 views

EUVD-2025-210305

picklescan before 0.0.29 fails to detect the profile.Profile.runctx function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious pickle files using profile.Profile.runctx in the reduce method to achieve remote code execution whe...

8.1CVSS6.5AI score

Exploits0References2

CVE•added 11 hours ago•6 views

CVE-2026-10711

CVE-2026-10711 affects AKIN Software’s CafePlus (CafePlus product) and is described as a missing authentication for a critical function vulnerability that allows accessing functionality not properly constrained by ACLs. The CVE entry notes impact on CafePlus versions from 12.05.03 prior to 12.05....

8.8CVSS5.9AI score

Exploits0References1

Cvelist•added 11 hours ago•6 views

CVE-2026-10711 RCE in Akınsoft's CafePlus

Missing authentication for critical function vulnerability in AKIN Software Computer Import Export Industry and Trade Ltd. CafePlus allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects CafePlus: from 12.05.03 before 12.05.04...

8.8CVSS

Exploits0References1

CVE•added 11 hours ago•6 views

CVE-2026-44089

CVE-2026-44089 concerns Totolink EX1200L router. A buffer overflow in the login function of the CGI endpoint cgi-bin/cstecgi.cgi could allow remote code execution and a root-level impact, including reading/editing data and potentially bricking the device. The vulnerability has been confirmed only...

9.4CVSS5.9AI score

Exploits0References2

Cvelist•added 11 hours ago•6 views

CVE-2026-44089 Buffer Overflow in Totolink EX1200L router

Totolink EX1200L router is vulnerable to Buffer Overflow in the login functionality in cgi-bin/cstecgi.cgi endpoint. This vulnerability could be exploited to cause the program to crash and to execute code remotely. This allows the attacker to perform actions as root including reading and editing...

9.4CVSS

Exploits0References2

EUVD•added 11 hours ago•6 views

EUVD-2026-38425

9.4CVSS5.9AI score

Exploits0References2

RedHat Linux•added 12 hours ago•5 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.2AI score0.004EPSS

Exploits0References5

OSV•added 13 hours ago•2 views

ECHO-F4DA-5CDF-F6C3

Bulletin has no description...

5.3CVSS5.8AI score0.00024EPSS

Exploits0References1

RedHat Linux•added 14 hours ago•7 views

redis: RESTORE invalid memory access may allow remote code execution

A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...

8.8CVSS6.1AI score0.0095EPSS

Exploits0References6