CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Eastman Kodak Company Kodak confirmed to BleepingComputer that it is investigating a security breach after the ShinyHunters extortion group claimed responsibility for the incident. Kodak is the latest organization to land on the group's leak site. ShinyHunters claims it stole more than 2.2...

5.5AI score

Exploits0

OSV•added 10 hours ago•3 views

BIT-MASTODON-2026-47777 Mastodon has a consent-check bypass in its remote Collections

Mastodon is a free, open-source social network server based on ActivityPub. In versions there is a missing condition in the check if remote accounts consented to be featured in a remote Collection could lead to attackers bypassing the check and faking consent. An attacker could forge the...

7.5CVSS5.5AI score0.00167EPSS

Exploits0References3

ATTACKERKB•added 10 hours ago•1 views

CVE-2026-50643

8cc is vulnerable to an Out‑of‑Bounds Read due to improper handling of line directives and GNU linemarkers. The compiler accepts attacker-controlled filename and line number metadata and later uses it without validation when accessing source line arrays. By supplying invalid or oversized line...

5.1CVSS5.3AI score

Exploits0References3

Cvelist•added 10 hours ago•7 views

CVE-2026-50643 Out‑of‑Bounds Read in 8cc

5.1CVSS

Exploits0References2

Vulnrichment•added 10 hours ago•4 views

CVE-2026-50643 Out‑of‑Bounds Read in 8cc

5.1CVSS5.3AI score

Exploits0References2

CVE•added 10 hours ago•8 views

CVE-2026-50643

The CVE-2026-50643 entry concerns the 8cc compiler. It describes an Out-of-Bounds Read caused by improper handling of #line directives and GNU linemarkers, where attacker-controlled filename and line-number metadata is used without validation when accessing source line arrays. This can lead to ou...

5.1CVSS5.3AI score

Exploits0References2

EUVD•added 10 hours ago•5 views

EUVD-2026-37865

5.1CVSS5.3AI score

Exploits0References2

RedhatCVE•added 11 hours ago•7 views

CVE-2026-42507

A flaw was found in the net/textproto package in Golang. When functions in this package return errors, they include their input as part of the error message. An attacker could exploit this by injecting misleading content into these error messages, which are then printed or logged. This could lead...

5.3CVSS5.1AI score0.00263EPSS

Exploits0References7

NVD•added 11 hours ago•5 views

CVE-2026-55746

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to stored Cross-Site Scripting in the Personal File Storage PFS module. A folder title pfftitle is imported with the 'TXT' filter, which does not strip or encode HTML the tag check in cotimport is disabled, so an authenticated user can...

7.6CVSS

Exploits0References2

NVD•added 11 hours ago•8 views

CVE-2026-55745

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the Personal File Storage PFS module. In modules/pfs/inc/pfs.editfolder.php, the folder update action 'a=update' updates folder metadata title, description, public/gallery flags without calling cotcheckxg ...

5.4CVSS

Exploits0References2

NVD•added 11 hours ago•5 views

CVE-2026-55742

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the administration rights handler. In system/admin/admin.rights.php, the rights update action 'a=update' modifies group access rights including via cotauthaddgroup without calling cotcheckxg to validate th...

9.6CVSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by