CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3642 matches found

Vulnrichment•added 2026/02/25 4:2 p.m.•4 views

CVE-2026-3192 Chia Blockchain RPC Credential rpc_server_base.py _authenticate improper authentication

A security vulnerability has been detected in Chia Blockchain 2.1.0. This issue affects the function authenticate of the file rpcserverbase.py of the component RPC Credential Handler. The manipulation leads to improper authentication. The attack is possible to be carried out remotely. The attack ...

6.3CVSS4.8AI score0.00561EPSS

Exploits1References3

Positive Technologies•added 2026/02/25 12:0 a.m.•8 views

PT-2026-21963

Name of the Vulnerable Software and Affected Versions Chia Blockchain version 2.1.0 Description A cross-site request forgery condition exists in Chia Blockchain version 2.1.0. The issue is related to an unknown function within the /send transaction file. The attack can be performed remotely and...

3.1CVSS3.9AI score0.00173EPSS

Exploits1References6

IBM Security Bulletins•added 2026/02/24 10:29 p.m.•6 views

Security Bulletin: MongoDB Enterprised Advanced affected by: Inefficient Regular Expression Complexity (CVE-2025-27789)

Summary There are vulnerabilities in helpers-7.21.5.tgz, helpers-7.22.6.tgz, helpers-7.25.0.tgz, runtime-7.21.0.tgz, runtime-7.22.10.tgz, runtime-7.23.2.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-27789. The vulnerabilities have been addressed. Vulnerability Details...

6.2CVSS5.4AI score0.00478EPSS

Exploits0Affected Software1

RedhatCVE•added 2026/02/24 7:29 a.m.•6 views

CVE-2026-2974

A vulnerability was identified in AliasVault App up to 0.25.3 on Android/iOS. This vulnerability affects unknown code of the file sharedprefs/aliasvault.xml of the component Backup Handler. The manipulation of the argument accessToken/refreshToken/metadata/keyderivationparams/authmethods leads to...

2.5CVSS3.8AI score0.00099EPSS

Exploits0References1

RedhatCVE•added 2026/02/24 7:29 a.m.•7 views

CVE-2026-2970

A vulnerability has been found in datapizza-labs datapizza-ai 0.0.2. Affected by this vulnerability is the function RedisCache of the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.py. Such manipulation leads to deserialization. The attack requires being on the local network. A high...

7.5CVSS4.2AI score0.00821EPSS

Exploits2References1

OSV•added 2026/02/23 6:30 a.m.•5 views

GHSA-HG58-X52P-859C datapizza-ai has unsafe deserialization via pickle.loads() in RedisCache

A vulnerability has been found in datapizza-labs datapizza-ai 0.0.7. Affected by this vulnerability is the function RedisCache of the file datapizza-ai-cache/redis/datapizza/cache/redis/cache.py. Such manipulation leads to deserialization. The attack requires being on the local network. A high...

4.6CVSS4.1AI score0.00821EPSS

Exploits2References6

Github Security Blog•added 2026/02/23 6:30 a.m.•7 views

datapizza-ai has unsafe deserialization via pickle.loads() in RedisCache

7.5CVSS4.5AI score0.00821EPSS

Exploits2References6Affected Software1

OSV•added 2026/02/23 6:16 a.m.•6 views

CVE-2026-2974

2.5CVSS3.8AI score

Exploits0References9

Vulnrichment•added 2026/02/23 5:32 a.m.•6 views

CVE-2026-2974 AliasVault App Backup aliasvault.xml backup

2.5CVSS4AI score0.00099EPSS

Exploits0References9

OSV•added 2026/02/23 4:16 a.m.•5 views

CVE-2026-2967

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/netbuiltin.c of the component TCP Sequence Number Handler. The manipulation leads to improper verification of source of a communication channel. The attack may be initiate...

3.7CVSS4.8AI score

Exploits0References5

OSV•added 2026/02/23 4:16 a.m.•6 views

CVE-2026-2968

A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mgchacha20poly1305decrypt of the file /src/tlschacha20.c of the component Poly1305 Authentication Tag Handler. The manipulation results in improper verification of cryptographic signature. The attack may be...

3.7CVSS4.9AI score

Exploits0References5

OSV•added 2026/02/23 4:16 a.m.•5 views

UBUNTU-CVE-2026-2967

6.3CVSS4.9AI score0.00491EPSS

Exploits1References7

OSV•added 2026/02/23 3:15 a.m.•5 views

DEBIAN-CVE-2026-2966

A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mgsendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipulation of the argument random can lead to insufficiently random values. The attack can be launched...

6.3CVSS5.2AI score0.0038EPSS

Exploits1References1

NVD•added 2026/02/23 3:15 a.m.•7 views

CVE-2026-2966

6.3CVSS0.0038EPSS

Exploits1References5

OSV•added 2026/02/23 3:15 a.m.•4 views

UBUNTU-CVE-2026-2966

6.3CVSS5.3AI score0.0038EPSS

Exploits1References7

Debian CVE•added 2026/02/23 3:2 a.m.•6 views

CVE-2026-2968

6.3CVSS4.2AI score0.00218EPSS

Exploits1

CVE•added 2026/02/23 2:32 a.m.•26 views

CVE-2026-2967

The CVE-2026-2967 entry describes a vulnerability in Cesanta Mongoose up to version 7.20, specifically in the getpeer function of /src/net_builtin.c within the TCP Sequence Number Handler. The underlying issue is improper verification of the source of a communication channel, potentially enabling...

6.3CVSS4.5AI score0.00491EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2026/02/23 2:32 a.m.•4 views

CVE-2026-2967 Cesanta Mongoose TCP Sequence Number net_builtin.c getpeer verification of source

6.3CVSS4.5AI score0.00491EPSS

Exploits1References5

CVE•added 2026/02/23 2:2 a.m.•15 views

CVE-2026-2966

Cesanta Mongoose

6.3CVSS4.8AI score0.0038EPSS

Exploits1References5Affected Software1

Debian CVE•added 2026/02/23 2:2 a.m.•8 views