CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 4 hours ago•5 views

CVE-2026-45291 Cloudburst Network erroneously handles invalid connections

Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to 1.0.0.CR3-20260418.124334-32 impacts publicly accessible software depending on the affected versions of Network and allows an attacker to exploit a bug in Network to close the pare...

7.5CVSS

CVE•added 4 hours ago•7 views

CVE-2026-45290

Cloudburst Network: A vulnerability in versions prior to 1.0.0.CR3-20260417.085727-30 affects the Network component and can stall the Netty event loop, rendering affected software inoperable. Impact is availability-focused (HIGH) with no confidentiality or integrity impact per the cited metrics. ...

7.5CVSS5.5AI score

OSV•added 4 hours ago•2 views

GHSA-W43H-R5M5-P832 NocoDB: Server-Side Request Forgery via Database Connection Host

Summary The connection-test endpoint opened a raw TCP socket to the user-supplied database host without resolving and range-checking the destination, so private and link-local addresses including IPv4-mapped IPv6 forms and localhost reached the driver. Details A new validateDbConnectionHost helpe...

5.3CVSS5.5AI score

Exploits0References3

OSV•added 21 hours ago•3 views

UBUNTU-CVE-2026-40898

quic-go is an implementation of the QUIC protocol in Go. Prior to vers...

5.3CVSS5.5AI score

Exploits0References3

RedhatCVE•added yesterday•6 views

CVE-2026-48597

Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.openconn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.toatomuri.scheme with no...

8.2CVSS5.8AI score0.00042EPSS

Tenable Nessus•added yesterday•4 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS : Exim vulnerabilities (USN-8382-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8382-1 advisory. Timo Longin discovered that Exim incorrectly handled certain SMTP messages in PIPELINING/CHUNKING configurations. A...

9.8CVSS7.3AI score0.01642EPSS

Exploits3References7

OSV•added 2 days ago•3 views

USN-8382-1 exim4 vulnerabilities

Timo Longin discovered that Exim incorrectly handled certain SMTP messages in PIPELINING/CHUNKING configurations. A remote attacker could possibly use this issue to perform SMTP smuggling. This issue only affected Ubuntu 14.04 LTS. CVE-2023-51766 It was discovered that Exim incorrectly handled...

9.8CVSS6AI score0.01642EPSS

Exploits3References7

NVD•added 2 days ago•6 views

CVE-2026-6657

A vulnerability in jupyter-server versions 1.12.0 through 2.17.0 allows an attacker to bypass CORS origin validation when the alloworiginpat configuration is used. The issue arises from the use of re.match for validating the Origin header, which only anchors at the start of the string. This allow...

6.1CVSS0.00022EPSS

NVD•added 3 days ago•7 views

CVE-2026-49753

Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in elixir-mint Mint allows attacker-controlled HTTP/1 servers to desynchronise response framing on shared connections. Mint's HTTP/1 Content-Length parser, Mint.HTTP1.Parse.contentlengthheader/1 in...

6.3CVSS0.00042EPSS

EUVD•added 3 days ago•6 views

EUVD-2026-33941

CVE•added 3 days ago•6 views

CVE-2026-49753

Summary of the vulnerability : CVE-2026-49753 affects the Elixir Mint HTTP/1 client. The root cause is a lenient Content-Length parser in Mint.HTTP1.Parse.content_length_header/1, which accepts a leading + sign (e.g., +0, +123) despite RFC 7230 requiring unsigned digits only. When the same Mint c...

Vulnrichment•added 3 days ago•6 views

CVE-2026-49753 HTTP response smuggling in Mint HTTP/1 client via lenient Content-Length parsing

OSV•added 3 days ago•4 views

EEF-CVE-2026-49753 HTTP response smuggling in Mint HTTP/1 client via lenient Content-Length parsing

Summary Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in elixir-mint Mint allows attacker-controlled HTTP/1 servers to desynchronise response framing on shared connections. Mint's HTTP/1 Content-Length parser, Mint.HTTP1.Parse.contentlengthheader/1 i...

ATTACKERKB•added 3 days ago•6 views

CVE-2026-49753

Exploits0References5Affected Software1

Cvelist•added 3 days ago•37 views

CVE-2026-8993 Improper URL Handler Processing in D.Launcher 2 enables NTLM Credential Disclosure and SSRF attacks

D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing vulnerability. Application registers multiple custom URL handlers that could be exploited to initiate full NTLM autentication or SMB connection to attacker infrastructure and to conduct SSRF Server Side...

6.5CVSS0.00033EPSS

Exploits0References2

EUVD•added 3 days ago•6 views

EUVD-2026-33776

In btajvrfcommconnect of btajvact.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00007EPSS

Exploits0References2

Positive Technologies•added 3 days ago•8 views

PT-2026-45786