CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/05/21 1:1 p.m.•6 views

CVE-2025-71210

9.8CVSS7.7AI score0.04019EPSS

Exploits0References3

CVE•added 2026/05/21 1:1 p.m.•20 views

CVE-2025-71210

CVE-2025-71210 affects the Trend Micro Apex One management console. The connected sources describe a path traversal vulnerability in the console that could allow a remote attacker to upload and execute code, with exploitation possible when an attacker has access to the console. Affected products ...

9.8CVSS7.6AI score0.04019EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/05/21 1:1 p.m.•43 views

CVE-2025-71210

9.8CVSS0.04019EPSS

The Hacker News•added 2026/05/21 4:27 a.m.•15 views

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual Studio Code VS Code extension. The development comes as the Nx team revealed that the extensio...

5.9AI score

CNNVD•added 2026/05/21 12:0 a.m.•7 views

Trend Micro Apex One 路径遍历漏洞

Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has a path traversal vulnerability, which originates from the management console. This vulnerability could allow remote attackers to upload malicious code and execute commands...

9.8CVSS7.6AI score0.04019EPSS

CNNVD•added 2026/05/21 12:0 a.m.•6 views

Trend Micro Apex One 路径遍历漏洞

9.8CVSS7.6AI score0.03959EPSS

GithubExploit•added 2026/05/20 9:31 p.m.•87 views

Exploit for CVE-2026-2587

CVE-2026-2587 — GlassFish EL Injection RCE...

9.6CVSS6.1AI score0.00628EPSS

Exploits2

Chainguard•added 2026/05/20 7:17 p.m.•5 views

GHSA-CRHJ-59GH-8X96 vulnerabilities

Vulnerabilities for packages: pulumi, pulumi-language-java, kargo, xeol-fips, trivy, argo-cd-fips, skaffold-fips, rancher-fleet, trufflehog-fips, gitea, zarf-fips, argo-events-fips, gitaly-fips, gitlab-runner-fips, zarf, tfsec, kubescape, grype-db, xeol, zot, gitaly, melange, skaffold,...

5.2AI score

Chainguard•added 2026/05/20 7:17 p.m.•5 views

GHSA-M7CR-M3PV-HGRP vulnerabilities

5.2AI score

Chainguard•added 2026/05/20 7:17 p.m.•11 views

CVE-2026-45571 vulnerabilities

5.4CVSS5.1AI score0.00297EPSS

Snyk•added 2026/05/20 3:35 p.m.•8 views

Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements used in an Expression Language Statement 'Expression Language Injection' in the admin console endpoints such as /web/configuration/virtualServerEdit.jsf. An attacker can execute arbitrary syst...

9.1CVSS6AI score0.00819EPSS

Exploits1References3

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: tty: fixed an out-of-bounds access in ttydriverlookuptty When specifying an invalid console= device like console=tty3270, ttydriverlookuptty returns the tty struct without checking whether the index is a valid number. To reproduc...

5.6AI score0.00177EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: vt: Clear the selection before changing the font When changing the console font using ioctlKDFONTOP, the new font size may be larger than the previous one. As a result, a previously selected text may now be displayed outside the...

7.1CVSS5.7AI score0.0021EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в ansible

A flaw was discovered in the ansible module, where credentials are disclosed in the console logs by default, and are not protected by security features when using the bitbucketpipelinevariable module. This flaw allows an attacker to steal bitbucket Pipeline credentials. The greatest threat posed ...

5.5CVSS6.8AI score0.00337EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux – Vulnerability in Ansible

A flaw was discovered in Ansible. Credentials, such as secrets, are being disclosed in the console logs by default, and are not protected by the nolog feature when those modules are used. An attacker can exploit this information to steal those credentials. The greatest threat posed by this...

5.5CVSS6.9AI score0.00347EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: serial/pmaczilog: Removed the flawed mitigation for rx irq flood. The mitigation was intended to completely stop the irq. This might be better than using a hard lock-up, but it turns out that a crash still occurs if pmaczilog ...

5.5CVSS6.6AI score0.00182EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netconsole: Avoid out-of-band OOB reads; the message is not terminated with nul. The message passed to netconsole from the console subsystem is not guaranteed to be terminated with nul. Before the recent commit 7eab73b18630...

9.1CVSS5AI score0.00462EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•12 views

Astra Linux - уязвимость в linux, linux-5.10

Rogue backends can cause Denial of Service DoS attacks on guests through high-frequency events. This CNA information record relates to multiple Common Vulnerabilities and Exposures CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Xen allows for the execution of PV...

6.5CVSS6.9AI score0.00332EPSS