CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Impact A malicious user with permission to edit the local-path-config ConfigMap in the local-path-storage namespace can manipulate the helperPod.yaml template used by rancher/local-path-provisioner. The helperPod.yaml template is loaded by the provisioner and used to create HelperPods during PVC...

8.7CVSS6AI score0.00361EPSS

Exploits0References3

SUSE CVE•added 2026/05/11 2:14 p.m.•4 views

SUSE CVE-2026-43306

In the Linux kernel, the following vulnerability has been resolved: bpf: crypto: Use the correct destructor kfunc type With CONFIGCFI enabled, the kernel strictly enforces that indirect function calls use a function pointer type that matches the target function. I ran into the following type...

5.7AI score0.00122EPSS

Exploits0References3

OSV•added 2026/05/11 2:5 p.m.•2 views

MINI-RWCP-H3MX-44XH

Bulletin has no description...

7.5CVSS5.7AI score0.00588EPSS

Exploits0

OSV•added 2026/05/11 2:1 p.m.•1 views

MINI-64CX-G2CR-3HGW

Bulletin has no description...

5.3CVSS5.7AI score0.0039EPSS

Exploits0

EUVD•added 2026/05/11 1:58 p.m.•7 views

EUVD-2026-28639

PraisonAI MCP tools/call path-traversal = RCE via Python .pth injection...

9.6CVSS5.8AI score0.00492EPSS

Exploits1References2

OSV•added 2026/05/11 1:49 p.m.•1 views

MINI-55HP-76VX-P3VG

Bulletin has no description...

5.3CVSS5.7AI score0.0039EPSS

Exploits0

OSV•added 2026/05/11 1:48 p.m.•0 views

MINI-MV8V-H7FH-CHF8

Bulletin has no description...

7.5CVSS5.7AI score0.00369EPSS

Exploits0

OSV•added 2026/05/11 1:48 p.m.•1 views

MINI-3H6H-XR68-G39C

Bulletin has no description...

5.9CVSS5.7AI score0.0017EPSS

Exploits0

OSV•added 2026/05/11 1:33 p.m.•0 views

MINI-8WJ9-PC6C-9R74

Bulletin has no description...

7.5CVSS5.7AI score0.00588EPSS

Exploits0

NVD•added 2026/05/11 12:16 p.m.•9 views

CVE-2025-9973

Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered on unintended organizations. A malicious actor with privileges to configure adaptive authentication within one organization ca...

7.2CVSS0.00366EPSS

Exploits0References1

OSV•added 2026/05/11 10:18 a.m.•2 views

MINI-Q23G-86M4-JFJC

Bulletin has no description...

7.5CVSS5.7AI score0.00369EPSS

Exploits0

ATTACKERKB•added 2026/05/11 10:12 a.m.•4 views

CVE-2025-9973

6.4CVSS5.9AI score0.00366EPSS

Exploits0References2Affected Software2

Vulnrichment•added 2026/05/11 10:12 a.m.•5 views

CVE-2025-9973 Authorization Bypass via Adaptive Authentication in WSO2 Identity Server Allows Cross-Organization Account Takeover

6.4CVSS5.9AI score0.00366EPSS

Exploits0References1

CVE•added 2026/05/11 10:12 a.m.•11 views

CVE-2025-9973

CVE-2025-9973 affects WS O2 Identity Server: failure to validate the organization context during adaptive authentication allows triggering authentication logic in other organizations/sub-organizations. This enables cross-organization authorization bypass, potentially leading to privilege escalati...

7.2CVSS5.9AI score0.00366EPSS

Exploits0References1Affected Software1

OSV•added 2026/05/11 10:3 a.m.•0 views

MINI-XJX4-P7M2-JPHG

Bulletin has no description...

5.3CVSS5.7AI score0.00179EPSS

Exploits0

OSV•added 2026/05/11 10:2 a.m.•1 views

MINI-8J5P-4H56-P898

Bulletin has no description...

6.1CVSS5.7AI score0.00371EPSS

Exploits0