CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE Linux•added 2026/04/22 9:40 a.m.•6 views

Security update for kea

This update for kea fixes the following issues: Update to release 2.6.5. Security issues fixed: CVE-2026-3608: stack overflow error via specially crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemonsbsc1260380. Other updates and bugfixes: A null dereference is now ...

8.7CVSS5.8AI score0.0105EPSS

Exploits0References4

Tenable Nessus•added 2026/04/17 12:0 a.m.•4 views

SUSE SLED15 / SLES15 Security Update : kea (SUSE-SU-2026:1378-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1378-1 advisory. Update to release 2.6.5: A large number of bracket pairs in a JSON payload directed to any endpoint would result in a...

7.5CVSS5.8AI score0.0105EPSS

Exploits0References4

Snyk•added 2026/04/02 9:0 p.m.•0 views

Malicious Package

Overview strapi-plugin-debug-tools is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages...

Snyk•added 2026/04/02 9:0 p.m.•0 views

Malicious Package

Overview strapi-plugin-content-sync is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages...

Snyk•added 2026/04/02 9:0 p.m.•2 views

Malicious Package

Overview strapi-plugin-api is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages aren't...

Snyk•added 2026/04/02 9:0 p.m.•4 views

Malicious Package

Overview strapi-plugin-blurhash is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages aren...

Snyk•added 2026/04/02 9:0 p.m.•3 views

Malicious Package

Overview strapi-plugin-nordica-cms is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages...

Debian CVE•added 2026/03/25 8:46 a.m.•3 views

CVE-2026-3608

Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2...

7.5CVSS8.7AI score0.0105EPSS

Exploits0

Tenable Nessus•added 2026/03/25 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-3608

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can...

7.5CVSS8AI score0.0105EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2006-5285

Malware in sbrugna...

6.5CVSS6.4AI score0.01622EPSS

Exploits0References9

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-23299

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01161EPSS

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2023-31246

Malicious code in bioql PyPI...

7CVSS6.9AI score0.00537EPSS

Exploits2References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-23300

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.01EPSS

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-37806

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00322EPSS

RedhatCVE•added 2025/02/06 1:23 a.m.•15 views

CVE-2022-34902

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 39316 Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

7.8CVSS7.2AI score0.00322EPSS

RedhatCVE•added 2025/02/04 10:54 p.m.•5 views

CVE-2024-26003

An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality...

7.5CVSS7AI score0.01161EPSS

Redos•added 2024/08/12 12:0 a.m.•31 views

ROS-20240812-11

The GLPI Agent universal control agent vulnerability involves modifying GLPI-Agent code or allows a DLL to be used to modify the agent's logic. Exploitation of the vulnerability could allow an attacker to privilege escalation...

7.8CVSS7.1AI score0.00217EPSS

Exploits0

OSV•added 2024/03/12 9:15 a.m.•2 views

CVE-2024-26004

An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the charging functionality...

7.5CVSS5.8AI score0.01EPSS

OSV•added 2024/03/12 9:15 a.m.•3 views

CVE-2024-26003

An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality...

7.5CVSS5.8AI score0.01161EPSS