CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 3 hours ago•4 views

CVE-2026-12488 GeoVision GV-VMS V20 GV-Cloud memory corruption vulnerability

6.2CVSS

NVD•added yesterday•6 views

CVE-2026-56117

dhcpcd through 10.3.2, fixed in commit 78ea09e, contains a heap use-after-free vulnerability in the control socket handling within src/control.c that allows local unprivileged attackers to trigger memory corruption when privilege separation is disabled. Attackers can connect to the control socket...

5.7CVSS

NVD•added yesterday•3 views

CVE-2026-56114

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6CVSS

EUVD•added yesterday•4 views

EUVD-2026-38498

5.7CVSS5.9AI score

EUVD•added yesterday•4 views

EUVD-2026-38494

6CVSS6.1AI score

CVE•added yesterday•6 views

CVE-2026-56115

The CVE-2026-56115 issue affects dhcpcd up to 10.3.2. A one-byte stack out-of-bounds write exists in dhcp6_makemessage() in src/dhcp6.c, triggered by serializing an oversized RFC6603 OPTION_PD_EXCLUDE body. An unauthenticated, same-link attacker can send a crafted DHCPv6 ADVERTISE message contain...

6CVSS6.1AI score

Talos•added yesterday•3 views

GeoVision GV-VMS V20 GV-Cloud memory corruption vulnerability

Summary A memory corruption vulnerability exists in the GV-Cloud functionality of GV-VMS V20 versions: 20.0.2. A specially crafted network request can lead to a denial of service. An attacker can impersonate the legitimate server to trigger this vulnerability. Confirmed Vulnerable Versions The...

6.2CVSS6.5AI score

Exploits0

RedHat Linux•added 2 days ago•3 views

postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory

A flaw was found in PostgreSQL libpq. A server superuser can exploit a buffer overflow vulnerability in the PQfn function, which is used by client functions such as loexport, loread, lolseek64, and lotell64. This allows the superuser to send an arbitrarily large response, overwriting the client's...

8.8CVSS6.7AI score0.00284EPSS

RedhatCVE•added 2 days ago•5 views

CVE-2026-56412

A flaw was found in libexpat. This vulnerability, present in versions before 2.8.2, stems from improper handling of XML CDATA sections, where the library fails to adequately track the depth of handler calls. This can result in a 'use-after-free' error, a type of memory corruption that could allow...

5.9CVSS5.8AI score0.00105EPSS

RedhatCVE•added 2 days ago•5 views

CVE-2026-56403

A flaw was found in libexpat. An integer overflow vulnerability exists in the storeAtts function. This flaw could allow an attacker to corrupt memory, leading to a denial of service, information disclosure, or potentially arbitrary code execution, compromising the integrity and confidentiality of...

6.9CVSS6.1AI score0.00102EPSS

Cvelist•added 2 days ago•30 views

CVE-2026-56109 ALSA Library < 1.2.16.1 Double-Free via parse_def() in conf.c

The Advanced Linux Sound Architecture ALSA library before 1.2.16.1 contains a double-free vulnerability in parsedef in src/conf.c that allows attackers to corrupt memory by supplying maliciously crafted ALSA configuration text. When parsing nested compound or array configuration blocks, parsedef...

7CVSS0.00138EPSS

EUVD•added 2 days ago•6 views

EUVD-2026-38301

7CVSS5.9AI score0.00138EPSS

ATTACKERKB•added 2 days ago•3 views

CVE-2026-56109

7CVSS5.9AI score0.00138EPSS

CVE•added 2 days ago•6 views

CVE-2026-56109

The CVE concerns ALSA Library prior to 1.2.16.1, where a double-free occurs in parse_def() (src/conf.c) due to not validating return values when parsing nested compound or array configuration blocks. This can cause snd_config_delete() to be invoked twice on an already-freed node, leading to NULL-...

7CVSS5.9AI score0.00138EPSS

RedhatCVE•added 2 days ago•7 views

CVE-2026-52910

A flaw was found in the Linux kernel's Berkeley Packet Filter BPF reuseport mechanism. When a cBPF program is detached from a reuseport group, it is freed immediately without waiting for Read-Copy-Update RCU readers to complete. This can lead to a use-after-free condition, resulting in memory...

7CVSS5.8AI score0.00165EPSS

RedHat Linux•added 2 days ago•5 views

kernel: RDMA/iwcm: Fix workqueue list corruption by removing work_list

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA Internet Wide Area RDMA Protocol iWARP subsystem. Incorrect work submission logic in the iwcm component can lead to multiple queueing of work items. This allows a work item to be processed and freed while still present in the...

9.8CVSS5.7AI score0.00635EPSS

RedHat Linux•added 2 days ago•4 views

kernel: net/sched: act_pedit: extend the writable skb range per key

A flaw was found in the Linux kernel's traffic control packet editing pedit subsystem. In tcfpeditact, the copy-on-write COW range for skbensurewritable is computed once before iterating over edit keys, but the calculation does not account for runtime header offsets added by typed keys. This can...

5.8AI score0.00291EPSS

Exploits0References6

RedHat Linux•added 2 days ago•6 views

postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.2AI score0.004EPSS