CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

57994 matches found

NVD•added 2026/06/05 11:16 a.m.•10 views

CVE-2026-11347

The linqi application contains hardcoded cryptographic keys. Additionally, the application uses a weak algorithm with a limited ASCII charset to dynamically generate Initialization Vectors IVs for AES/CBC encryption, making known-plaintext attacks feasible. An attacker with local access can...

8.5CVSS0.00073EPSS

Exploits0References1

GithubExploit•added 2026/06/05 11:5 a.m.•68 views

Exploit for Stack-based Buffer Overflow in Microsoft

CVE-2026-41089 !TIP If the setup does not start, add t...

9.8CVSS6.4AI score0.43788EPSS

Exploits31

Cvelist•added 2026/06/05 10:18 a.m.•38 views

CVE-2026-11347 Hardcoded Cryptographic Keys and Weak IV Generation in linqi

8.5CVSS0.00073EPSS

Exploits0References1

ATTACKERKB•added 2026/06/05 10:18 a.m.•4 views

CVE-2026-11347

8.5CVSS5.5AI score0.00073EPSS

Exploits0References2

Vulnrichment•added 2026/06/05 10:18 a.m.•7 views

CVE-2026-11347 Hardcoded Cryptographic Keys and Weak IV Generation in linqi

8.5CVSS5.5AI score0.00073EPSS

Exploits0References1

NCSC•added 2026/06/05 9:38 a.m.•9 views

Kwetsbaarheid verholpen in Cisco SD-WAN Manager

Cisco has identified a vulnerability in SD-WAN Manager, previously known as SD-WAN vManage. A malicious individual could exploit this vulnerability by uploading a specially crafted file to the affected system and thereby elevating their privileges to root user status. Cisco indicates that active...

7.8CVSS5.5AI score0.00952EPSS

Exploits2References1

OSV•added 2026/06/05 8:52 a.m.•4 views

BIT-MLFLOW-2026-4035 Environment Variable Resolution Vulnerability in mlflow/mlflow

A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environment variables in AI Gateway secrets, which can be exploited to exfiltrate sensitive server-side environment credentials to an attacker-controlled endpoint. This issue arises because the apikey field in...

9.1CVSS6AI score0.00315EPSS

Exploits1References3

RedhatCVE•added 2026/06/05 6:14 a.m.•13 views

CVE-2026-4035

A flaw was found in MLflow. This vulnerability allows an attacker to exfiltrate sensitive server-side environment credentials. It occurs because the AI Gateway secrets can resolve environment variables, which are then sent to an attacker-controlled endpoint. This could lead to unauthorized access...

9.1CVSS5.6AI score0.00315EPSS

Exploits1References5

OSV•added 2026/06/05 5:53 a.m.•12 views

BIT-SOLR-2026-44825 Apache Solr: Enabling BasicAuth using bin/solr CLI configures additional insecure users

Hardcoded credentials in the Basic Authentication setup tool bin/solr auth enable in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known default credentials installed silently alongside the user-specifi...

9.8CVSS5.6AI score0.00812EPSS

Exploits0References3

OSSF Malicious Packages•added 2026/06/05 12:53 a.m.•9 views

Malicious code in effect-analyzer (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score

Exploits0References2

OSV•added 2026/06/05 12:53 a.m.•6 views

MAL-2026-5222 Malicious code in autotel-hono (npm)

5.7AI score

Exploits0References2

OSV•added 2026/06/05 12:53 a.m.•7 views

MAL-2026-5251 Malicious code in executable-stories-demo (npm)

5.7AI score

Exploits0References2

OSSF Malicious Packages•added 2026/06/05 12:53 a.m.•13 views

Malicious code in executable-stories-init (npm)