CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/03 9:55 a.m.•5 views

OESA-2026-2131 emacs security update

Emacs is the extensible, customizable, self-documenting real-time display editor. At its core is an interpreter for Emacs Lisp, a dialect of the Lisp programming language with extensions to support text editing. And it is an entire ecosystem of functionality beyond text editing, including a proje...

7.1CVSS5.7AI score0.00021EPSS

OSV•added 2026/05/03 9:55 a.m.•4 views

OESA-2026-2129 emacs security update

7.1CVSS5.7AI score0.00021EPSS

Tenable Nessus•added 2026/05/01 12:0 a.m.•2 views

Fedora 42 : emacs (2026-52dad6273a)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-52dad6273a advisory. Fix CVE-2026-6861: memory corruption vulnerability when processing SVG CSS. Tenable has extracted the preceding description block directly from the Fedora...

7.1CVSS5.8AI score0.00021EPSS

Amazon•added 2026/04/30 12:0 a.m.•4 views

Medium: clamav1.4

Issue Overview: A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker...

5.3CVSS5.4AI score0.00042EPSS

Amazon•added 2026/04/30 12:0 a.m.•5 views

Medium: clamav1.5

5.3CVSS5.4AI score0.00042EPSS

Tenable Nessus•added 2026/04/30 12:0 a.m.•4 views

Amazon Linux 2023 : clamav1.5, clamav1.5-data, clamav1.5-devel (ALAS2023-2026-1631)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1631 advisory. A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device.This vulnerabili...

5.3CVSS5.8AI score0.00042EPSS

Tenable Nessus•added 2026/04/30 12:0 a.m.•3 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Roundcube Webmail vulnerabilities (USN-8223-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8223-1 advisory. It was discovered that Roundcube Webmail mishandled Punycode xn-- domain names. An attacker could possibl...

9.3CVSS5.4AI score0.50951EPSS

Exploits6References8

Exploit DB•added 2026/04/30 12:0 a.m.•59 views

Google Chrome 145.0.7632.75 - CSSFontFeatureValuesMap

Exploit Title: Google Chrome 145.0.7632.75 - CSSFontFeatureValuesMap Date: 2026-02-23 Exploit Author: nu11secur1ty Vendor Homepage: https://www.google.com/chrome/ Software Link: https://www.google.com/chrome/ Version: Chrome = 144.x | Chrome 145.0.7632.75 Tested on: Windows 11 / Linux / macOS CVE...

8.8CVSS5.8AI score0.23127EPSS

Exploits12

Tenable Nessus•added 2026/04/30 12:0 a.m.•6 views

Amazon Linux 2023 : clamav1.4, clamav1.4-data, clamav1.4-devel (ALAS2023-2026-1630)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1630 advisory. A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device.This vulnerabili...

5.3CVSS5.8AI score0.00042EPSS

Tenable Nessus•added 2026/04/30 12:0 a.m.•6 views

Amazon Linux 2 : clamav1.4, --advisory ALAS2-2026-3276 (ALAS-2026-3276)

The version of clamav1.4 installed on the remote host is prior to 1.4.4-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3276 advisory. A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause ...

5.3CVSS5.4AI score0.00042EPSS

Amazon•added 2026/04/30 12:0 a.m.•3 views

Medium: clamav1.4

5.3CVSS5.5AI score0.00042EPSS

OSV•added 2026/04/29 1:50 p.m.•2 views

USN-8223-1 roundcube vulnerabilities

It was discovered that Roundcube Webmail mishandled Punycode xn-- domain names. An attacker could possibly use this issue to cause a homograph attack. CVE-2019-15237 It was discovered that Roundcube Webmail did not properly sanitize certain attributes when handling CSS within HTML messages and...

9.3CVSS7AI score0.50951EPSS

Exploits6References8

Ubuntu•added 2026/04/29 1:50 p.m.•5 views

USN-8223-1: Roundcube Webmail vulnerabilities

9.3CVSS7AI score0.50951EPSS

Exploits6

RedhatCVE•added 2026/04/25 11:39 a.m.•2 views

CVE-2026-41305

A flaw was found in PostCSS. This vulnerability allows a remote attacker to perform Cross-Site Scripting XSS by submitting specially crafted CSS. When PostCSS processes and re-stringifies this CSS for embedding within HTML sequences. This oversight enables the injected...

6.1CVSS5.3AI score0.00011EPSS

Exploits0References5

Fedora•added 2026/04/25 1:52 a.m.•3 views

[SECURITY] Fedora 44 Update: nginx-mod-fancyindex-0.6.0-2.fc44

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

8.8CVSS8.6AI score0.00064EPSS

Tenable Nessus•added 2026/04/25 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-41305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PostCSS takes a CSS file and provides an API to analyze and modify its rules by transforming the rules into an Abstract Syntax Tree. Versions prior to 8.5.10 do...

6.1CVSS5.8AI score0.00011EPSS