CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 3 days ago•31 views

CVE-2026-36605

0.00016EPSS

ATTACKERKB•added 3 days ago•3 views

CVE-2026-36605

6.5CVSS5.8AI score0.00016EPSS

EUVD•added 3 days ago•5 views

EUVD-2026-34144

6.5CVSS5.8AI score0.00016EPSS

NVD•added 5 days ago•7 views

CVE-2026-44740

Billy is an interface filesystem abstraction for Go. Prior to versions 5.9.0 and 6.0.0-alpha.1, multiple components may improperly handle crafted or malformed input, resulting in panics, infinite loops, uncontrolled recursion, or excessive resource consumption. These issues arise from insufficien...

6.5CVSS0.00037EPSS

OSV•added 5 days ago•5 views

UBUNTU-CVE-2026-44740

6.5CVSS5.7AI score0.00037EPSS

Exploits0References5

Cvelist•added 5 days ago•24 views

CVE-2026-44740 go-billy: Lack of depth and cycle detection in symlink resolution may lead to infinite loops and resource exhaustion

6.5CVSS0.00037EPSS

Vulnrichment•added 5 days ago•6 views

CVE-2026-44740 go-billy: Lack of depth and cycle detection in symlink resolution may lead to infinite loops and resource exhaustion

6.5CVSS5.7AI score0.00037EPSS

CVE•added 5 days ago•22 views

CVE-2026-44740

CVE-2026-44740 affects the go-billy interface filesystem abstraction. Before 5.9.0 and 6.0.0-alpha.1, multiple components may mishandle crafted input, risking panics, infinite loops, uncontrolled recursion, or excessive resource consumption due to missing validation, cycle detection, and defensiv...

6.5CVSS5.7AI score0.00037EPSS

NVD•added 2026/05/29 1:16 p.m.•11 views

CVE-2026-49324

Uncontrolled resource consumption in the Wireless Control Module WCM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with write access to the in-vehicle network to permanently immobilize the motorcycle. The WCM enforces a brute-force lockout on the...

4.6CVSS0.00024EPSS

CVE•added 2026/05/29 12:32 p.m.•11 views

CVE-2026-49324

The CVE-2026-49324 affects the Wireless Control Module (WCM) in the Indian Motorcycle Scout Bobber + Tech 2025 model year. The root cause is an exploitable brute‑force lockout that is reachable via any unauthenticated in‑vehicle network message, with no session binding and no reset on power cycle...

4.6CVSS5.8AI score0.00024EPSS

ATTACKERKB•added 2026/05/29 12:32 p.m.•6 views

CVE-2026-49324

4.6CVSS5.8AI score0.00024EPSS

Exploits0References3Affected Software1

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: igc: Fix the PTM cycle trigger logic Writing to clear the “valid” bit of the PTM status while the PTM cycle is triggered results in unreliable PTM operations. To fix this, clear the “trigger” and status of the PTM after each PTM...

5.5CVSS6.2AI score0.00084EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: extend minimum interval restriction to entire cycle too It is possible for syzbot to bypass the restriction imposed by the problematic commit in the “Fixes” tag. This is because the taprio UAPI allows the cycle...

5.5CVSS6AI score0.00012EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ext4: The issue where “racy” might inline data checks during dio write has been fixed. According to syzbot, the following warning from ext4iomapbegin is triggered as of the referenced commit: c if WARNONONCEext4hasinlinedatainode...

4.7CVSS5.7AI score0.00015EPSS