CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/05/28 9:36 a.m.•5 views

EUVD-2026-32819

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...

5.8AI score0.00022EPSS

Exploits0References3

AstraLinux•added 2026/05/20 5:53 a.m.•9 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: usb: dwc2: Fixed a device leak in hwenable upon suspend/resume. Every time the platform enters low power mode, the PM suspend/resume routines call dwc2lowlevelhwenable. This calls a new device-related function each time. This...

5.5CVSS6.2AI score0.00063EPSS

5.5CVSS5.9AI score0.00036EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: “Revert ‘drm/amd/pm: resolve reboot exception for si oland’” This fix is associated with the commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86. This change causes hangs during operations involving SI when DC is enabled, as well as...

7.5CVSS7.1AI score0.01829EPSS

Astra Linux - уязвимость в wireshark

In Wireshark versions 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This issue was addressed in the epan/dissectors/packet-nfs.c file by preventing excessive recursion, such as when a cycle occurred in the directory graph of a filesystem...

5.5CVSS6.2AI score0.0001EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: sn-f-ospi: Fix for division by zero When there is no dummy cycle in the spi-nor commands, both the dummy bus cycle bytes and the width are zero. Due to the CPU’s warning when dividing by zero, this situation should be avoide...

4.7CVSS6AI score0.00106EPSS

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: disabling the sending of iouring via sockets File reference cycles have caused many problems for iouring in the past. It still doesn’t work correctly, and it causes races with unixstreamreadgeneric. The safest...

OSV•added 2026/05/19 7:50 p.m.•5 views

GHSA-5QWM-7PVP-W988 OpenMcdf: Uncatchable infinite loop in DirectoryTree.TryGetDirectoryEntry on crafted CFB directory cycle

Summary The BST name-lookup loop in DirectoryTree.TryGetDirectoryEntry OpenMcdf/DirectoryTree.cs:35-46 walks directory entries by repeatedly calling directories.TryGetSiblingchild, siblingType, validateColor. A crafted CFB file with cyclic Left/Right sibling links among directory entries -...

6.2CVSS5.9AI score

OSV•added 2026/05/14 12:30 p.m.•3 views

GHSA-337M-MW94-2V6G Apache Commons Configuration: StackOverflowError for YAML input with cycles

Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with cycles. This issue affects Apache Commons: from 2.2 before 2.15.0. Users are recommended to upgrade to version 2.15.0,...

NVD•added 2026/05/14 12:16 p.m.•8 views

Exploits0References5

CVE-2026-45205

5.3CVSS0.00129EPSS

Exploits0References3

UbuntuCve•added 2026/05/14 12:16 p.m.•6 views

CVE-2026-45205

OSV•added 2026/05/14 12:16 p.m.•3 views

Exploits0References6

UBUNTU-CVE-2026-45205

CVE•added 2026/05/14 11:22 a.m.•22 views

Exploits0References7

CVE-2026-45205

CVE-2026-45205 describes an uncontrolled recursion (StackOverflowError) in Apache Commons Configuration when processing untrusted YAML configuration files with cycles. Affected versions are 2.2 prior to 2.15.0; the advisory recommends upgrading to 2.15.0 to fix the issue. Public disclosures acros...

Exploits0References3Affected Software1

Vulnrichment•added 2026/05/14 11:22 a.m.•5 views

CVE-2026-45205 Apache Commons Configuration: StackOverflowError for YAML input with cycles

5.8AI score0.00129EPSS

Cvelist•added 2026/05/14 11:22 a.m.•35 views

CVE-2026-45205 Apache Commons Configuration: StackOverflowError for YAML input with cycles

0.00129EPSS

ATTACKERKB•added 2026/05/14 11:22 a.m.•9 views

CVE-2026-45205

5.8AI score0.00129EPSS

Exploits0References3Affected Software1

Tenable Nessus•added 2026/05/14 12:0 a.m.•16 views

Linux Distros Unpatched Vulnerability : CVE-2026-45205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError f...

Vulnrichment•added 2026/05/12 7:22 p.m.•4 views

Exploits0References3

CVE-2026-42445 NanaZip: Uncontrolled recursion in NanaZip UFS directory traversal causes stack exhaustion

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the UFS/UFS2 filesystem image parser in NanaZip. The function GetAllPaths recurses into subdirectories without any depth limit or visited-inode tracking. A crafted UFS...

3.3CVSS5.8AI score0.00014EPSS

EUVD•added 2026/05/12 7:22 p.m.•5 views

EUVD-2026-29790

3.3CVSS5.8AI score0.00014EPSS