CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 3 days ago•4 views

ALSA-2026:22143 Important: php:8.2 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting vulnerability via improper URL sanitation...

OSV•added 3 days ago•4 views

PUB-A-491016892

In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

5.9AI score

Tenable Nessus•added 3 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-8796

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input. In Perl/Decoder/srldecoder.c, srlreadobject and srlreadhash...

OSV•added 3 days ago•4 views

PUB-A-463414629

In NrmmMsgCodec::DecodeUPUTransparentContext of cnNrmmDecoder.cpp, there is a possible out-of-bounds read due to memory corruption. This could lead to remote denial of service causing a communication processor crash with no additional execution privileges needed. User interaction is not needed fo...

5.9AI score

AlmaLinux•added 3 days ago•7 views

Important: php:8.2 security update

AlmaLinux•added 3 days ago•8 views

Important: php:8.3 security update

CNNVD•added 3 days ago•2 views

Apache Fluss security vulnerabilities

Apache Fluss is a streaming storage system developed by the Apache Foundation in the United States. Versions 0.8.0 and 0.9.0 of Apache Fluss contain security vulnerabilities. These vulnerabilities stem from the use of Integer.MAXVALUE as the maximum frame length in the Netty...

7.5CVSS5.9AI score0.00154EPSS

OSV•added 3 days ago•2 views

ALSA-2026:22305 Important: php:8.2 security update

OSV•added 3 days ago•1 views

OPENSUSE-SU-2026:10924-1 perl-Sereal-Decoder-5.6.0-1.1 on GA media

These are all security issues fixed in the perl-Sereal-Decoder-5.6.0-1.1 package on the GA media of openSUSE Tumbleweed...

OSV•added 4 days ago•6 views

DEBIAN-CVE-2026-8796

Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input. In Perl/Decoder/srldecoder.c, srlreadobject and srlreadhash process a COPY tag, a back-reference whose target byte the decoder re-decodes as a fresh tag. When that target byte matches the SHORTBINARY...

NVD•added 4 days ago•7 views

CVE-2026-8796

8.1CVSS0.00013EPSS

Cvelist•added 4 days ago•25 views

CVE-2026-8796 Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input

0.00013EPSS

CVE•added 4 days ago•11 views

CVE-2026-8796

CVE-2026-8796 affects Sereal::Decoder before 5.005 (Perl). A heap out-of-bounds read can be triggered via crafted input when decoding COPY back-references that re-decode as SHORT_BINARY tags, allowing an attacker-controlled COPY offset to skip bounds and read past the input. This may enable consu...

EUVD•added 4 days ago•10 views

EUVD-2026-33517

5.8AI score0.00013EPSS

Vulnrichment•added 4 days ago•7 views

CVE-2026-8796 Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input

5.8AI score0.00013EPSS

Debian CVE•added 4 days ago•7 views

CVE-2026-8796

ATTACKERKB•added 4 days ago•5 views

Exploits0

CVE-2026-8796

5.8AI score0.00013EPSS

OSV•added 4 days ago•1 views

OSV-2026-828 Use-of-uninitialized-value in ReadContainer

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=517870853 Crash type: Use-of-uninitialized-value Crash state: ReadContainer PKImageDecodeInitializeWMP PKCodecFactoryCreateDecoderFromFile...

5.8AI score