CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2026/05/15 1:59 a.m.•7 views

SUSE CVE-2026-33376

When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected; to mitigate easily, add the desired mask usually /128 to the addresses. Only auth proxy is affected; Okta, SAML, LDAP, etc are unaffected here...

7.4CVSS5.8AI score0.00271EPSS

Cvelist•added 2026/05/15 1:46 a.m.•37 views

CVE-2026-0432

Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...

8.5CVSS0.00105EPSS

ATTACKERKB•added 2026/05/15 1:45 a.m.•6 views

CVE-2025-48512

Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller GPIO could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...

Vulnrichment•added 2026/05/15 1:45 a.m.•7 views

CVE-2025-48512

EUVD•added 2026/05/15 1:45 a.m.•17 views

EUVD-2025-209861

GithubExploit•added 2026/05/15 1:38 a.m.•67 views

Exploit for Insecure Default Initialization of Resource in Praison Praisonai

⚠️ Security Research & Legal Disclaimer 📌 Purpose of This...

7.3CVSS6AI score0.26799EPSS

Exploits3

Positive Technologies•added 2026/05/15 12:0 a.m.•12 views

PT-2026-41253

Name of the Vulnerable Software and Affected Versions AGESA Bootloader Firmware affected versions not specified Description An insecure default configuration state of the DDR5 memory module within the AGESA Bootloader Firmware allows a local user to abuse the unprotected PMIC Power Management...

6.9CVSS5.8AI score0.00091EPSS

Exploits0References5

CNNVD•added 2026/05/15 12:0 a.m.•10 views

Open WebUI 安全漏洞

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted WebUI that is open source. Versions of Open WebUI prior to 0.1.124 contained security vulnerabilities. These vulnerabilities stemmed from APIs that did not properly verify whether the user had the authorized user role. When...

7.3CVSS5.8AI score0.0023EPSS

Exploits1References2

Positive Technologies•added 2026/05/15 12:0 a.m.•11 views

PT-2026-41321

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without user interaction, enabling shell command execution when a user displays attacker-controlled content. T...

7CVSS6.2AI score0.0013EPSS

Positive Technologies•added 2026/05/15 12:0 a.m.•9 views

PT-2026-41228

Positive Technologies•added 2026/05/15 12:0 a.m.•10 views

PT-2026-41233

Incorrect default permissions in the installation directory for the AMD chipset driver could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...

8.5CVSS6.1AI score0.00105EPSS

CNNVD•added 2026/05/15 12:0 a.m.•9 views

AMD Chipset 安全漏洞

The AMD Chipset is a series of chips developed by American semiconductor company AMD. The AMD Chipset contains security vulnerabilities, which stem from incorrect default permissions in the installation directory. This could allow attackers to gain elevated privileges, leading to arbitrary code...

8.5CVSS6.1AI score0.00105EPSS

CNNVD•added 2026/05/15 12:0 a.m.•8 views

AMD Chipset 安全漏洞

The AMD Chipset is a series of chips developed by American semiconductor company AMD. The AMD Chipset contains security vulnerabilities, which stem from incorrect default permissions. These vulnerabilities could allow attackers to gain elevated privileges and execute arbitrary code...

7CVSS6AI score0.00106EPSS