CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

118 matches found

CVE-2026-43965

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

5.6CVSS0.00014EPSS

Exploits0References4

EUVD•added 2 days ago•4 views

EUVD-2026-33926

5.6CVSS5.9AI score0.00014EPSS

Exploits0References4

ATTACKERKB•added 2 days ago•3 views

CVE-2026-43965

5.6CVSS5.9AI score0.00014EPSS

Exploits0References5

CVE•added 2 days ago•8 views

CVE-2026-43965

Gleam path traversal vulnerability CVE-2026-43965 allows arbitrary directory deletion via malicious build/packages/packages.toml content. During deps download, package keys read from build/packages/packages.toml are passed to path construction without validation, enabling absolute or relative tra...

5.6CVSS5.9AI score0.00014EPSS

Exploits0References4

OSV•added 2 days ago•2 views

EEF-CVE-2026-43965 Path Traversal in build/packages/packages.toml Allows Arbitrary Directory Deletion

Summary Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to...

5.6CVSS5.9AI score0.00014EPSS

Exploits0References3

Fedora•added 2026/05/23 12:58 a.m.•6 views

[SECURITY] Fedora 44 Update: composer-2.9.8-1.fc44

Composer helps you declare, manage and install dependencies of PHP projects, ensuring you have the right stack everywhere. Documentation: https://getcomposer.org/doc/...

5.8AI score

Exploits0

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix potential double free in drmschedjobaddresvdependencies When adding dependencies with drmschedjobadddependency, that function consumes the fence reference both on success and failure, so in the latter case the...

5.8AI score0.00064EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fixed a deadlock in drmschedentitykilljobscb. The Mesa issue mentioned above identified a possible deadlock scenario: 1231.611031 Possible interrupt-unsafe locking scenario: 1231.611033 CPU0 CPU1 1231.611034 ---- ----...

5.7AI score0.00036EPSS

Exploits0References2

Fedora•added 2026/04/25 1:53 a.m.•6 views

[SECURITY] Fedora 44 Update: yarnpkg-1.22.22-18.fc44

Fast, reliable, and secure dependency management...

9.8CVSS5.3AI score0.00044EPSS

Exploits0

Fedora•added 2026/04/16 12:56 a.m.•3 views

[SECURITY] Fedora 43 Update: composer-2.9.7-1.fc43

Composer helps you declare, manage and install dependencies of PHP projects, ensuring you have the right stack everywhere. Documentation: https://getcomposer.org/doc/...

8.8CVSS6AI score0.0005EPSS

Exploits3

AlpineLinux•added 2026/04/15 8:56 p.m.•2 views

CVE-2026-40261

Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::syncCodeBase method, which appends the $sourceReference parameter to a shell command without proper escaping, and additionally in the...

8.8CVSS6.2AI score0.0005EPSS

Exploits3

CNNVD•added 2026/04/15 12:0 a.m.•2 views

Composer 安全漏洞

Composer is an open-source application developed by Composer. It provides a tool for declaring, managing, and installing dependencies of PHP projects. Versions of Composer from 1.0 to 2.2.26, as well as from 2.3 to 2.9.5, have security vulnerabilities. These vulnerabilities stem from command...

8.8CVSS6.1AI score0.0005EPSS

Exploits3References2

Fedora•added 2026/04/12 3:53 p.m.•1 views

[SECURITY] Fedora 42 Update: yarnpkg-1.22.22-18.fc42

Fast, reliable, and secure dependency management...

9.8CVSS5.8AI score0.00044EPSS

Exploits0

Fedora•added 2026/04/12 3:37 p.m.•2 views

[SECURITY] Fedora 43 Update: yarnpkg-1.22.22-18.fc43

Fast, reliable, and secure dependency management...

9.8CVSS6AI score0.00044EPSS

Exploits0

Fedora•added 2026/03/17 2:12 a.m.•2 views

[SECURITY] Fedora 42 Update: yarnpkg-1.22.22-17.fc42

Fast, reliable, and secure dependency management...

5.3CVSS6.2AI score0.00034EPSS

Exploits0

Fedora•added 2026/03/17 12:17 a.m.•3 views

[SECURITY] Fedora 44 Update: yarnpkg-1.22.22-17.fc44

Fast, reliable, and secure dependency management...

5.3CVSS6.2AI score0.00034EPSS

Exploits0

Fedora•added 2026/02/10 1:34 a.m.•3 views

[SECURITY] Fedora 43 Update: uv-0.9.30-2.fc43

An extremely fast Python package and project manager, written in Rust. Highlights: =E2=80=A2 A single tool to replace pip, pip-tools, pipx, poetry, pyenv, twi ne, virtualenv, and more. =E2=80=A2 10-100x faster than pip. =E2=80=A2 Provides comprehensive project management, with a universal lockf...

7.5CVSS5.5AI score0.0004EPSS

Exploits1

Fedora•added 2026/02/06 1:10 a.m.•4 views

[SECURITY] Fedora 42 Update: yarnpkg-1.22.22-16.fc42

Fast, reliable, and secure dependency management...

7.9CVSS5.8AI score0.00028EPSS

Exploits0

Fedora•added 2026/02/05 1:0 a.m.•5 views

[SECURITY] Fedora 43 Update: yarnpkg-1.22.22-16.fc43

Fast, reliable, and secure dependency management...

7.9CVSS5.9AI score0.00028EPSS

Exploits0

Fedora•added 2026/01/14 1:10 a.m.•4 views

[SECURITY] Fedora 42 Update: composer-2.9.3-1.fc42

Composer helps you declare, manage and install dependencies of PHP projects, ensuring you have the right stack everywhere. Documentation: https://getcomposer.org/doc/...

5.3CVSS7.1AI score0.00018EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by