CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

408 matches found

CVE-2026-46245

A flaw was found in the Linux kernel's AMD GPU display driver. The amdgpudmhpdinit function, responsible for Hot-Plug Detect HPD initialization, may attempt to dereference a null dclink when handling certain connectors. This unconditional dereference can lead to a system crash, allowing a local...

5.8AI score

Exploits0References4

NVD•added yesterday•3 views

CVE-2026-46245

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dclink NULL handling in HPD init amdgpudmhpdinit may see connectors without a valid dclink. The code already checks dclink for the polling decision, but later unconditionally dereferences it when setting up H...

Exploits0References2

EUVD•added yesterday•2 views

EUVD-2026-34107

5.7AI score

Exploits0References2

ATTACKERKB•added yesterday•1 views

CVE-2026-46245

5.7AI score

Exploits0References3Affected Software1

CVE•added yesterday•3 views

CVE-2026-46245

MODE C: The connected sources describe a concrete fix in the Linux kernel DRM AMD display code for CVE-2026-46245. The flaw was that amdgpu_dm_hpd_init() could dereference a NULL dc_link when wiring HPD interrupts for connectors that lacked a valid dc_link. The patch introduces a NULL check on am...

5.7AI score

Exploits0References2

GithubExploit•added 3 days ago•57 views

snyk-agentic-appsec-poc

Snyk Agentic AppSec POC Proof of concept demonstrating autono...

5.9AI score

Exploits0

SUSE CVE•added 6 days ago•3 views

SUSE CVE-2026-46166

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use safe list iteration in radar detect work The call to ieee80211dfscaccancel can cause the iterated chanctx to be freed and removed from the list. Guard against this to avoid a slab-use-after-free error...

5.8AI score0.00021EPSS

Exploits0References3

NVD•added last week•2 views

CVE-2026-46166

8.8CVSS0.00021EPSS

Exploits0References4

OSV•added last week•1 views

UBUNTU-CVE-2026-46166

8.8CVSS5.7AI score0.00021EPSS

Exploits0References7

OSV•added last week•1 views

UBUNTU-CVE-2026-46184

In the Linux kernel, the following vulnerability has been resolved: sound: ua101: fix division by zero at probe Add a missing sanity check for bNrChannels in detectusbformat to prevent a division by zero in playbackurbcomplete and captureurbcomplete. USB core does not validate class-specific...

5.7AI score0.00032EPSS

Exploits0References8

Cvelist•added last week•21 views

CVE-2026-46166 wifi: mac80211: use safe list iteration in radar detect work

8.8CVSS0.00021EPSS

Exploits0References4

NVD•added 2026/05/24 9:16 a.m.•6 views

CVE-2026-9367

A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detectdangerouscommand of the file tools/approval.py of the component terminaltool. This manipulation causes os command injection. It is possible to initiate the...

7.5CVSS0.0214EPSS

Exploits0References4

Vulnrichment•added 2026/05/24 8:30 a.m.•5 views

CVE-2026-9367 NousResearch hermes-agent terminal_tool approval.py detect_dangerous_command os command injection

7.5CVSS6.8AI score0.0214EPSS

Exploits0References4

CVE•added 2026/05/24 8:30 a.m.•10 views

CVE-2026-9367

CVE-2026-9367 affects NousResearch hermes-agent (component: terminal_tool, file: tools/approval.py, function: detect_dangerous_command). The issue enables an OS command injection due to a manipulation in detect_dangerous_command, with a remote attack possible. Public exploit information is report...

7.5CVSS6.8AI score0.0214EPSS

Exploits0References4

EUVD•added 2026/05/24 8:30 a.m.•8 views

EUVD-2026-31579

7.5CVSS6.8AI score0.0214EPSS

Exploits0References4

CNNVD•added 2026/05/24 12:0 a.m.•4 views

Hermes Agent 操作系统命令注入漏洞

Hermes Agent is an AI agent tool developed by Nous Research, featuring a self-learning mechanism. Versions of Hermes Agent 5157f5427f19488b31c6fdebbacd15d798ce7f63 and earlier versions have a vulnerability related to operating system command injection. This vulnerability stems from improper...

7.5CVSS7.2AI score0.0214EPSS

Exploits0References4

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed a system hang that occurs when resuming with a Thunderbolt monitor. Why The issue arises when using a Thunderbolt monitor and performing suspend operations; the system may hang during resume. During the...

5.5CVSS6.2AI score0.00026EPSS

Exploits0References2

UbuntuCve•added 2026/05/10 6:16 a.m.•1 views

CVE-2026-6104

In PHP versions 8.4. before 8.4.21 and 8.5. before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mbconvertencoding or related mbstring functions, the code incorrectly assumes that when strncasecmp returns 0 it means the strings have the same length. This can lead to...

9.1CVSS5.9AI score0.00021EPSS

Exploits0References2

ATTACKERKB•added 2026/05/07 6:14 p.m.•3 views

CVE-2026-42214

Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext's detectLanguageFromExtension function interpolates a file's extension directly into a Lua script without sanitization. An attacker can craft a filename whose extension contains Lua code, which...

7.8CVSS5.9AI score0.00015EPSS

Exploits1References4Affected Software1

NVD•added 2026/05/04 6:16 p.m.•3 views

CVE-2026-43616

Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive entries with relative traversal sequences or absolute paths. Attackers can exploit insufficient path normalization during archive...

7.8CVSS0.00079EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by