CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm News•added 3 days ago•3 views

SECUREVENT: Hybrid AI/ML Security Monitoring for Distributed Event-Based Systems

Distributed event-based systems have become a common substrate for Internet-scale publish/subscribe services, IoT telemetry, cloud-native microservices, and security operations pipelines. Their loose coupling and asynchronous delivery improve scalability, but they also expand the attack surface:...

Packet Storm News•added 5 days ago•2 views

GCVE: A Decentralized Model for Vulnerability Identification, Publication, and Operational Enrichment

The Global CVE initiative GCVE proposes a decentralized, open, and extensible model for vulnerability identification, publication, and enrichment. It addresses a gap in today's vulnerability ecosystem: centralized systems provide rigorous control and widely recognized identifiers, while many...

OSV•added 6 days ago•8 views

OESA-2026-2463 ImageMagick security update

Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...

5.9AI score

Exploits2References17

Packet Storm News•added 6 days ago•6 views

Stateful Online Monitoring Catches Distributed Agent Attacks

Language models can find thousands of severe software vulnerabilities, and agents are increasingly being misused for cyberattacks. To avoid detection, attackers frequently distribute their misuse, splitting a harmful task across many user accounts so each individual transcript looks benign. Becau...

Tenable Nessus•added 6 days ago•6 views

ImageMagick < 6.9.13-48 / 7.x < 7.1.2-23 Multiple Vulnerabilities

The remote host has a version of ImageMagick installed that is prior to 6.9.13-47 or 7.x prior to 7.1.2-22. It is, therefore, affected by multiple vulnerabilities: â An attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race...

6AI score

Exploits0References6

EUVD•added last week•2 views

EUVD-2026-32999

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, when RUSTFSCORSALLOWEDORIGINS is unset, the RustFS S3 listener's ConditionalCorsLayer reflects any request Origin value back as Access-Control-Allow-Origin and also sets Access-Control-Allow-Credentials: true and...

6CVSS5.8AI score0.00015EPSS

Exploits0References1

Packet Storm News•added 2026/05/28 12:0 a.m.•6 views

DeepFake Forensics AI: A Multi-Modal Detection and Blockchain-Anchored Evidence Management Platform

The proliferation of AI-generated synthetic media poses a critical threat to the integrity of digital evidence in legal and forensic contexts. Existing deepfake detection systems typically address a single modality and provide no mechanism for tamper-proof evidence preservation. We present DeepFa...

Positive Technologies•added 2026/05/28 12:0 a.m.•5 views

PT-2026-44467

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the internode RPC layer authenticates every request with an HMAC-SHA256 signature using a shared secret. The function that produces this secret, get shared secret in crates/ecstore/src/rpc/http auth.rs, falls back...

9.8CVSS5.7AI score0.00054EPSS

Positive Technologies•added 2026/05/28 12:0 a.m.•5 views

PT-2026-44474

RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-beta.2, the RustFS console endpoint GET /rustfs/console/license returns parsed license metadata without requiring authentication. The endpoint is registered on the console listener and returns JSON containing license...

6.9CVSS5.8AI score0.00059EPSS

Snyk•added 2026/05/27 5:17 p.m.•2 views

Missing Authorization

Overview pimcore/pimcore is a content & product management framework CMS/PIM/E-Commerce. Affected versions of this package are vulnerable to Missing Authorization via the Tree::move process. An attacker can delete or overwrite assets without proper authorization by sending a crafted WebDAV MOVE...

8.1CVSS5.8AI score

Akamai Blog•added 2026/05/27 9:0 a.m.•3 views

Distributed AI Inference: Why Placement Is the New Bottleneck

In real AI systems, bottlenecks don't disappear, they move. Learn about why inference placement, not raw compute, is the decisive infrastructure question...