CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2026/06/04 2:30 a.m.•12 views

SUSE CVE-2026-7666

An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15. django.core.mail.backends.smtp.EmailBackend in Django fails to prevent reuse of a partially-initialized connection after a failed STARTTLS handshake when failsilently=True, which allows on-path network attackers to read ema...

7.4CVSS5.7AI score0.0015EPSS

Exploits0References4

OSV•added 2026/06/03 2:16 p.m.•8 views

PYSEC-2026-200

2.3CVSS5.3AI score0.0015EPSS

Exploits0References3

ATTACKERKB•added 2026/05/28 4:47 p.m.•9 views

CVE-2026-34126

7.3CVSS5.8AI score0.00097EPSS

Exploits0References7

Cvelist•added 2026/05/28 4:47 p.m.•29 views

CVE-2026-34126 Bluetooth Communication Uses Unencrypted Transmission During Initial Setup on TP-Link's Tapo L535E, P300 and D100C

7.3CVSS0.00097EPSS

CVE•added 2026/05/28 4:47 p.m.•19 views

CVE-2026-34126

Summary: CVE-2026-34126 affects TP-Link Tapo devices (L535E v1.0/v3.0, P300 v1.0, D100C v1.0). During the initialization phase, Bluetooth communication is transmitted in cleartext without encryption. A nearby attacker could exploit this via Bluetooth sniffing or man-in-the-middle to eavesdrop on ...

7.5CVSS5.8AI score0.00097EPSS

Exploits0References6Affected Software1

EUVD•added 2026/05/28 4:47 p.m.•11 views

EUVD-2026-32969

7.3CVSS5.8AI score0.00097EPSS

Vulnrichment•added 2026/05/28 4:47 p.m.•8 views

CVE-2026-34126 Bluetooth Communication Uses Unencrypted Transmission During Initial Setup on TP-Link's Tapo L535E, P300 and D100C

7.3CVSS5.8AI score0.00097EPSS

CNNVD•added 2026/05/28 12:0 a.m.•15 views

TP-Link多款产品安全漏洞

TP-Link Tapo L535E are products of the TP-Link company from China. The TP-Link Tapo L535E is a smart color-adjustable LED bulb. The TP-Link Tapo P300 is a smart Wi-Fi multi-port plug-in device. The TP-Link Tapo D100C is a smart video doorbell with a wireless doorbell buzzer. Several TP-Link...

7.3CVSS5.9AI score0.00097EPSS

Ubuntu•added 2026/05/26 6:25 p.m.•15 views

USN-8167-2: xdg-dbus-proxy vulnerability

USN-8167-1 fixed a vulnerability in xdg-dbus-proxy. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that xdg-dbus-proxy incorrectly handled eavesdropping in policy rules. A local attacker could possibly use this issue to intercept...

6.8CVSS5.8AI score0.00175EPSS

Exploits0

OSV•added 2026/05/26 6:25 p.m.•7 views

USN-8167-2 xdg-dbus-proxy vulnerability

6.8CVSS5.8AI score0.00175EPSS

Exploits0References2

RedhatCVE•added 2026/05/18 2:57 p.m.•12 views

CVE-2026-33603

A flaw was found in Dovecot. An attacker, positioned as a Man-in-the-Middle MITM between Dovecot and a client, can exploit a specially crafted base64 exchange to fake SCRAM TLS channel binding. This allows the attacker to eavesdrop on communications between Dovecot and the client, leading to...

6.8CVSS5.7AI score0.00222EPSS

Exploits0References4

SUSE CVE•added 2026/05/13 3:38 a.m.•8 views

SUSE CVE-2026-33603

Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker is able to position itself between Dovecot and the client connection. If successful, the attacker can eavesdrop communications between Dovecot and...

EUVD•added 2026/05/12 3:31 p.m.•8 views

Exploits0References3

EUVD-2026-29468

NVD•added 2026/05/12 2:17 p.m.•7 views

Exploits0References2

CVE-2026-33603

6.8CVSS0.00222EPSS

Cvelist•added 2026/05/12 1:28 p.m.•27 views

CVE-2026-33603

6.8CVSS0.00222EPSS

Vulnrichment•added 2026/05/12 1:28 p.m.•7 views

CVE-2026-33603

AlpineLinux•added 2026/05/12 1:28 p.m.•11 views

CVE-2026-33603