CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

4177 matches found

NVD•added 2026/02/14 3:16 p.m.•3 views

CVE-2026-23125

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.5CVSS0.00114EPSS

Exploits0References7

UbuntuCve•added 2026/02/14 3:16 p.m.•4 views

CVE-2026-23125

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.5CVSS5.9AI score0.00114EPSS

Exploits0References28

EUVD•added 2026/02/14 3:9 p.m.•4 views

EUVD-2026-5911

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.3AI score0.00114EPSS

Exploits0References7

ATTACKERKB•added 2026/02/14 3:9 p.m.•3 views

CVE-2026-23125

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.1AI score0.00114EPSS

Exploits0References8Affected Software1

Vulnrichment•added 2026/02/14 3:9 p.m.•3 views

CVE-2026-23125 sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.4AI score0.00114EPSS

Exploits0References7

CVE•added 2026/02/14 3:9 p.m.•23 views

CVE-2026-23125

CVE-2026-23125 (Linux kernel SCTP) : A null-pointer dereference in the SCTP transmit path could occur when SCTP-AUTH key initialization fails during INIT_ACK processing. The issue arises because SCTP_CMD_ASSOC_SHKEY is executed after PEER_INIT and can leave asoc->shkey NULL if key setup fails,...

5.5CVSS5.3AI score0.00114EPSS

Exploits0References7Affected Software1

OSV•added 2026/02/13 1:24 a.m.•2 views

ECHO-74F8-0C0F-635F

Bulletin has no description...

8.8CVSS5.1AI score0.00659EPSS

Exploits0References1

OSV•added 2026/02/13 1:24 a.m.•1 views

ECHO-D29C-18A6-323F

Bulletin has no description...

8.8CVSS5.1AI score0.00678EPSS

Exploits3References1

OSV•added 2026/02/13 1:19 a.m.•1 views

ECHO-8D2D-0CEB-B0F5

Bulletin has no description...

8.8CVSS5.1AI score0.00497EPSS

Exploits0References1

OSV•added 2026/02/13 1:16 a.m.•2 views

ECHO-FA09-83F6-E16F

Bulletin has no description...

4.3CVSS5.1AI score0.00281EPSS

Exploits0References1

OSV•added 2026/02/09 12:0 p.m.•3 views

ECHO-581A-B1A0-1CC4

Bulletin has no description...

7.4CVSS5.1AI score0.00652EPSS

Exploits1References1

RedhatCVE•added 2026/02/07 7:30 p.m.•6 views

CVE-2026-25723

Claude Code is an agentic coding tool. Prior to version 2.0.55, Claude Code failed to properly validate commands using piped sed operations with the echo command, allowing attackers to bypass file write restrictions. This vulnerability enabled writing to sensitive directories like the .claude...

7.7CVSS5.5AI score0.00264EPSS

Exploits0References1

OSV•added 2026/02/06 7:4 p.m.•6 views

GHSA-MHG7-666J-CQG4 Claude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write Restrictions

Claude Code failed to properly validate commands using piped sed operations with the echo command, allowing attackers to bypass file write restrictions. This vulnerability enabled writing to sensitive directories like the .claude folder and paths outside the project scope. Exploiting this require...

7.7CVSS5.6AI score0.00264EPSS

Exploits0References3

Github Security Blog•added 2026/02/06 7:4 p.m.•10 views

Claude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write Restrictions

Claude Code failed to properly validate commands using piped sed operations with the echo command, allowing attackers to bypass file write restrictions. This vulnerability enabled writing to sensitive directories like the .claude folder and paths outside the project scope. Exploiting this require...

7.7CVSS5.6AI score0.00264EPSS

Exploits0References3Affected Software1

NVD•added 2026/02/06 6:15 p.m.•5 views

CVE-2026-25723

Claude Code is an agentic coding tool. Prior to version 2.0.55, Claude Code failed to properly validate commands using piped sed operations with the echo command, allowing attackers to bypass file write restrictions. This vulnerability enabled writing to sensitive directories like the .claude...

7.7CVSS0.00264EPSS

Exploits0References1

Vulnrichment•added 2026/02/06 5:52 p.m.•5 views

CVE-2026-25723 Claude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write Restrictions

Claude Code is an agentic coding tool. Prior to version 2.0.55, Claude Code failed to properly validate commands using piped sed operations with the echo command, allowing attackers to bypass file write restrictions. This vulnerability enabled writing to sensitive directories like the .claude...

7.7CVSS5.5AI score0.00264EPSS

Exploits0References1

Cvelist•added 2026/02/06 5:52 p.m.•31 views

CVE-2026-25723 Claude Code Vulnerable to Command Injection via Piped sed Command Bypasses File Write Restrictions

Claude Code is an agentic coding tool. Prior to version 2.0.55, Claude Code failed to properly validate commands using piped sed operations with the echo command, allowing attackers to bypass file write restrictions. This vulnerability enabled writing to sensitive directories like the .claude...

7.7CVSS0.00264EPSS

Exploits0References1

EUVD•added 2026/02/06 5:52 p.m.•6 views

EUVD-2026-5637

Claude Code is an agentic coding tool. Prior to version 2.0.55, Claude Code failed to properly validate commands using piped sed operations with the echo command, allowing attackers to bypass file write restrictions. This vulnerability enabled writing to sensitive directories like the .claude...

7.7CVSS5.5AI score0.00264EPSS

Exploits0References1

CVE•added 2026/02/06 5:52 p.m.•30 views

CVE-2026-25723

Claude Code prior to 2.0.55 allowed command validation bypass by piping sed via echo, enabling writes to the .claude directory and paths outside the project when the attacker could run commands with the "accept edits" feature enabled. The issue has been patched in 2.0.55. Affected software: Claud...

7.7CVSS5.6AI score0.00264EPSS

Exploits0References1Affected Software1

CNNVD•added 2026/02/06 12:0 a.m.•3 views

Claude Code 操作系统命令注入漏洞

Claude Code is an open-source terminal-native AI programming tool developed by Anthropic. Versions of Claude Code prior to 2.0.55 contained a vulnerability related to operating system command injection. This vulnerability stemmed from insufficient validation of commands that utilized the echo...

7.7CVSS5.8AI score0.00264EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by