Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6100 matches found

EUVD
EUVDadded 2026/04/10 6:31 p.m.2 views

EUVD-2026-21402

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

6.2CVSS5.8AI score0.00202EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/04/10 6:31 p.m.14 views

Apache Log4j Core: `verifyHostName` attribute silently ignored in TLS configuration

The fix for CVE-2025-68161 was incomplete: it addressed hostname verification only when enabled via the log4j2.sslVerifyHostName system property, but not when configured through the verifyHostName attribute of the element. Although the verifyHostName configuration attribute was introduced in Log4...

6.3CVSS6.6AI score0.00743EPSS
Exploits1References7Affected Software1
NVD
NVDadded 2026/04/10 4:16 p.m.3 views

CVE-2026-40227

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

6.2CVSS0.00202EPSS
Exploits0References1
OSV
OSVadded 2026/04/10 4:16 p.m.2 views

DEBIAN-CVE-2026-40227

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

5.5CVSS5.2AI score0.00202EPSS
Exploits0References1
NVD
NVDadded 2026/04/10 4:16 p.m.2 views

CVE-2026-34477

The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addressed hostname verification only when enabled via the log4j2.sslVerifyHostName https://logging.apache.org/log4j/2.x/manual/systemproperties.htmllog4j2.sslVerifyHostName system property, but no...

6.3CVSS0.00395EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2026/04/10 4:16 p.m.2 views

CVE-2026-40227

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

6.2CVSS5.8AI score0.00202EPSS
Exploits0References2
OSV
OSVadded 2026/04/10 4:16 p.m.2 views

UBUNTU-CVE-2026-34477

The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addressed hostname verification only when enabled via the log4j2.sslVerifyHostName https://logging.apache.org/log4j/2.x/manual/systemproperties.htmllog4j2.sslVerifyHostName system property, but no...

6.3CVSS5.8AI score0.00395EPSS
Exploits0References7
OSV
OSVadded 2026/04/10 4:16 p.m.4 views

UBUNTU-CVE-2026-40227

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

6.2CVSS5.8AI score0.00202EPSS
Exploits0References3
Snyk
Snykadded 2026/04/10 4:9 p.m.3 views

Comparison Using Wrong Factors

Overview Affected versions of this package are vulnerable to Comparison Using Wrong Factors in the IPC API call process when an array or map containing a null element is provided. An attacker can cause a system crash by sending specially crafted IPC API requests. Remediation A fix was pushed into...

6.9CVSS5.8AI score0.00202EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/10 3:36 p.m.27 views

CVE-2026-34477 Apache Log4j Core: verifyHostName attribute silently ignored in TLS configuration, allowing hostname verification bypass

The fix for CVE-2025-68161 https://logging.apache.org/security.htmlCVE-2025-68161 was incomplete: it addressed hostname verification only when enabled via the log4j2.sslVerifyHostName https://logging.apache.org/log4j/2.x/manual/systemproperties.htmllog4j2.sslVerifyHostName system property, but no...

6.3CVSS0.00395EPSS
Exploits0References5
CVE
CVEadded 2026/04/10 3:36 p.m.104 views

CVE-2026-34477

CVE-2025-68161 (and CVE-2026-34477) affect Apache Log4j Core Socket Appender where TLS hostname verification was silently ignored when configured via verifyHostName, leaving potential MITM scenarios under SMTP, Socket, or Syslog Appenders using a nested element. The issue spans versions 2.0-beta...

6.3CVSS6.6AI score0.00395EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2026/04/10 3:19 p.m.27 views

CVE-2026-40227

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

6.2CVSS0.00202EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/10 3:19 p.m.1 views

CVE-2026-40227

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

6.2CVSS5.8AI score0.00202EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/10 3:19 p.m.4 views

CVE-2026-40227

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

6.2CVSS5.8AI score0.00202EPSS
Exploits0References1
CVE
CVEadded 2026/04/10 3:19 p.m.11 views

CVE-2026-40227

CVE-2026-40227 affects systemd 260 prior to 261. A local unprivileged user can trigger an assertion via an IPC API call when passing an array or map that contains a null element. The vulnerability leads to a crash (assertion failure) rather than a remote compromise, with impact on availability as...

6.2CVSS5.8AI score0.00202EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/10 12:0 a.m.2 views

PT-2026-31936

In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element...

6.2CVSS5.8AI score0.00202EPSS
Exploits0References2
NVD
NVDadded 2026/04/09 10:16 p.m.4 views

CVE-2026-33783

A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service DoS. If colored SRTE policy tunnels are provisioned via...

7.1CVSS0.0024EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/09 9:36 p.m.18 views

CVE-2026-33783 Junos OS Evolved: PTX Series: If SRTE tunnels provisioned via PCEP are present and specific gRPC queries are received evo-aftmand crashes

A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service DoS. If colored SRTE policy tunnels are provisioned via...

7.1CVSS0.0024EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/09 9:36 p.m.3 views

CVE-2026-33783

A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service DoS. If colored SRTE policy tunnels are provisioned via...

7.1CVSS5.9AI score0.0024EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/09 9:36 p.m.1 views

CVE-2026-33783 Junos OS Evolved: PTX Series: If SRTE tunnels provisioned via PCEP are present and specific gRPC queries are received evo-aftmand crashes

A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticated attacker with low privileges to cause a complete Denial of Service DoS. If colored SRTE policy tunnels are provisioned via...

7.1CVSS5.8AI score0.0024EPSS
Exploits0References1
Rows per page
Query Builder