CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4611 matches found

Positive Technologies•added 2026/04/17 12:0 a.m.•4 views

PT-2026-37029

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.12 Description An improper authorization issue exists in helper-backed channels where empty resolved approver lists are interpreted as explicit approval authorization. This logic flaw allows attackers to resol...

6.5CVSS5.8AI score0.00037EPSS

Exploits0References7

OSV•added 2026/04/16 1:10 p.m.•5 views

OPENSUSE-SU-2026:20554-1 Security update for dovecot24

This update for dovecot24 fixes the following issues: - Update to v2.4.3 - CVE-2025-59028: Invalid base64 authentication can cause DoS for other logins bsc1260894. - CVE-2025-59031: decode2text.sh OOXML extraction may follow symlinks and read unintended files during indexing bsc1260895. -...

8.2CVSS5.8AI score0.0009EPSS

Exploits6References20

Veracode•added 2026/04/16 8:59 a.m.•2 views

Path Traversal

LiquidJS is vulnerable to Path Traversal. The vulnerability is due to the top-level file loads not enforcing the boundary set by the configured root, where a Liquid instance configured with an empty temporary directory as root can return the contents of arbitrary files and attackers can exploit...

7.5CVSS5.8AI score0.00021EPSS

Exploits0References4Affected Software1

Tenable Nessus•added 2026/04/16 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-5588

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules, Legion of the Bouncy Cast...

6.3CVSS7.1AI score0.00013EPSS

Exploits0References4

Github Security Blog•added 2026/04/15 6:31 p.m.•8 views

Bouncy Castle Crypto Package For Java: Use of a Broken or Risky Cryptographic Algorithm vulnerability in bcpkix modules

: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules. PKIX draft CompositeVerifier accepts empty signature sequence as valid. This issue affects BC-JAVA: from 1.49 before 1.84...

6.3CVSS5.8AI score0.00013EPSS

Exploits0References4Affected Software7

EUVD•added 2026/04/15 6:31 p.m.•16 views

EUVD-2026-22871

10CVSS5.8AI score0.00013EPSS

Exploits0References2

OSV•added 2026/04/15 6:31 p.m.•1 views

GHSA-WG6Q-6289-32HP Bouncy Castle Crypto Package For Java: Use of a Broken or Risky Cryptographic Algorithm vulnerability in bcpkix modules

6.3CVSS5.8AI score0.00013EPSS

Exploits0References4

OSV•added 2026/04/15 3:16 p.m.•2 views

MINI-PV89-5V3H-QH4C

Bulletin has no description...

9.1CVSS5.7AI score0.00021EPSS

Exploits1

OSV•added 2026/04/15 1:36 p.m.•0 views

SUSE-SU-2026:1352-1 Security update for expat

This update for expat fixes the following issues: - CVE-2026-32776: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259726. - CVE-2026-32777: denial of service due to infinite loop in DTD content parsing bsc1259711. - CVE-2026-3277...

5.5CVSS5.8AI score0.00006EPSS

Exploits1References7

OSV•added 2026/04/15 10:16 a.m.•3 views

DEBIAN-CVE-2026-5588

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules, Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All pkix modules, Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All pkix modules. This vulnerability...

6.3CVSS5.8AI score0.00013EPSS

Exploits0References1

NVD•added 2026/04/15 10:16 a.m.•0 views

CVE-2026-5588

6.3CVSS0.00013EPSS

Exploits0References2

Snyk•added 2026/04/15 10:13 a.m.•5 views

Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature due to the verifybyte expected function in JcaContentVerifierProviderBuilder. An attacker can forge a protected CMP/PKI message by supplying an empty composite signature sequence that...

9.2CVSS5.7AI score0.00013EPSS

Exploits0References3

Snyk•added 2026/04/15 10:13 a.m.•3 views

Improper Verification of Cryptographic Signature

9.2CVSS5.7AI score0.00013EPSS

Exploits0References3

Snyk•added 2026/04/15 10:13 a.m.•2 views

Improper Verification of Cryptographic Signature

9.2CVSS5.7AI score0.00013EPSS

Exploits0References3

Snyk•added 2026/04/15 10:13 a.m.•6 views

Improper Verification of Cryptographic Signature

9.2CVSS5.7AI score0.00013EPSS

Exploits0References3

ATTACKERKB•added 2026/04/15 9:6 a.m.•0 views

CVE-2026-5588

6.3CVSS5.8AI score0.00013EPSS

Exploits0References3Affected Software3

Vulnrichment•added 2026/04/15 9:6 a.m.•0 views

CVE-2026-5588 PKIX draft CompositeVerifier accepts empty signature sequence as valid.

6.3CVSS5.8AI score0.00013EPSS

Exploits0References2

Cvelist•added 2026/04/15 9:6 a.m.•27 views

CVE-2026-5588 PKIX draft CompositeVerifier accepts empty signature sequence as valid.

6.3CVSS0.00013EPSS

Exploits0References2

Debian CVE•added 2026/04/15 9:6 a.m.•5 views

CVE-2026-5588

6.3CVSS5.8AI score0.00013EPSS

Exploits0

CNNVD•added 2026/04/15 12:0 a.m.•6 views

Splunk Cloud Platform和Splunk Enterprise 安全漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. Both Splunk Cloud Platform and Splunk...

6.6CVSS5.8AI score0.00059EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by