CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Fedora•added 2026/05/27 12:53 a.m.•7 views

[SECURITY] Fedora 44 Update: rust-eif_build-0.2.1-7.fc44

This CLI tool provides a low level path to assemble an enclave image format EIF file used in AWS Nitro Enclaves...

9.8CVSS5.8AI score0.00158EPSS

GithubExploit•added 2026/05/23 3:23 p.m.•61 views

ios-imessage-zero-click-exploit

CVE-2025-31200/31201 - iOS Zero-Click iMessage Exploit Chai...

9.8CVSS7.4AI score0.03372EPSS

Exploits6

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: crypto: caam – Prevent crashes during suspension with iMX8QM/iMX8ULP Since the CAAM on these SoCs is managed by another ARM core, called the SECO Security Controller on iMX8QM and Secure Enclave on iMX8ULP. The SECO also...

5.5CVSS5.8AI score0.00018EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Add a overflow check in sgxvalidateoffsetlength The sgxvalidateoffsetlength function verifies the "offset" and "length" arguments provided by the user space. However, there was a lack of an overflow check when these...

5.5CVSS5.8AI score0.00049EPSS

Veracode•added 2026/05/15 5:3 a.m.•8 views

Arbitrary Code Injection

Enclave is vulnerable to Arbitrary Code Injection. The vulnerability is due to improper enforcement of security boundaries in @enclave-vm/core, allowing attackers to escape the JavaScript sandbox environment and achieve arbitrary code execution on the host system...

10CVSS6.4AI score0.00775EPSS

Exploits2References2Affected Software2

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в mbedtls

A issue was discovered in Arm Mbed TLS prior to version 2.23.0. Due to a side channel in modular exponentiation, an RSA private key used in a secure enclave could be disclosed...

5.3CVSS6.6AI score0.00516EPSS

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Resolves SECS reclaim vs. page fault for EAUG race The SGX EPC reclaimer ksgxd may reclaim the SECS EPC page for an enclave and set secs.epcpage to NULL. The SECS page is used for EAUG and ELDU in the SGX page fault...

4.7CVSS6.1AI score0.00018EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в intel-microcode

Improper buffer restrictions for some IntelR XeonR Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access...

7.2CVSS5.7AI score0.00021EPSS

Packet Storm News•added 2026/05/01 12:0 a.m.•1 views

KingsGuard: Enclave Data Protection under Real-World TEE Vulnerabilities

Trusted Execution Environments TEEs have emerged as a cornerstone for securing sensitive computations by providing isolated enclaves protected from untrusted software. However, their security guarantees are undermined by vulnerabilities in both the enclave code and the underlying hardware design,...

5.9AI score

Tenable Nessus•added 2026/04/22 12:0 a.m.•3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013705)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013705 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC or xAPIC, and...

5.6AI score0.00024EPSS

Exploits0References4

Packet Storm News•added 2026/04/20 12:0 a.m.•4 views

AppleSEPKeyStore Stress Tester / Fuzzer

This code is not a fully functional exploit, but rather a concurrency stress test and race-condition trigger targeting the Apple Secure Enclave key management driver AppleSEPKeyStore...

5.8AI score

GithubExploit•added 2026/04/19 6:22 a.m.•65 views

Exploit for Code Injection in Agentfront Enclave

CVE-2026-27597 - version Remote Code Execution Quick Usage...

10CVSS6.5AI score0.00775EPSS

Exploits2

RedhatCVE•added 2026/04/15 7:24 p.m.•1 views

CVE-2026-32220

Improper access control in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

4.4CVSS6.2AI score0.00062EPSS

RedhatCVE•added 2026/04/15 7:24 p.m.•0 views

CVE-2026-23670

Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

5.7CVSS5.8AI score0.00064EPSS

EUVD•added 2026/04/14 6:30 p.m.•0 views

EUVD-2026-22607

Improper access control in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

4.4CVSS5.7AI score0.00062EPSS

EUVD•added 2026/04/14 6:30 p.m.•1 views

EUVD-2026-22366

Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

5.7CVSS5.7AI score0.00064EPSS

NVD•added 2026/04/14 6:17 p.m.•0 views

CVE-2026-32220

Improper access control in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

4.4CVSS0.00062EPSS

NVD•added 2026/04/14 6:16 p.m.•1 views

CVE-2026-23670

Untrusted pointer dereference in Windows Virtualization-Based Security VBS Enclave allows an authorized attacker to bypass a security feature locally...

5.7CVSS0.00064EPSS