CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

vulnersOsv•added 2026/05/07 4:32 a.m.•5 views

org.webjars.npm:degenerator (=4.0.4), org.webjars.npm:pac-resolver (=6.0.2) +1 more potentially affected by CVE-2026-44003 via org.webjars.npm:vm2 (=3.9.19)

5.8CVSS5.8AI score0.00248EPSS

vulnersOsv•added 2026/05/07 4:8 a.m.•9 views

org.webjars.npm:degenerator (=4.0.4), org.webjars.npm:pac-resolver (=6.0.2) +1 more potentially affected by CVE-2026-43999 via org.webjars.npm:vm2 (=3.9.19)

9.9CVSS6AI score0.00669EPSS

vulnersOsv•added 2026/05/07 3:54 a.m.•8 views

org.webjars.npm:degenerator (=4.0.4), org.webjars.npm:pac-resolver (=6.0.2) +1 more potentially affected by CVE-2026-44006 via org.webjars.npm:vm2 (=3.9.19)

10CVSS6AI score0.00593EPSS

Positive Technologies•added 2026/05/07 12:0 a.m.•19 views

PT-2026-38424

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in misp allows Stored XSS. This issue affects MISP before 2.5.37. A stored cross-site scripting vulnerability exists in the template element attribute handling logic. The application accepted...

6.8CVSS5.8AI score0.00139EPSS

Snyk•added 2026/05/06 9:39 p.m.•8 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure in the Engine::error function. An attacker can obtain sensitive information, such as absolute filesystem paths, secrets embedded in exception messages, and internal module structure, by triggering an uncaught...

8.7CVSS5.8AI score0.00335EPSS

EUVD•added 2026/05/06 9:31 p.m.•4 views

EUVD-2026-27983

Use after free in V8 in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00196EPSS

EUVD•added 2026/05/06 9:31 p.m.•4 views

EUVD-2026-27975

Object lifecycle issue in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00193EPSS

EUVD•added 2026/05/06 9:31 p.m.•5 views

EUVD-2026-27895

Integer overflow in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.9AI score0.00281EPSS

EUVD•added 2026/05/06 9:31 p.m.•8 views

EUVD-2026-27907

Out of bounds memory access in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00344EPSS

vulnersOsv•added 2026/05/06 7:57 p.m.•6 views

ai.stainless:grails-tika (=0.1.0), app.dassana:rule-engine (>=1.6.8 <=1.10.1) +1305 more potentially affected by CVE-2026-44242 via io.micronaut:micronaut-inject (>=1.0.0 <=4.10.21)

io.micronaut:micronaut-inject MAVEN version =1.0.0, =1.6.8, =1.4.0, =1.1.0, =0.3.8, =0.8.0, =0.9.1, =1.4.0, =2.0.8-micronaut-1.0, =1.3.7.6, =1.3.7.6, =1.7.3-micronaut-1.0, =1.6.2-micronaut-1.0, =2.0.0-micronaut-1.0, =2.2.2-micronaut-3.0 and more Source cves: CVE-2026-44242 Source advisory:...

3.7CVSS5.4AI score0.00209EPSS

Exploits0

NVD•added 2026/05/06 7:16 p.m.•6 views

CVE-2026-7940

8.8CVSS0.00196EPSS

NVD•added 2026/05/06 7:16 p.m.•8 views

CVE-2026-7899

Out of bounds read and write in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00296EPSS

NVD•added 2026/05/06 7:16 p.m.•4 views

CVE-2026-7902

8.8CVSS0.00344EPSS