CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/02/25 12:0 a.m.•11 views

RHEL 10 : firefox (RHSA-2026:3361)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:3361 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libvpx: Hea...

10CVSS6.2AI score0.00622EPSS

OSV•added 2026/02/25 12:0 a.m.•5 views

ALSA-2026:3361 Important: firefox security update

10CVSS6.1AI score0.00622EPSS

Tenable Nessus•added 2026/02/25 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-2764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8,...

9.8CVSS5.8AI score0.00474EPSS

Exploits0References2

OSV•added 2026/02/25 12:0 a.m.•3 views

ALSA-2026:3339 Important: firefox security update

10CVSS6.1AI score0.00622EPSS

vulnersOsv•added 2026/02/24 8:47 p.m.•4 views

auto-wasi (=0.1.0), candid-extractor (>=0.1.0 <=0.1.2) +105 more potentially affected by CVE-2026-27204 via wasmtime (>=0.10.0 <=1.0.2)

wasmtime CARGO version =0.10.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.0.0, =0.5.0, =0.0.1-alpha, =0.40.1, =0.45.0, =0.1.0, =0.3.0 and more Source cves: CVE-2026-27204 Source advisory: OSV:GHSA-852M-CVVP-9P4W...

6.9CVSS5.4AI score0.00345EPSS

Exploits0

Github Security Blog•added 2026/02/24 3:30 p.m.•6 views

Apache Superset: Incomplete DISALLOWED_SQL_FUNCTIONS default list for ClickHouse engine

Apache Superset utilizes a configurable dictionary, DISALLOWEDSQLFUNCTIONS, to restrict the execution of potentially sensitive SQL functions within SQL Lab and charts. While this feature included restrictions for engines like PostgreSQL, a vulnerability was reported where the default list for the...

6.5CVSS5.9AI score0.00607EPSS

Exploits0References4Affected Software1

Snyk•added 2026/02/24 3:26 p.m.•3 views

SQL Injection

Overview apache-superset is a modern, enterprise-ready business intelligence web application. Affected versions of this package are vulnerable to SQL Injection via incomplete filtering of SQL functions for the ClickHouse engine in the DISALLOWEDSQLFUNCTIONS configuration. An attacker can access...

6.5CVSS6AI score0.00607EPSS

Exploits0References2

NVD•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2786

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS0.00314EPSS

OSV•added 2026/02/24 2:16 p.m.•4 views

CVE-2026-2786

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

NVD•added 2026/02/24 2:16 p.m.•7 views

CVE-2026-2783

Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

7.5CVSS0.00285EPSS

NVD•added 2026/02/24 2:16 p.m.•5 views

CVE-2026-2785

Invalid pointer in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS0.00366EPSS

OSV•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2785

Invalid pointer in the JavaScript Engine component. This vulnerability affects Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

OSV•added 2026/02/24 2:16 p.m.•3 views

CVE-2026-2783

Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

7.5CVSS5.8AI score

OSV•added 2026/02/24 2:16 p.m.•2 views

CVE-2026-2764

JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

OSV•added 2026/02/24 2:16 p.m.•3 views

Exploits0References6

CVE-2026-2766

Use-after-free in the JavaScript Engine: JIT component. This vulnerability affects Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

OSV•added 2026/02/24 2:16 p.m.•4 views

CVE-2026-2765

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

OSV•added 2026/02/24 2:16 p.m.•5 views

CVE-2026-2763

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...