CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

68 matches found

Ubuntu•added 2026/06/04 11:16 p.m.•4 views

USN-8387-1: Inetutils vulnerabilities

It was discovered that the Inetutils telnet daemon incorrectly handled the CREDENTIALSDIRECTORY environment variable. An attacker could possibly use this issue to escalate privileges. CVE-2026-28372 It was discovered that the Inetutils telnet daemon did not properly validate buffer bounds when...

9.8CVSS7.5AI score0.053EPSS

Exploits13

OSSF Malicious Packages•added 2026/05/12 6:0 p.m.•8 views

Malicious code in @a91082900/test_package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8349cd7ce2c9ac2321dce8f80e5a46c0064b382fb7e54e975ff27a2dcab1254 The package's main file index.js executes at module load, with no exports and no user-invoked API. On import it issues...

5.9AI score

Exploits0References1

OSV•added 2026/05/12 6:0 p.m.•3 views

MAL-2026-3680 Malicious code in @a91082900/test_package (npm)

5.9AI score

Exploits0References1

AstraLinux•added 2026/05/08 9:9 a.m.•9 views

Astra Linux - уязвимость в inetutils

telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...

4.7CVSS5.9AI score0.0006EPSS

Exploits1References3

Exploit DB•added 2026/04/29 12:0 a.m.•66 views

GNU InetUtils 2.6 - Telnetd Remote Privilege Escalation

Exploit Title: GNU InetUtils telnetd - Remote Privilege Escalation Date: 2026-01-24 Exploit Author: Ali Guliyev infat0x Author GitHub: https://github.com/infat0x Vendor Homepage: https://www.gnu.org/software/inetutils/ Software Link: https://ftp.gnu.org/gnu/inetutils/ Version: GNU InetUtils 2.0...

9.8CVSS8.9AI score0.91526EPSS

Exploits59

GithubExploit•added 2026/03/18 7:58 p.m.•158 views

Exploit for Argument Injection in Gnu Inetutils

CVE-2026-24061 - telnetd auth bypass o co chodzi argument...

10CVSS7.2AI score0.91526EPSS

Exploits60

EUVD•added 2026/03/16 3:30 p.m.•3 views

EUVD-2026-12154

telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...

3.4CVSS5.9AI score0.0006EPSS

Exploits1References2

OSV•added 2026/03/16 2:19 p.m.•2 views

DEBIAN-CVE-2026-32772

telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...

4.7CVSS5.4AI score0.0006EPSS

Exploits1References1

OSV•added 2026/03/16 2:19 p.m.•1 views

UBUNTU-CVE-2026-32772

telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...

4.7CVSS5.9AI score0.0006EPSS

Exploits1References4

Positive Technologies•added 2026/03/16 12:0 a.m.•4 views

PT-2026-25852

Name of the Vulnerable Software and Affected Versions SiYuan versions 3.6.0 and below Description SiYuan, a personal knowledge management system, has an issue in the globalCopyFiles API. This API reads source files using filepath.Abs without proper workspace boundary checks. It relies on the...

6.8CVSS5.9AI score0.00095EPSS

Exploits1References9

Vulnrichment•added 2026/03/13 9:1 p.m.•3 views

CVE-2026-32772

telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...

3.4CVSS5.9AI score0.0006EPSS

Exploits1References1

Cvelist•added 2026/03/13 9:1 p.m.•31 views

CVE-2026-32772

telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEWENVIRON SEND USERVAR...

3.4CVSS0.0006EPSS

Exploits1References1

Packet Storm•added 2026/03/03 12:0 a.m.•97 views

📄 GNU Inetutils telnetd NEW-ENVIRON Authentication Bypass

This Metasploit module exploits an authentication bypass vulnerability in GNU Inetutils telnetd. By sending a specially crafted NEW-ENVIRON subnegotiation with a USER variable containing -f root, an attacker can login as root without a password. This occurs because telnetd passes the environment...

9.8CVSS6AI score0.91526EPSS

Exploits59

GithubExploit•added 2026/02/18 8:52 a.m.•141 views

Exploit for Argument Injection in Gnu Inetutils

!Authorhttps://img.shields.io/badge/Author-Mohammed%20Idrees%...

9.8CVSS5.8AI score0.91526EPSS

Exploits59

PyPA•added 2026/02/12 4:16 p.m.•7 views

PYSEC-2026-34

Crawl4AI versions prior to 0.8.0 contain a local file inclusion vulnerability in the Docker API deployment. The /executejs, /screenshot, /pdf, and /html endpoints accept file:// URLs, allowing unauthenticated remote attackers to read arbitrary files from the server filesystem. An attacker can...

9.2CVSS6AI score0.00022EPSS

Exploits0References3Affected Software1

GithubExploit•added 2026/02/02 10:30 a.m.•165 views

Exploit for Argument Injection in Gnu Inetutils

CVE-2026-24061 Telnet Root Exploit & Scanner A robust, multit...

9.8CVSS7.7AI score0.91526EPSS

Exploits59

Packet Storm•added 2026/01/28 12:0 a.m.•142 views

📄 GNU Inetutils 2.7 Telnet Authentication Bypass Scanner

GNU Inetutils version 2.7 telnet authentication bypass scanner that leverages a crafted USER value. This vulnerability is tracked as CVE-2026-24061 and is conceptually related to historical Telnet NEW-ENVIRON issues such as CVE-1999-0192, but affects modern GNU Inetutils implementations...

10CVSS5.9AI score0.91526EPSS

Exploits60

GithubExploit•added 2026/01/27 8:32 a.m.•211 views

Exploit for CVE-2026-24061

CVE-2026-24061 Vulnerability Scanner & Exploit !Licenseh...

9.8CVSS7.5AI score0.91526EPSS

Exploits96

GithubExploit•added 2026/01/25 10:40 a.m.•135 views

Exploit for CVE-2026-24061

CVE-2026-24061 Telnet NEW-ENVIRON authentication bypass v...

9.8CVSS5.5AI score0.91526EPSS

Exploits59