CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2068 matches found

CVE-2026-2604

A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft a malicious URI containing directory traversal sequences. This URI is stored without proper validation during contact creation or...

5.6CVSS0.00189EPSS

Exploits0References5

CVE•added 2026/06/16 9:35 p.m.•39 views

CVE-2026-2604

Summary: CVE-2026-2604 affects evolution-data-server. An inconsistent comparison logic in the addressbook backend lets a Flatpak/D-Bus user craft a malicious URI with directory traversal sequences. This URI is stored during contact creation/modification and later rechecked with lower strictness d...

5.6CVSS5.4AI score0.00189EPSS

Exploits0References5

Cvelist•added 2026/06/16 9:35 p.m.•15 views

CVE-2026-2604 Evolution-data-server: evolution data server: arbitrary file deletion via inconsistent uri handling

5.6CVSS0.00189EPSS

Exploits0References3

OSV•added 2026/06/12 12:25 p.m.•7 views

OESA-2026-2633 evolution-data-server security update

The evolution-data-server package provides a personal information management application that provides integrated mail, calendaring and address book functionality. The evolution-data-server package provides a single database for common, desktop-wide information, such as a user's address book or...

5.6CVSS5.5AI score0.00189EPSS

Exploits0References2

OSV•added 2026/06/12 12:25 p.m.•5 views

OESA-2026-2632 evolution-data-server security update

5.6CVSS5.5AI score0.00189EPSS

Exploits0References2

The Hacker News•added 2026/06/11 4:50 p.m.•14 views

The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm

A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leveraging resources from various ransomware-as-a-service RaaS schemes like LockBit aka Tenacious Mantis...

5.6AI score

Exploits0

Packet Storm News•added 2026/06/09 12:0 a.m.•5 views

Evaluating and Combating the Impact of Concept Drift on the Performance of Machine Learning-Based Phishing Detection Systems

The expansion of the digital domain has resulted in a substantial increase in digital communication, with email emerging as one of the most prominent channels. The proliferation of email communication is apparent in both professional and personal contexts, thereby creating numerous vulnerabilitie...

5.5AI score

Exploits0

RedhatCVE•added 2026/06/05 7:48 p.m.•8 views

CVE-2026-10218

A vulnerability has been found in nextlevelbuilder GoClaw up to 3.11.3. This affects the function auth of the file internal/http/evolutionhandlers.go. Such manipulation leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be...

5.5CVSS5.3AI score0.0023EPSS

Exploits0References1

Packet Storm News•added 2026/06/04 12:0 a.m.•4 views

MalTree: Tracing Malware Evolution from Embeddings at Scale

Malware detection remains largely reactive: machine learning models trained on known samples degrade as threats evolve. Understanding evolutionary relationships among malware families can inform proactive defense, but traditional reverse engineering can take months to years to uncover such lineag...

5.5AI score

Exploits0

OPENSUSE Linux•added 2026/06/03 12:0 a.m.•6 views

Security update for evolution-data-server (moderate)

openSUSE security update: security update for evolution-data-server ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20864-1 Rating: moderate References: bsc1258307 Cross-References: CVE-2026-2604 CVSS scores: CVE-2026-2604 SUSE : 5.6...

6.8CVSS5.8AI score0.00189EPSS

Exploits0References1

OSV•added 2026/06/01 2:51 p.m.•8 views

USN-8055-2 evolution-data-server vulnerability

USN-8055-1 fixed a vulnerability in Evolution Data Server. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that Evolution Data Server incorrectly handled removing local cache files. An attacker could possibly us...

5.6CVSS6AI score0.00189EPSS

Exploits0References2

Ubuntu•added 2026/06/01 2:51 p.m.•14 views

USN-8055-2: Evolution Data Server vulnerability

5.6CVSS6AI score0.00189EPSS

Exploits0

OSV•added 2026/06/01 1:18 p.m.•4 views

OPENSUSE-SU-2026:20864-1 Security update for evolution-data-server

This update for evolution-data-server fixes the following issues: - CVE-2026-2604: Canonicalize path before local cache file removal. bsc1258307...

5.6CVSS5.8AI score0.00189EPSS

Exploits0References2

Snyk•added 2026/06/01 5:10 a.m.•4 views

Improper Authorization

Overview Affected versions of this package are vulnerable to Improper Authorization via the auth function in the file internal/http/evolutionhandlers.go. An attacker can gain unauthorized access or perform actions with insufficient permissions by sending crafted requests remotely. Remediation...

5.5CVSS6.1AI score0.0023EPSS

Exploits0References2

NVD•added 2026/06/01 4:16 a.m.•14 views

CVE-2026-10218

5.5CVSS0.0023EPSS

Exploits0References6

EUVD•added 2026/06/01 3:0 a.m.•9 views

EUVD-2026-33539

5.5CVSS5.6AI score0.0023EPSS

Exploits0References6

CVE•added 2026/06/01 3:0 a.m.•16 views

CVE-2026-10218

The CVE-2026-10218 entry applies to nextlevelbuilder GoClaw up to version 3.11.3. The issue is in the auth function of internal/http/evolution_handlers.go, leading to improper authorization. The vulnerability is exploitable remotely and was disclosed publicly; the project labeled the issue as a b...

5.5CVSS5.6AI score0.0023EPSS

Exploits0References6