CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added last week•6 views

EUVD-2026-36429

9.8CVSS5.2AI score0.00346EPSS

Tenable Nessus•added 2026/06/12 12:0 a.m.•9 views

EulerOS Virtualization 2.13.0 : bind (EulerOS-SA-2026-2395)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU...

7.5CVSS5.8AI score0.00824EPSS

Positive Technologies•added 2026/06/12 12:0 a.m.•9 views

PT-2026-48885

Name of the Vulnerable Software and Affected Versions Pause+ Mobile App versions 1.0.6 through 1.4.x Description Improper restriction of excessive authentication attempts allows for authentication bypass. Recommendations Update to version 1.5...

9.8CVSS5.2AI score0.00346EPSS

Exploits0References5

CVE•added 2026/06/11 5:0 p.m.•8 views

CVE-2026-3329

CVE-2026-3329 affects Sonatype Nexus Repository. A remote unauthenticated attacker can perform credential-guessing attacks via authentication endpoints, with a CVSS v4.0 base score 8.7 (HIGH) and network exposure. The vulnerability is characterized by a lack of authentication requirements for gue...

8.7CVSS5.5AI score0.00503EPSS

RedhatCVE•added 2026/06/10 11:33 p.m.•5 views

CVE-2026-45664

A flaw was found in ImageMagick. A remote attacker could exploit a missing check in the Multiple-image Network Graphics MNG coder to read more images than allowed by policy. This could lead to excessive resource consumption, resulting in a denial of service DoS. Mitigation Mitigation for this iss...

7.5CVSS5.1AI score0.00403EPSS

Exploits0References4

NVD•added 2026/06/10 10:16 p.m.•4 views

CVE-2026-45664

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, because of a missing check in the MNG coder it would be possible to read more images than the list limit policy would allow resulting in excessive resource use...

5.3CVSS0.00403EPSS

Snyk•added 2026/06/10 10:15 p.m.•4 views

Memory Allocation with Excessive Size Value

Overview kafka-python is a Pure Python client for Apache Kafka Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the receivebytes function in the protocol parser. An attacker can exhaust system memory or cause connections to hang by sending a...

8.7CVSS5.5AI score0.00352EPSS

RedHat Linux•added 2026/06/10 9:58 a.m.•6 views

jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication

A flaw was found in pgjdbc, an open-source PostgreSQL JDBC Driver. A malicious server can exploit this vulnerability by instructing the driver to perform SCRAM-SHA-256 Salted Challenge Response Authentication Mechanism Secure Hash Algorithm 256 authentication with an excessively large iteration...

7.5CVSS7.1AI score0.00445EPSS

Exploits0References6

CNNVD•added 2026/06/10 12:0 a.m.•6 views

ImageMagick 资源管理错误漏洞

ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It allows for reading, converting, and writing images in various formats. Versions of ImageMagick prior to 6.9.13-47 and 7.1.2-22 contained a resource management vulnerability due to a lack of chec...

5.3CVSS5.2AI score0.00403EPSS

PyPA•added 2026/06/09 11:16 p.m.•5 views

PYSEC-2026-209

SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code. Prior to version 4.1.0, in deployments where untrusted users can provide SQL queries to be linted, an untrusted user can submit a malicious query with deliberate excessive nesting to any...

Exploits0References1Affected Software1

OSV•added 2026/06/09 11:16 p.m.•4 views

PYSEC-2026-209

OSV•added 2026/06/09 11:16 p.m.•2 views

UBUNTU-CVE-2026-46373

EUVD•added 2026/06/09 10:38 p.m.•10 views

Exploits0References3

EUVD-2026-35854

Vulnrichment•added 2026/06/09 10:38 p.m.•5 views

CVE-2026-46373 SQLFluff: Recursive Stack Overflow in Parser

Debian CVE•added 2026/06/09 10:38 p.m.•6 views

CVE-2026-46373

RedHat Linux•added 2026/06/09 7:7 a.m.•7 views

Exploits0

crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building

A flaw was found in the Go standard library packages crypto/x509 and crypto/tls. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being...

7.5CVSS5.4AI score0.00371EPSS

Exploits0References8

CNNVD•added 2026/06/09 12:0 a.m.•4 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system developed by Huawei Technologies Co., Ltd. It is a full-scenario distributed operating system based on a microkernel architecture. There is a security vulnerability in HUAWEI HarmonyOS, which stems from excessive write operations in the IPC module,...

5.3CVSS5.3AI score0.00103EPSS