CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 3 days ago•47 views

CVE-2026-10561

Affected product: Langflow OSS (1.0.0–1.9.3). Vulnerability: Unauthenticated remote code execution via improper isolation of Python execution in the PythonREPLComponent, combined with an authentication bypass. CPython’s exec() uses a globals dict without correctly restricting builtins, allowing a...

10CVSS6.4AI score0.00529EPSS

RedhatCVE•added 3 days ago•6 views

CVE-2026-43994

A flaw was found in Coturn, an open-source TURN and STUN server. A remote attacker can exploit a stack buffer overflow vulnerability by providing a specially crafted OAuth access token when the server is configured to use --oauth mode. This could lead to arbitrary code execution RCE, allowing the...

8.1CVSS6.8AI score0.00357EPSS

Exploits0References2

CVE•added 3 days ago•12 views

CVE-2026-56447

The CVE describes a vulnerability in MISP where an authenticated site administrator could set the Kafka_rdkafka_config to an arbitrary filesystem path. MISP parses the referenced INI and forwards its options to librdkafka; a crafted INI could utilize options like plugin.library.paths to load an a...

9.3CVSS6.4AI score0.00342EPSS

Exploits0References1Affected Software1

Cvelist•added 3 days ago•26 views

CVE-2026-56447 MISP remote code execution via arbitrary rdkafka configuration path

MISP allowed an authenticated site administrator to set the Kafkardkafkaconfig setting to an arbitrary filesystem path. MISP subsequently parsed the referenced INI file and passed its options to rdkafka. A crafted attacker-controlled configuration file could use rdkafka options such as...

9.3CVSS0.00342EPSS

EUVD•added 3 days ago•5 views

EUVD-2026-38231

9.3CVSS6.4AI score0.00342EPSS

CVE•added 3 days ago•7 views

CVE-2026-12602

ArubaSign is affected by an elevation of privilege via insecure default permissions. Affected: ArubaSign versions prior to 4.6.6. Root cause: during default installation, main executable and other program files under C:\Program Files have excessively permissive rights for the Everyone group, enab...

8.8CVSS6.3AI score0.00122EPSS

Cvelist•added 3 days ago•27 views

CVE-2026-12602 Incorrect permissions in ArubaSign by Aruba

Incorrect default permissions in ArubaSign, affecting versions prior to v4.6.6. The vulnerability is caused by the assignment of inappropriate permissions during the software’s default installation, whereby the main executable and other programme files located in C:\Program Files have excessive...

8.8CVSS0.00122EPSS

CVE•added 3 days ago•10 views

CVE-2026-56446

MISP is affected by CVE-2026-56446 where an authenticated site administrator could configure an arbitrary filesystem path for the NDJSON error log via JsonLogTool. Logged data can contain attacker-controlled content, enabling direction of log output to a web-accessible PHP file and potentially in...

8.7CVSS6.6AI score0.00383EPSS

Exploits0References1Affected Software1

Cvelist•added 3 days ago•27 views

CVE-2026-56446 Authenticated Remote Code Execution via Arbitrary NDJSON Error Log Path in MISP

MISP allowed a site administrator to configure an arbitrary filesystem path for the NDJSON error log used by JsonLogTool. Because log entries can include attacker-controlled content, an authenticated attacker with site administrator privileges could direct log output to a PHP file in a...

8.7CVSS0.00383EPSS

EUVD•added 3 days ago•7 views

EUVD-2026-38229

8.7CVSS6.6AI score0.00383EPSS

8.3CVSS6.2AI score0.00289EPSS

USN-8456-1 libxml2 vulnerability

Geoffrey Humphreys discovered that libxml2 had a use after free when parsing the internal subset of a DTD. A remote attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code...

Exploits0References2

Malicious code in @petitcode/eb-retry (npm)

@petitcode/eb-retry malicious version 1.3.5, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern...

6AI score

Exploits0References6

Malicious code in @nullzero/urlcat (npm)

@nullzero/urlcat version 1.4.2, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern [email protected], with...

6.4AI score

Exploits0References6

Malicious code in @lazyutil/dater (npm)

@lazyutil/dater malicious versions 0.8.1, 0.9.2, 0.9.3, and 0.9.4, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all...

6.5AI score

Malicious code in @tinyfox/shapecheck (npm)

@tinyfox/shapecheck malicious version 0.8.7, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern...

5.9AI score

OSSF Malicious Packages•added 3 days ago•7 views

Malicious code in @zynkit/jwtbytes (npm)

@zynkit/jwtbytes malicious version 0.5.3, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern...

6.5AI score

MAL-2026-6313 Malicious code in @zynkit/jwtbytes (npm)

6.5AI score

MAL-2026-6309 Malicious code in @nullzero/urlcat (npm)

6.4AI score

Exploits0References6