Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

588926 matches found

ATTACKERKB
ATTACKERKBadded 2026/06/03 5:53 p.m.7 views

CVE-2026-45614

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Prior to version 4.11.0, on many of the ECDH shared secret paths, the public key isn't verified to be a point on the correct curve. By...

4.7CVSS5.8AI score0.00071EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2026/06/03 5:53 p.m.12 views

CVE-2026-45614

OP-TEE up to version 4.10.x is vulnerable in ECDH shared secret paths where the public key isn’t verified as a valid curve point. An attacker with local access can inject ~30–40 crafted public keys to force key derivation (TEE_DeriveKey) and leak d mod r across calls, enabling recovery of the pri...

4.7CVSS5.8AI score0.00071EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/03 5:53 p.m.5 views

CVE-2026-45614 OP-TEE vulnerable to ECDH private key recovery

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Prior to version 4.11.0, on many of the ECDH shared secret paths, the public key isn't verified to be a point on the correct curve. By...

4.7CVSS5.8AI score0.00071EPSS
Exploits1References1
Debian CVE
Debian CVEadded 2026/06/03 5:53 p.m.7 views

CVE-2026-45614

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Prior to version 4.11.0, on many of the ECDH shared secret paths, the public key isn't verified to be a point on the correct curve. By...

4.7CVSS5.8AI score0.00071EPSS
Exploits1
EUVD
EUVDadded 2026/06/03 5:53 p.m.8 views

EUVD-2026-34159

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Prior to version 4.11.0, on many of the ECDH shared secret paths, the public key isn't verified to be a point on the correct curve. By...

4.7CVSS5.8AI score0.00071EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/06/03 5:53 p.m.32 views

CVE-2026-45614 OP-TEE vulnerable to ECDH private key recovery

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Prior to version 4.11.0, on many of the ECDH shared secret paths, the public key isn't verified to be a point on the correct curve. By...

4.7CVSS0.00071EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/06/03 5:14 p.m.5 views

CVE-2026-6473

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.3AI score0.004EPSS
Exploits0References4
GithubExploit
GithubExploitadded 2026/06/03 5:6 p.m.79 views

Exploit for Eval Injection in Geoserver

CVE-2024-36401 — Unauthenticated RCE in GeoServer !CVEhttp...

9.8CVSS7.6AI score0.99813EPSS
Exploits25
Wordfence Blog
Wordfence Blogadded 2026/06/03 4:59 p.m.10 views

Attackers Actively Exploiting Critical Vulnerability in Everest Forms Pro Plugin

On March 30th, 2026, we publicly disclosed a critical Remote Code Execution vulnerability in Everest Forms Pro, a WordPress plugin with an estimated 4,000 active installations. This vulnerability can be leveraged by unauthenticated attackers to execute arbitrary PHP code on the server, leading to...

9.8CVSS6.7AI score0.04756EPSS
Exploits1
ATTACKERKB
ATTACKERKBadded 2026/06/03 4:45 p.m.7 views

CVE-2026-40290

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...

7.8CVSS5.8AI score0.00143EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/03 4:45 p.m.7 views

CVE-2026-40290 OP-TEE has a Use-After-Free race in FF-A shared-memory teardown

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...

7.8CVSS5.8AI score0.00143EPSS
Exploits1References1
Debian CVE
Debian CVEadded 2026/06/03 4:45 p.m.10 views

CVE-2026-40290

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...

7.8CVSS5.8AI score0.00143EPSS
Exploits1
The Hacker News
The Hacker Newsadded 2026/06/03 4:30 p.m.14 views

CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento full-page cache extension, to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation in the wild. The...

9.8CVSS6.9AI score0.01502EPSS
Exploits1
Ubuntu
Ubuntuadded 2026/06/03 4:29 p.m.7 views

USN-8382-1: Exim vulnerabilities

Timo Longin discovered that Exim incorrectly handled certain SMTP messages in PIPELINING/CHUNKING configurations. A remote attacker could possibly use this issue to perform SMTP smuggling. This issue only affected Ubuntu 14.04 LTS. CVE-2023-51766 It was discovered that Exim incorrectly handled...

9.8CVSS7.7AI score0.01225EPSS
Exploits3
NVD
NVDadded 2026/06/03 4:16 p.m.8 views

CVE-2026-36574

A DLL hijacking vulnerability in Wassimulator GitHub CactusViewer v2.3.0 allows attackers to escalate privileges and execute arbitrary code via a crafted DLL...

7.8CVSS0.00137EPSS
Exploits0References4
CVE
CVEadded 2026/06/03 4:6 p.m.15 views

CVE-2026-20175

CVE-2026-20175 – Cisco Finesse remote file inclusion vulnerability. An unauthenticated, remote attacker can load arbitrary files into an active user session by sending a crafted HTTP request, potentially enabling browser‑based attacks and execution of script code or access to sensitive informatio...

6.1CVSS6.1AI score0.0018EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/06/03 4:6 p.m.6 views

CVE-2026-20175

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input...

6.1CVSS6.1AI score0.0018EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/03 4:6 p.m.8 views

CVE-2026-20175 Cisco Finesse File Inclusion Vulnerability

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input...

6.1CVSS6.1AI score0.0018EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/03 4:2 p.m.7 views

CVE-2026-30650

A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an authenticated attacker to execute arbitrary code as root on the device...

8.8CVSS6.4AI score0.00692EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/03 4:2 p.m.6 views

CVE-2026-35716

A stack-based buffer overflow in the motionprivacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via an oversized n1 parameter in a POST request to the /cgi-bin/admin/setpm.cgi, /cgi-bin/admin/setmd.cgi, or...

6.3CVSS6.5AI score0.00365EPSS
Exploits0References1
Rows per page
Query Builder