CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/29 7:16 a.m.•13 views

CVE-2026-6324

A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the soupbodyinputstreamreadchunked function by sending a malicious HTTP request. This vulnerability occurs when libsoup operates behind a non-libsoup proxy server or as a proxy in front of a...

4.8CVSS0.00872EPSS

Exploits0References4

Debian CVE•added 2026/05/29 5:24 a.m.•12 views

CVE-2026-6324

4.8CVSS5.8AI score0.00872EPSS

GithubExploit•added 2026/05/29 5:4 a.m.•56 views

My-CVE

No d...

GithubExploit•added 2026/05/29 4:54 a.m.•70 views

bungee-gum

bungee-gum A colle...

GithubExploit•added 2026/05/29 1:52 a.m.•88 views

Exploit for Code Injection in Xwiki

CVE-2025-24893 Exploit de Execução Remota de Código RCE no X...

9.8CVSS7.3AI score0.99898EPSS

Exploits50

GithubExploit•added 2026/05/29 1:50 a.m.•84 views

Exploit for Binding to an Unrestricted IP Address in Openprinting Cups-Browsed

No d...

5.3CVSS7AI score0.62269EPSS

Exploits14

EUVD•added 2026/05/29 12:38 a.m.•15 views

EUVD-2026-33100

Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. Chromium security severity: High...

5.8AI score0.00224EPSS

EUVD•added 2026/05/29 12:38 a.m.•11 views

EUVD-2026-33095

Out of bounds read in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00247EPSS

EUVD•added 2026/05/29 12:38 a.m.•9 views

EUVD-2026-33221

Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

6AI score0.00246EPSS

EUVD•added 2026/05/29 12:38 a.m.•12 views

EUVD-2026-33218

Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00253EPSS

EUVD•added 2026/05/29 12:38 a.m.•9 views

EUVD-2026-33168

Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Critical...

6.2AI score0.00301EPSS

Positive Technologies•added 2026/05/29 12:0 a.m.•8 views

PT-2026-44883

A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Performing a manipulation of the argument special name results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit...

6.5CVSS6.2AI score0.00399EPSS

Exploits1References5

Positive Technologies•added 2026/05/29 12:0 a.m.•9 views

PT-2026-44886

A vulnerability was detected in Shibby Tomato 1.28. Impacted is the function sub 90F0 of the file multimon.cgi. The manipulation results in stack-based buffer overflow. The attack can be launched remotely. This project is superseded by FreshTomato. This vulnerability only affects products that ar...

9CVSS6.3AI score0.00438EPSS

Exploits0References5

Positive Technologies•added 2026/05/29 12:0 a.m.•11 views

PT-2026-44835

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. Affected is the function formWPS of the file /goform/formWPS. The manipulation of the argument peerPin results in command injection. The attack can be executed remotely. The exploit has been made public and could be used. The vendor...

6.5CVSS6.3AI score0.0501EPSS

Exploits1References5

VulnCheck KEV•added 2026/05/29 12:0 a.m.•101 views

VulnCheck KEV: CVE-2026-45247

Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Attackers can exploit the unrestricted...

9.8CVSS6.7AI score0.27546EPSS

In wildExploits1References3

Positive Technologies•added 2026/05/29 12:0 a.m.•11 views

PT-2026-44885

A security vulnerability has been detected in Shibby Tomato up to 1.28. This issue affects the function sub 9068 of the file tomatoups.cgi of the component UPS Service. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. This project is superseded by...

9CVSS6.1AI score0.00438EPSS

Exploits0References5

Exploit DB•added 2026/05/29 12:0 a.m.•52 views

Microsoft - NTLMv2 Hash Capture

Titles: Microsoft - NTLMv2 Hash Capture Author: nu11secur1ty Date: 2026-05-27 Vendor: Microsoft Software: Windows Shell File Explorer Reference: https://nvd.nist.gov/vuln/detail/CVE-2026-32202 Description: A spoofing vulnerability in Windows Shell File Explorer allows an attacker to capture NTLMv...

4.3CVSS6AI score0.64095EPSS

Exploits3

Packet Storm•added 2026/05/29 12:0 a.m.•54 views

📄 D-Link DSL2600U Password Disclosure

D-Link DSL2600U suffers from an administrative password disclosure vulnerability. Exploit Title: D-Link DSL2600U - 'rom-0' Admin Password Disclosure Date: 2026-05-02 Exploit Author: Amir Hossein Jamshidi Vendor Homepage: https://www.dlink.com Version: DSL-2600U Tested on: ubuntu CVE : N/A Firmwar...