CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

46 matches found

CVE-2026-53931

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-import endpoint axiosRequestMake could be used as a generic HTTP proxy. Before the fix it was reachable unauthenticated, and its URL-extension allowlist was a regex tested against the full URL string, s...

6.9CVSS0.00295EPSS

Exploits0References1

Tenable Nessus•added 2026/06/09 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass...

6.5CVSS5.3AI score0.00225EPSS

Exploits0References2

Tenable Nessus•added 2026/06/03 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-46154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schedext: Read scxroot under scxcgroupopsrwsem in cgroup setters scxgroupsetweight,idle,bandwidth cache scxroot before acquiring scxcgroupopsrwsem, so the point...

7CVSS5.9AI score0.0012EPSS

Exploits0References2

SUSE Linux•added 2026/04/14 5:15 p.m.•9 views

Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: CVE-2026-33999: XKB integer underflow in XkbSetCompatMap bsc1260922. CVE-2026-34000: XKB out-of-bounds read in CheckSetGeom bsc1260923. CVE-2026-34001: XSYNC use-after-free in miSyncTriggerFence bsc1260924. CVE-2026-34002: XKB...

7.3CVSS6.1AI score0.00489EPSS

Exploits0References20

Tenable Nessus•added 2026/03/20 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-32766

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.6 and earlier, malformed PAX extensions were silently skipped when...

6.3CVSS5.8AI score0.00249EPSS

Exploits0References4

Vulnrichment•added 2026/02/03 12:57 a.m.•3 views

CVE-2025-61653 Extension:TextExtracts does not check for authorizeRead when returning extracts

Vulnerability in Wikimedia Foundation TextExtracts. This vulnerability is associated with program files includes/ApiQueryExtracts.Php. This issue affects TextExtracts: from before 1.39.14, 1.43.4, 1.44.1...

6.9CVSS5.3AI score0.00332EPSS

Exploits0References1

CVE•added 2025/10/15 2:11 p.m.•11 views

CVE-2025-55083

CVE-2025-55083 affects NetX Duo (Eclipse Foundation ThreadX component) in versions before 6.4.4. A bound-check error leads to an out-of-bounds read (two units). Affected scope and impact are stated across multiple sources (NVD, Red Hat, OSV, CVE lists). Root cause: incorrect bound check in the re...

6.9CVSS6.5AI score0.00229EPSS

Exploits0References1Affected Software1