CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 3 days ago•7 views

SUSE CVE-2023-43633

On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system's configuration, which also includes some debug functions...

8.8CVSS7.2AI score0.00023EPSS

Exploits0References3

RedhatCVE•added 4 days ago•6 views

CVE-2026-10800

A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...

3.6CVSS4.8AI score0.00009EPSS

RedhatCVE•added 4 days ago•7 views

CVE-2026-3646

The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to Missing Authorization via the plugin's webhook handler in all versions up to, and including, 3.3.13. This is due to missing authentication, authorization, and nonce verification on a standalone PHP file that...

5.3CVSS5.5AI score0.00266EPSS

RedhatCVE•added 4 days ago•6 views

CVE-2026-8938

The auto making JSON-LD plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.5.3. This is due to missing or incorrect nonce validation on the amJLcertification function. This makes it possible for unauthenticated attackers to update the plugin's...

4.3CVSS5.4AI score0.00013EPSS

Packet Storm News•added 4 days ago•2 views

Rethinking IoT Intrusion Detection: Augmenting Routing Metrics with Radio Features

Machine learning-based intrusion detection systems IDS for RPL-based IoT networks often rely solely on routing layer features, which provide only a partial view of network behaviour. In this work, we investigate whether incorporating Transmit TX and Receive RX radio features alongside the standar...

5.4AI score

NVD•added 5 days ago•7 views

CVE-2026-5228

Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WriteUp Mobile App: from 1.3.0 through 04062026...

8.8CVSS0.00039EPSS

RedHat Linux•added 5 days ago•4 views

kernel: Bluetooth: hci_sync: Fix UAF in le_read_features_complete

A flaw was found in the Bluetooth Host Controller Interface HCI synchronization module hcisync of the Linux kernel. A use-after-free UAF vulnerability exists in the lereadfeaturescomplete function, where a freed hciconn object is accessed. This can allow an attacker to cause a system crash, leadi...

8.8CVSS5.8AI score0.00021EPSS

Exploits0References5

EUVD•added 5 days ago•8 views

EUVD-2026-34239

3.6CVSS5.2AI score0.00009EPSS

Cvelist•added 5 days ago•34 views

CVE-2026-10800 PaddlePaddle FastDeploy MultimodalHasher hasher.py hash_features weak hash

3.6CVSS0.00009EPSS

CVE•added 5 days ago•12 views

CVE-2026-10800

The CVE-2026-10800 entry concerns PaddlePaddle FastDeploy up to 2.4.1, specifically the MultimodalHasher component’s hasher.py hash_features function. The weakness can allow manipulation that leads to the use of a weak hash, with exploitation requiring local access and carries a high attack compl...

3.6CVSS5.2AI score0.00009EPSS

Packet Storm News•added 5 days ago•2 views

MalTree: Tracing Malware Evolution from Embeddings at Scale

Malware detection remains largely reactive: machine learning models trained on known samples degrade as threats evolve. Understanding evolutionary relationships among malware families can inform proactive defense, but traditional reverse engineering can take months to years to uncover such lineag...

5.5AI score

Positive Technologies•added 5 days ago•9 views

PT-2026-46167

A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hash features of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A hig...

3.6CVSS5.2AI score0.00009EPSS

Exploits0References9

Packet Storm News•added 5 days ago•6 views

An Improved CNN-LSTM Based Intrusion Detection System for IoT Networks

With the rapid proliferation of IoT devices, security concerns have dramatically escalated and intrusion detection systems have become critical for protecting networked environments. This paper presents an improved CNN-LSTM based intrusion detection model that combines multi-class classification,...

5.5AI score

NVD•added 6 days ago•7 views

CVE-2026-46273

In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes. Attempting to send such packets causes the adapter to freeze, stoppi...

8.6CVSS0.00061EPSS

CVE•added 6 days ago•8 views

CVE-2026-46273

The CVE-2026-46273 entry describes a Linux kernel vulnerability in the ibmveth driver affecting Power systems: GSO offload fails when MSS < 224 bytes, potentially freezing the network adapter and causing DoS until a manual reset. The fix adds an ndo_features_check to disable GSO for MSS 1; si...

8.6CVSS5.6AI score0.00061EPSS

Cvelist•added 6 days ago•30 views

CVE-2026-46273 ibmveth: Disable GSO for packets with small MSS

8.6CVSS0.00061EPSS

EUVD•added 6 days ago•6 views

EUVD-2026-34138

5.6AI score0.00061EPSS