CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2026/06/06 4:49 a.m.•9 views

SUSE CVE-2023-43633

On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system's configuration, which also includes some debug functions...

8.8CVSS7.2AI score0.0016EPSS

Exploits0References3

RedhatCVE•added 2026/06/05 7:48 p.m.•7 views

CVE-2026-10800

A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hashfeatures of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A high...

3.6CVSS4.8AI score0.00092EPSS

RedhatCVE•added 2026/06/05 7:37 p.m.•9 views

CVE-2026-3646

The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to Missing Authorization via the plugin's webhook handler in all versions up to, and including, 3.3.13. This is due to missing authentication, authorization, and nonce verification on a standalone PHP file that...

5.3CVSS5.5AI score0.00385EPSS

RedhatCVE•added 2026/06/05 7:24 p.m.•7 views

CVE-2026-8938

The auto making JSON-LD plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.5.3. This is due to missing or incorrect nonce validation on the amJLcertification function. This makes it possible for unauthenticated attackers to update the plugin's...

4.3CVSS5.4AI score0.0014EPSS

Packet Storm News•added 2026/06/05 12:0 a.m.•10 views

Rethinking IoT Intrusion Detection: Augmenting Routing Metrics with Radio Features

Machine learning-based intrusion detection systems IDS for RPL-based IoT networks often rely solely on routing layer features, which provide only a partial view of network behaviour. In this work, we investigate whether incorporating Transmit TX and Receive RX radio features alongside the standar...

5.4AI score

NVD•added 2026/06/04 4:16 p.m.•8 views

CVE-2026-5228

Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WriteUp Mobile App: from 1.3.0 through 04062026...

8.8CVSS0.00245EPSS

RedHat Linux•added 2026/06/04 3:55 p.m.•4 views

kernel: Bluetooth: hci_sync: Fix UAF in le_read_features_complete

A flaw was found in the Bluetooth Host Controller Interface HCI synchronization module hcisync of the Linux kernel. A use-after-free UAF vulnerability exists in the lereadfeaturescomplete function, where a freed hciconn object is accessed. This can allow an attacker to cause a system crash, leadi...

8.8CVSS5.8AI score0.00219EPSS

Exploits0References5

Cvelist•added 2026/06/04 9:45 a.m.•35 views

CVE-2026-10800 PaddlePaddle FastDeploy MultimodalHasher hasher.py hash_features weak hash

3.6CVSS0.00092EPSS

EUVD•added 2026/06/04 9:45 a.m.•9 views

EUVD-2026-34239

3.6CVSS5.2AI score0.00092EPSS

CVE•added 2026/06/04 9:45 a.m.•14 views

CVE-2026-10800

The CVE-2026-10800 entry concerns PaddlePaddle FastDeploy up to 2.4.1, specifically the MultimodalHasher component’s hasher.py hash_features function. The weakness can allow manipulation that leads to the use of a weak hash, with exploitation requiring local access and carries a high attack compl...

3.6CVSS5.2AI score0.00092EPSS

CNNVD•added 2026/06/04 12:0 a.m.•1 views

FastDeploy 安全漏洞

FastDeploy is an open-source tool developed by PaddlePaddle for deploying large language model and visual model inferences. Versions of FastDeploy 2.4.1 and earlier contain security vulnerabilities. These vulnerabilities stem from the weak hashing used in the hashfeatures function of the...

3.6CVSS5AI score0.00092EPSS

Positive Technologies•added 2026/06/04 12:0 a.m.•10 views

PT-2026-46167

A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hash features of the file fastdeploy/multimodal/hasher.py of the component MultimodalHasher. Executing a manipulation can lead to use of weak hash. The attack requires local access. A hig...

3.6CVSS5.2AI score0.00092EPSS

Exploits0References9

Packet Storm News•added 2026/06/04 12:0 a.m.•9 views

An Improved CNN-LSTM Based Intrusion Detection System for IoT Networks

With the rapid proliferation of IoT devices, security concerns have dramatically escalated and intrusion detection systems have become critical for protecting networked environments. This paper presents an improved CNN-LSTM based intrusion detection model that combines multi-class classification,...

5.5AI score

Packet Storm News•added 2026/06/04 12:0 a.m.•2 views

MalTree: Tracing Malware Evolution from Embeddings at Scale

Malware detection remains largely reactive: machine learning models trained on known samples degrade as threats evolve. Understanding evolutionary relationships among malware families can inform proactive defense, but traditional reverse engineering can take months to years to uncover such lineag...

5.5AI score

NVD•added 2026/06/03 6:16 p.m.•8 views

CVE-2026-46273

In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes. Attempting to send such packets causes the adapter to freeze, stoppi...

8.6CVSS0.00389EPSS

Cvelist•added 2026/06/03 4:19 p.m.•33 views

CVE-2026-46273 ibmveth: Disable GSO for packets with small MSS

8.6CVSS0.00389EPSS