CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2541 matches found

CVE-2026-45536

CVE-2026-45536 affects Netty, specifically Unix-domain socket fd reception in netty_unix_socket_recvFd. Prior to versions 4.1.135.Final and 4.2.15.Final, a peer-sent SCM_RIGHTS message containing two fds can cause both descriptors to leak due to a mismatch between cmsg_len checks and the actual f...

4CVSS5.2AI score

Exploits0References3

RedhatCVE•added 16 hours ago•8 views

CVE-2026-46693

A flaw was found in ImageMagick. An attacker able to connect to a magick -distribute-cache service could exploit a race condition to hijack a file descriptor in the server process. This could lead to unauthorized access to sensitive information...

4.4CVSS5.4AI score0.0001EPSS

Exploits0References4

RedhatCVE•added 17 hours ago•6 views

CVE-2026-45287

A flaw was found in OpenTelemetry-Go. Repeated successful calls to the ParseFile function, specifically within go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1, can lead to a file descriptor leak. If a consuming application exposes repeated schema parsing to an...

4CVSS5.5AI score0.00017EPSS

Exploits0References6

NVD•added 2 days ago•4 views

CVE-2026-46693

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-23, an attacker who can connect to a magick -distribute-cache service can hijack a file descriptor in the server process when a race condition is met. This issue ha...

4.1CVSS0.0001EPSS

Exploits0References1

Vulnrichment•added 2 days ago•3 views

CVE-2026-46693 ImageMagick: Race Condition in distributed pixel cache server can result in file descriptor hijacking

4.1CVSS5.3AI score0.0001EPSS

Exploits0References1

Cvelist•added 2 days ago•25 views

CVE-2026-46693 ImageMagick: Race Condition in distributed pixel cache server can result in file descriptor hijacking

4.1CVSS0.0001EPSS

Exploits0References1

EUVD•added 2 days ago•5 views

EUVD-2026-36176

4.1CVSS5.3AI score0.0001EPSS

Exploits0References1

Cvelist•added 4 days ago•34 views

CVE-2026-49232 Routinator exits when accepting an incoming HTTP or RTR connection fails

Routinator exits on any error when accepting incoming HTTP or RTR connections, including ones it can recover from such as running out of file descriptors. This condition can be triggered maliciously by an attacker by opening a large number of connections to the HTTP or RTR server. This only affec...

8.7CVSS0.00042EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:47 p.m.•6 views

CVE-2026-45251

A file descriptor can be closed while a thread is blocked in a poll2 or select2 call waiting for that descriptor. Because the blocked thread does not hold a reference to the underlying object, this closure may result in the object being freed while the thread remains blocked. In this situation, t...

7.8CVSS5.4AI score0.00009EPSS

Exploits0References1

Tenable Nessus•added 2026/06/05 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-45287

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1...

2.1CVSS5.5AI score0.00017EPSS

Exploits0References3

OSV•added 2026/06/04 4:16 p.m.•3 views

DEBIAN-CVE-2026-45287

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1 leaks one file descriptor on each successful ParseFile call. ParseFile opens the schema file and passes it to Parse without closing it...

2.1CVSS5.5AI score0.00017EPSS

Exploits0References1

NVD•added 2026/06/04 4:16 p.m.•8 views

CVE-2026-45287

2.1CVSS0.00017EPSS

Exploits0References3

Vulnrichment•added 2026/06/04 2:45 p.m.•3 views

CVE-2026-45287 OpenTelemetry-Go's Schema ParseFile leaks file descriptors on each parse

2.1CVSS5.4AI score0.00017EPSS

Exploits0References3

CVE•added 2026/06/04 2:45 p.m.•19 views

CVE-2026-45287

CVE-2026-45287 affects the Go OpenTelemetry implementation. Prior to version 0.0.17, parsing a schema via go.opentelemetry.io/otel/schema/v1.0 or .../v1.1 leaks one file descriptor per successful ParseFile call because ParseFile opens the file and passes it to Parse without closing it, risking de...

2.1CVSS5.8AI score0.00017EPSS

Exploits0References3

Cvelist•added 2026/06/04 2:45 p.m.•31 views

CVE-2026-45287 OpenTelemetry-Go's Schema ParseFile leaks file descriptors on each parse

2.1CVSS0.00017EPSS

Exploits0References3

ATTACKERKB•added 2026/06/04 2:45 p.m.•5 views

CVE-2026-45287

2.1CVSS5.8AI score0.00017EPSS

Exploits0References4Affected Software2

EUVD•added 2026/06/04 2:45 p.m.•7 views

EUVD-2026-34291

2.1CVSS5.8AI score0.00017EPSS

Exploits0References3

Debian CVE•added 2026/06/04 2:45 p.m.•4 views

CVE-2026-45287

2.1CVSS5.4AI score0.00017EPSS

Exploits0

Tenable Nessus•added 2026/06/03 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-45966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL pointer dereference in unixneedsrevalidation When receiving file...

5.7AI score0.00022EPSS

Exploits0References2

SUSE CVE•added 2026/05/29 1:16 a.m.•10 views

SUSE CVE-2026-46118

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix null ptr deref in paprhvpipedevcreatehandle commit 6d3789d347a7 "papr-hvpipe: convert paprhvpipedevcreatehandle to FDPREPARE", changed the create handle to FDPREPARE, but it caused kernel null-ptr-deref...

5.7AI score0.00022EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by