CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

46 matches found

CVE-2026-38945

Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of rvia's Java search using the find command...

7.8CVSS6.2AI score0.00045EPSS

Exploits0References1

OSV•added 6 days ago•2 views

OESA-2026-2472 vim security update

Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor 'Vi', with a more complete feature set. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems. Securi...

7CVSS6.2AI score0.0023EPSS

Exploits1References5

OSV•added last week•1 views

SUSE-SU-2026:21859-1 Security update for vim

This update for vim fixes the following issues - CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes bsc1261833. - CVE-2026-42307: Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim...

7.8CVSS7.5AI score0.0023EPSS

Exploits1References14

OSV•added last week•4 views

OPENSUSE-SU-2026:20828-1 Security update for vim

7.8CVSS6.2AI score0.0023EPSS

Exploits1References13

NVD•added 2026/05/27 5:16 p.m.•7 views

CVE-2026-38945

7.8CVSS0.00045EPSS

Exploits0References4

ATTACKERKB•added 2026/05/27 12:0 a.m.•2 views

CVE-2026-38945

7.8CVSS6.2AI score0.00045EPSS

Exploits0References3

Cvelist•added 2026/05/27 12:0 a.m.•30 views

CVE-2026-38945

0.00045EPSS

Exploits0References3

CVE•added 2026/05/27 12:0 a.m.•9 views

CVE-2026-38945

Raynet rvia 12.6 Update 8 and earlier versions are affected by a command injection due to improper termination of search criteria in Java-based search using the find command. This allows an adversary with local access to execute arbitrary code via a crafted path. The CVSS base score is 7.8 (HIGH)...

7.8CVSS6.2AI score0.00045EPSS

Exploits0References4

CNNVD•added 2026/05/27 12:0 a.m.•4 views

RayVentory Scan Engine 安全漏洞

RayVentory Scan Engine is a network scanning engine developed by the German company RayVentory, designed for automatically discovering and collecting IT asset information. Version 12.6.4392.49 of the RayVentory Scan Engine contains a security vulnerability. This vulnerability stems from parameter...

7.8CVSS6.1AI score0.00074EPSS

Exploits2References4

OSV•added 2026/05/22 1:22 p.m.•1 views

OESA-2026-2449 vim security update

6.6CVSS6.2AI score0.0023EPSS

Exploits1References4

NVD•added 2026/05/08 11:16 p.m.•6 views

CVE-2026-44656

Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick-enclosed shell commands, those commands are executed during file name completion. Because the pat...

5.3CVSS0.00067EPSS

Exploits0References3

CNNVD•added 2026/05/08 12:0 a.m.•3 views

Vim 操作系统命令注入漏洞

Vim is an open-source, cross-platform text editor developed by Vim developers. Versions of Vim prior to 9.2.0435 contained a vulnerability related to operating system command injection. This vulnerability originated from the OS command injection during the completion of the find command, which...

5.3CVSS6.1AI score0.00067EPSS

Exploits0References2

RedhatCVE•added 2026/02/05 1:22 a.m.•2 views

CVE-2026-24887

Claude Code is an agentic coding tool. Prior to version 2.0.72, due to an error in command parsing, it was possible to bypass the Claude Code confirmation prompt to trigger execution of untrusted commands through the find command. Reliably exploiting this required the ability to add untrusted...

8.8CVSS5.6AI score0.00058EPSS

Exploits1References1

NVD•added 2026/02/03 9:16 p.m.•1 views

CVE-2026-24887

8.8CVSS0.00058EPSS

Exploits1References1

Cvelist•added 2026/02/03 8:50 p.m.•21 views

CVE-2026-24887 Claude Code has a Command Injection in find Command Bypasses User Approval Prompt

7.7CVSS0.00058EPSS

Exploits1References1

CVE•added 2026/02/03 8:50 p.m.•10 views

CVE-2026-24887

CVE-2026-24887 affects Claude Code. An error in command parsing prior to version 2.0.72 allowed bypassing the confirmation prompt, enabling execution of untrusted commands via the find command when untrusted content could be placed in the Claude Code context window. This could lead to command inj...

8.8CVSS5.7AI score0.00058EPSS

Exploits1References1Affected Software1

OSV•added 2026/02/03 8:50 p.m.•0 views

CVE-2026-24887 Claude Code has a Command Injection in find Command Bypasses User Approval Prompt

7.7CVSS5.9AI score0.00058EPSS

Exploits1References3