CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 5 days ago•15 views

CVE-2026-48773

Summary of CVE-2026-48773 : ProxySQL (versions 2.0.18–3.0.8) contains a pre-authentication heap memory corruption in the MySQL/PostgreSQL protocol first-read paths. A remote, unauthenticated client can declare an oversized first packet length, and ProxySQL passes that attacker-controlled length t...

9.8CVSS6AI score0.00358EPSS

Cvelist•added 5 days ago•18 views

CVE-2026-48773 ProxySQL pre-auth heap overflow in MySQL and PostgreSQL first-packet handling

9.8CVSS0.00358EPSS

Cvelist•added 5 days ago•29 views

CVE-2026-56208 Libaom: libaom: heap buffer overflow in av1 encoder first-pass stats buffer via lap mode

A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing LAP mode causes the first-pass stats ring buffer wrap-around guard to be bypassed when glaginframes is set to 1 or higher. This results in a 232-byte...

7.6CVSS0.00269EPSS

CVE•added 5 days ago•12 views

CVE-2026-56208

CVE-2026-56208 affects libaom, the reference AV1 codec. A flaw in the encoder’s Look-Ahead Processing (LAP) mode bypasses the first-pass stats ring-buffer guard when g_lag_in_frames is 1 or more, causing a 232-byte out-of-bounds write on every frame after the second. This can corrupt heap objects...

7.6CVSS6.2AI score0.00269EPSS

Vulnrichment•added 5 days ago•5 views

CVE-2026-56208 Libaom: libaom: heap buffer overflow in av1 encoder first-pass stats buffer via lap mode

7.6CVSS6.2AI score0.00269EPSS

EUVD•added 5 days ago•4 views

EUVD-2026-38045

7.6CVSS6.2AI score0.00269EPSS

AstraLinux•added 5 days ago•2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The listfirstentryornull function was used in opinfogetlist. The listfirstentry macro never returns NULL. If the list is empty, it returns an invalid pointer. Use listfirstentryornull to check whether the list is empty...

5.5CVSS5.6AI score0.00136EPSS

Positive Technologies•added 5 days ago•12 views

PT-2026-51009

Name of the Vulnerable Software and Affected Versions gonic versions prior to 0.21.0 Description An authenticated Subsonic user can bypass ownership checks to read or delete playlists belonging to other users and probe arbitrary file paths on the host for existence or readability. This occurs...

7.1CVSS6.1AI score0.00262EPSS

Exploits0References6

CVE•added last week•23 views

CVE-2026-55196

Hermes WebUI prior to version 0.51.409 contains an authentication bypass in passkey registration. When HERMES_WEBUI_PASSKEY=1 is enabled with no existing credentials, POST /api/auth/passkey/register/options and POST /api/auth/passkey/register are accessible without authentication, allowing an att...

9.1CVSS5.6AI score0.00579EPSS

RedhatCVE•added 2026/06/15 8:36 a.m.•9 views

CVE-2026-50020

A flaw was found in Netty. The HttpObjectDecoder component, which processes incoming HTTP requests, incorrectly skips certain control characters and whitespace before reading the first request line. This behavior, which goes beyond standard HTTP protocol requirements, can lead to request-boundary...

5.3CVSS4.9AI score0.00232EPSS

Exploits0References6

Vulnrichment•added 2026/06/12 9:5 a.m.•9 views

CVE-2026-50634 Apache CXF: WS JSON request filter trusts metadata from an unvalidated first signature entry

A vulnerability in Apache CXF's JwsJsonContainerRequestFilter can be exploited to cause CXF to process metadata that was not authenticated by the accepted signature. This can bypass the application's assumption that accepted Content-Type or protected HTTP-header metadata came from a verified...

5.2AI score0.00278EPSS

Exploits0References1

Positive Technologies•added 2026/06/12 12:0 a.m.•11 views

PT-2026-48904

Name of the Vulnerable Software and Affected Versions Netty versions prior to 4.1.135.Final Netty versions prior to 4.2.15.Final Description Before reading the first request-line, the HttpObjectDecoder function silently skips all whitespace and every byte for which Character.isISOControlb is true...

5.3CVSS5.3AI score0.00232EPSS

Exploits0References6

Github Security Blog•added 2026/06/11 8:33 p.m.•7 views

Russh SSH message fields were decoded through allocation-first parsers before field-specific bounds

SSH message fields were decoded through allocation-first parsers before field-specific bounds Summary Several russh client and server message handlers decoded attacker-controlled SSH strings, name-lists, and byte fields into owned allocations before applying field-specific bounds. A remote SSH pe...

7.5CVSS6AI score0.00268EPSS

Exploits0References4Affected Software1

NVD•added 2026/06/11 8:16 p.m.•15 views

CVE-2026-49973

Hermes WebUI before version 0.51.358 contains an improper access control vulnerability that allows unauthenticated remote attackers to hijack initial setup by submitting the setpassword parameter to the settings API endpoint without any network origin restriction. Attackers on any reachable netwo...

9.4CVSS0.00543EPSS

Vulnrichment•added 2026/06/11 7:4 p.m.•7 views

CVE-2026-49973 Hermes WebUI < 0.51.358 Unauthenticated Password Takeover via /api/settings

9.4CVSS5.5AI score0.00543EPSS

Cvelist•added 2026/06/11 7:4 p.m.•24 views

CVE-2026-49973 Hermes WebUI < 0.51.358 Unauthenticated Password Takeover via /api/settings

9.4CVSS0.00543EPSS

CVE•added 2026/06/11 7:4 p.m.•15 views

CVE-2026-49973

CVE-2026-49973 affects Hermes WebUI prior to version 0.51.358. The issue is an improper access control in the settings API that allows unauthenticated remote attackers to hijack the initial setup by posting to the /api/settings endpoint using the _set_password parameter without origin restriction...

9.4CVSS5.7AI score0.00543EPSS