CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

57450 matches found

CVE-2026-10291

A security vulnerability has been detected in Enderfga claw-orchestrator up to 3.7.0. The impacted element is the function validateRegex of the file claw-orchestrator/src/embedded-server.ts of the component Session Grep Endpoint. The manipulation of the argument body.pattern leads to inefficient...

5.3CVSS5.4AI score0.0006EPSS

Exploits0References10Affected Software1

NVD•added 6 days ago•6 views

CVE-2026-40989

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

6.5CVSS0.00066EPSS

Exploits0References1

NVD•added 6 days ago•9 views

CVE-2026-40990

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6...

6.5CVSS0.00066EPSS

Exploits0References1

NVD•added 6 days ago•7 views

CVE-2026-37230

FlexRIC v2.0.0 crashes when the near-RT RIC receives a RICINDICATION message with a ranfuncid that does not exist in its registry. The lookup returns NULL, triggering assert in Debug builds SIGABRT or NULL pointer dereference in Release builds SIGSEGV. A remote unauthenticated attacker can crash...

7.5CVSS0.00179EPSS

Exploits1References2

EUVD•added 6 days ago•8 views

EUVD-2026-33746

A security vulnerability has been detected in Bottelet DaybydayCRM up to 2.2.1. This impacts the function view of the file app/Http/Controllers/DocumentsController.php. Such manipulation leads to improper authorization. The attack may be launched remotely. It is best practice to apply a patch to...

5.3CVSS5.5AI score0.00029EPSS

Exploits0References8

RedhatCVE•added 6 days ago•7 views

CVE-2026-10267

A flaw was found in Janet. A local attacker could exploit an out-of-bounds read vulnerability in the doframe function within src/core/debug.c by performing a specific manipulation. This could lead to the disclosure of sensitive information...

4.8CVSS5.7AI score0.00012EPSS

Exploits0References2

EUVD•added 6 days ago•9 views

EUVD-2026-33734

5.7CVSS5.8AI score0.00066EPSS

Exploits0References1

Vulnrichment•added 6 days ago•6 views

CVE-2026-40990 Unbounded cache for function definitions

5.7CVSS5.8AI score0.00066EPSS

Exploits0References1

ATTACKERKB•added 6 days ago•8 views

CVE-2026-40990

5.7CVSS5.8AI score0.00066EPSS

Exploits0References2Affected Software1

Cvelist•added 6 days ago•25 views

CVE-2026-40990 Unbounded cache for function definitions

5.7CVSS0.00066EPSS

Exploits0References1

CVE•added 6 days ago•16 views

CVE-2026-40990

CVE-2026-40990 is an OOM vulnerability in Spring Cloud Function when building an unbounded number of functions in the Function Registry. Affected are Spring Cloud Function 3.2.x (pre-3.2.16), 4.1.x (pre-4.1.10), 4.2.x (pre-4.2.6), 4.3.x (pre-4.3.3), and 5.0.x (pre-5.0.2); older unsupported versio...

6.5CVSS5.8AI score0.00066EPSS

Exploits0References1Affected Software1

Vulnrichment•added 6 days ago•5 views

CVE-2026-40989 Self Routing guard bypassed via function composition

5.7CVSS5.8AI score0.00066EPSS

Exploits0References1

Cvelist•added 6 days ago•24 views

CVE-2026-40989 Self Routing guard bypassed via function composition

5.7CVSS0.00066EPSS

Exploits0References1

CVE•added 6 days ago•10 views

CVE-2026-40989

CVE-2026-40989 affects Spring Cloud Function lineages (3.2.x, 4.1.x, 4.2.x, 4.3.x, 5.0.x) with older/unsupported versions also impacted. The issue is an infinite recursion in the routing layer that can cause an Out-Of-Memory (OOM) condition during request handling. The root cause is not fully dis...

6.5CVSS5.8AI score0.00066EPSS

Exploits0References1Affected Software1

EUVD•added 6 days ago•7 views

EUVD-2026-33733

5.7CVSS5.8AI score0.00066EPSS

Exploits0References1

ATTACKERKB•added 6 days ago•8 views

CVE-2026-40989

5.7CVSS5.8AI score0.00066EPSS

Exploits0References2Affected Software1

Cvelist•added 6 days ago•26 views

CVE-2026-10279 hiraishikentaro wezterm-mcp switch_pane/write_to_specific_pane wezterm_executor.ts os command injection

A vulnerability was identified in hiraishikentaro wezterm-mcp 0.1.0. The affected element is an unknown function of the file src/weztermexecutor.ts of the component switchpane/writetospecificpane. The manipulation of the argument request.params.arguments.paneid leads to os command injection. The...

6.5CVSS0.00924EPSS

Exploits0References6

RedhatCVE•added 6 days ago•6 views

CVE-2026-10200

A flaw was found in Assimp. A local attacker could trigger a heap-based buffer overflow in the glTFCommon::CopyValue function, part of the 4x4 Matrix Parser component. This vulnerability could lead to limited information disclosure, denial of service, or other impacts on system integrity and...

5.3CVSS5.9AI score0.00014EPSS

Exploits0References10

NVD•added 6 days ago•8 views

CVE-2026-10269

A security vulnerability has been detected in decolua 9router up to 0.4.0. This issue affects the function isAuthenticated of the file src/dashboardGuard.js of the component HTTP Header Handler. The manipulation of the argument Host leads to improper authorization. The attack is possible to be...

6.5CVSS0.00042EPSS

Exploits0References8

RedhatCVE•added 6 days ago•9 views

CVE-2026-10168

A security vulnerability has been detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected is the function marks of the file application/controllers/Parents.php. The manipulation of the argument param1 leads to improper control...

6.5CVSS5.5AI score0.00046EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by