CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/06/10 8:9 p.m.•55 views

CVE-2022-48575

The CVE-2022-48575 issue affects macOS Monterey due to a consistency/state-handling defect that may allow a person with physical access to bypass the Login Window. The Apple security content notes this as fixed in macOS Monterey 12.4. Affected component: Login Window handling; root cause: improve...

3.5CVSS5.4AI score0.00153EPSS

Exploits0References2Affected Software1

Packet Storm News•added 2026/06/10 12:0 a.m.•8 views

Systematic Cybersecurity Risk Analysis of European Rail Traffic Management System

European Rail Traffic Management System ERTMS is a widely adopted standard unifying train management in the EU. While the standard allows for use cases like fully autonomous driving, cybersecurity has been an afterthought. Risk analysis enables the systematic assessment and prioritization of...

5.4AI score

RedhatCVE•added 2026/06/05 7:35 p.m.•6 views

CVE-2026-5247

The Schedule Post Changes With PublishPress Future plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wrapper' attribute of the futureaction shortcode in all versions up to, and including, 4.10.0. This is due to insufficient input sanitization on the wrapper attribute. The...

5.5CVSS5.7AI score0.00274EPSS

RedhatCVE•added 2026/06/05 7:14 p.m.•9 views

CVE-2026-40852

A highly authenticated attacker can alter the config generator injecting a payload into future created configurations. The device is not correctly checking this configuration value before passing it to an system execute leading to code execution. This can result in a total loss of confidentiality...

7.2CVSS5.7AI score0.0037EPSS

OSV•added 2026/06/03 2:53 p.m.•5 views

ROOT-APP-PYPI-CVE-2022-40899 CVE-2022-40899 in rootio-future - Patched by Root

Root has patched CVE-2022-40899 in the rootio-future package for Root:PyPI. Multiple fixed versions available...

7.5CVSS6.7AI score0.01804EPSS

Exploits1

RustSec•added 2026/06/01 12:0 p.m.•8 views

Several memory corruption issues via safe APIs

Several soundness violations exist in the Rust bindings for MetaCall, indicatively: MetaCallException::Clone: Clone is dangerous because it creates a second Rust object that still points to the same foreign MetaCall value, but does not actually own or keep that value alive. value is shallow copie...

5.9AI score

Rosalinux•added 2026/06/01 11:49 a.m.•7 views

Advisory ROSA-SA-2026-3307

Software: python-future 0.18.2 Operating System: ROSA-CHROME Unaffected versions: = python-future-0.18.2-4 Affected versions: python-future-0.18.2-4 CVE-ID: CVE-2022-40899 BDU-ID: 2023-02446 CVE-Crit: HIGH CVE-DESCRIPTION: The compatibility vulnerability in Python Charmers Future is related to...

7.5CVSS5.8AI score0.01804EPSS

Exploits1

NVD•added 2026/05/27 11:16 p.m.•12 views

CVE-2026-46538

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by sessionid only and does not verify that a TASKEND message came from the device that originally received the task...

5.9CVSS0.00225EPSS

Packet Storm News•added 2026/05/22 12:0 a.m.•11 views

Cybersecurity of Electric Vehicle Charging Infrastructure: Recent Advances, Open Challenges, and Future Directions

Electric Vehicles EVs have emerged as significant disruptors in the transportation sector over the past decade. Their growing popularity and adoption are accompanied by capital expenditures to deploy charging infrastructure. EV charging infrastructure sits at the intersection of the power grid, t...

MariaDBUnix•added 2026/05/18 12:0 a.m.•8 views

CVE-2026-44171

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00135EPSS

HackRead•added 2026/05/16 10:13 a.m.•7 views

AI Voice Cloning: The Technology Behind It, Who’s Building It, and Where It’s Headed

Explore AI voice cloning technology, leading companies, real-world uses, ethical risks, and future trends shaping synthetic voices...

OSSF Malicious Packages•added 2026/05/14 7:25 p.m.•10 views

Malicious code in chai-as-regulated (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67f7f8d21f5d33db136b1e10fc7fbb6d2a1540240911b0630e7fc9f8724c7b26 Package is published as chai-as-regulated, a name mimicking the widely-used chai-as-promised Chai plugin, and the README instructs users to register ...

Packet Storm News•added 2026/05/14 12:0 a.m.•7 views

Hidden in Memory: Sleeper Memory Poisoning in LLM Agents

Large language models are increasingly augmented with persistent memory, allowing assistants to store user-specific information across sessions for personalization and continuity. This statefulness introduces a new security risk: adversarial content can corrupt what an assistant remembers and...