CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9926 matches found

CVE-2026-48827

Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the configured git server root directory. Applications are affected if th...

7.1CVSS0.00095EPSS

Exploits0References2

Vulnrichment•added 6 days ago•6 views

CVE-2026-48827 Apache MINA SSHD: Path traversal in org.apache.sshd:sshd-git

7.1CVSS5.8AI score0.00095EPSS

Exploits0References1

CVE•added 6 days ago•12 views

CVE-2026-48827

This CVE (CVE-2026-48827) affects Apache MINA SSHD when used as the sshd-git bundle. The vulnerability is a path traversal caused by missing path validation in git-upload-pack, git-receive-pack, and other git operations, allowing SSH-authenticated users to access repositories outside the configur...

7.1CVSS5.8AI score0.00095EPSS

Exploits0References2Affected Software1

Cvelist•added 6 days ago•28 views

CVE-2026-48827 Apache MINA SSHD: Path traversal in org.apache.sshd:sshd-git

7.1CVSS0.00095EPSS

Exploits0References1

Debian CVE•added 6 days ago•10 views

CVE-2026-48827

7.1CVSS5.8AI score0.00095EPSS

Exploits0

ATTACKERKB•added 6 days ago•4 views

CVE-2026-48827

7.1CVSS5.8AI score0.00095EPSS

Exploits0References2Affected Software1

EUVD•added 6 days ago•9 views

EUVD-2026-33606

7.1CVSS5.8AI score0.00095EPSS

Exploits0References1

Tenable Nessus•added 6 days ago•11 views

SUSE SLES15 Security Update : docker-stable (SUSE-SU-2026:2120-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2120-1 advisory. This update for docker-stable fixes the following issues - CVE-2026-33747: github.com/moby/buildkit: malicious frontends can craft...

9.8CVSS5.8AI score0.00063EPSS

Exploits0References7

Positive Technologies•added 6 days ago•9 views

PT-2026-45449

A vulnerability was found in php-censor up to 2.1.6. This affects an unknown function of the file src/Model/Build/GitBuild.php of the component Webhook Endpoint. Performing a manipulation of the argument commitId results in os command injection. The attack can be initiated remotely. The exploit h...

7.5CVSS6.6AI score0.01282EPSS

Exploits0References9

Tenable Nessus•added 6 days ago•7 views

Debian dla-4610 : git-lfs - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4610 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4610-1 [email protected] https://www.debian.org/lts/security/...

8.6CVSS7.1AI score0.00057EPSS

Exploits0References4

Positive Technologies•added 6 days ago•6 views

PT-2026-45380

Name of the Vulnerable Software and Affected Versions Apache MINA SSHD versions prior to 2.18.0 Apache MINA SSHD versions 3.0.0-M1 through 3.0.0-M3 Description A path traversal issue exists in the org.apache.sshd:sshd-git bundle. Due to a lack of path validation in git-upload-pack,...

7.1CVSS5.8AI score0.00095EPSS

Exploits0References4

Debian•added last week•5 views

[SECURITY] [DLA 4610-1] git-lfs security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4610-1 [email protected] https://www.debian.org/lts/security/ Andrej Shadura May 31, 2026 https://wiki.debian.org/LTS -...

8.6CVSS7AI score0.00057EPSS

Exploits0

NVD•added last week•11 views

CVE-2026-10174

A vulnerability was identified in Aider-AI Aider 0.86.3. Affected is an unknown function of the file aider/args.py of the component Pre-commit Hook Handler. Such manipulation of the argument git-commit-verify leads to protection mechanism failure. The attack may be launched remotely. The exploit ...

6.5CVSS0.00068EPSS

Exploits0References6

ATTACKERKB•added 2026/05/31 8:0 a.m.•11 views

CVE-2026-10174

6.5CVSS5.6AI score0.00068EPSS

Exploits0References6Affected Software1

EUVD•added 2026/05/31 8:0 a.m.•9 views

EUVD-2026-33494

6.5CVSS6.3AI score0.00068EPSS

Exploits0References6

Vulnrichment•added 2026/05/31 8:0 a.m.•7 views

CVE-2026-10174 Aider-AI Aider Pre-commit Hook args.py protection mechanism

6.5CVSS6.3AI score0.00068EPSS

Exploits0References6

CVE•added 2026/05/31 8:0 a.m.•14 views

CVE-2026-10174

Summary of CVE-2026-10174 (Aider-AI Aider 0.86.3): Affected is an unknown function in the file aider/args.py of the Pre-commit Hook Handler. Manipulation of the argument git-commit-verify leads to protection mechanism failure. The vulnerability may be exploitable remotely, with exploitation infor...

6.5CVSS6.3AI score0.00068EPSS

Exploits0References6

Positive Technologies•added 2026/05/31 12:0 a.m.•8 views

PT-2026-45183

6.5CVSS6.3AI score0.00068EPSS

Exploits0References7

CNNVD•added 2026/05/31 12:0 a.m.•7 views

Aider 安全漏洞

Aider is an open-source terminal AI pair programming tool developed by Aider AI. Version 0.86.3 of Aider contains a security vulnerability. This vulnerability stems from the git-commit-verify operation in the Pre-commit Hook Handler component, which causes the protection mechanism to fail. An...

6.5CVSS6.7AI score0.00068EPSS

Exploits0References6

Snyk•added 2026/05/29 7:43 p.m.•7 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the parsing of maliciously crafted Git repository data, such as .pack, .idx, or loose objects. An attacker can cause the application to panic by providing a payload that excee...

6.9CVSS5.8AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by