CVE-2026-47392

creationtimestamp| type| source ---|---|--- 2026-05-19 06:34:53+00:00| published-proof-of-concept| https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-4mr5-g6f9-cfrh...

CVE-2026-46681

creationtimestamp| type| source ---|---|--- 2026-05-19 06:24:42+00:00| published-proof-of-concept| https://github.com/nevware21/ts-utils/security/advisories/GHSA-x7j8-49r8-mr43...

cve-arsenal

CVE Arsenal Automated CVE exploit scanners and Nuclei templat...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the connected-components when an invalid value is supplied to the keep-top parameter. An attacker can access sensitive memory contents or cause a partial denial of service by providing a specially...

CVE-2026-46384

creationtimestamp| type| source ---|---|--- 2026-05-18 16:22:27+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-mc57-h6j3-3hmv 2026-05-29 21:46:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmzj6bv5rr27...

CVE-2026-46690

creationtimestamp| type| source ---|---|--- 2026-05-18 15:05:17+00:00| published-proof-of-concept| https://github.com/spearman/unbounded-spsc/security/advisories/GHSA-6m57-8r3p-pqx6...

CLEANSTART-2026-JC64695 Security fixes for CVE-2025-61732, CVE-2025-68121, CVE-2026-26958, CVE-2026-35469, ghsa-f6x5-jh6r-wrfv, ghsa-fw7p-63qq-7hpr, ghsa-gx3x-vq4p-mhhv, ghsa-j5w8-q4qc-rx2x, ghsa-mh2q-q3fh-2475, ghsa-pc3f-x583-g7j2 applied in versions: 1.16.1-r0, 1.16.1-r1, 1.18.0-r0, 1.19.0-r1

Multiple security vulnerabilities affect the percona-xtradb-cluster-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

CVE-2026-47139

creationtimestamp| type| source ---|---|--- 2026-05-18 12:48:57+00:00| published-proof-of-concept| https://github.com/patriksimek/vm2/security/advisories/GHSA-r9pm-gxmw-wv6p...

CVE-2026-47140

creationtimestamp| type| source ---|---|--- 2026-05-18 12:48:43+00:00| published-proof-of-concept| https://github.com/patriksimek/vm2/security/advisories/GHSA-rp36-8xq3-r6c4...

CVE-2026-46716

creationtimestamp| type| source ---|---|--- 2026-05-17 02:58:20+00:00| published-proof-of-concept| https://github.com/nezhahq/nezha/security/advisories/GHSA-99gv-2m7h-3hh9 2026-05-30 03:00:04+00:00| seen| https://t.me/GithubRedTeam/86474 2026-05-30 07:00:13+00:00| seen|...

CVE-2026-46701

creationtimestamp| type| source ---|---|--- 2026-05-16 15:11:55+00:00| published-proof-of-concept| https://github.com/Jovancoding/Network-AI/security/advisories/GHSA-j3vx-cx2r-pvg8...

CVE-2026-46695

creationtimestamp| type| source ---|---|--- 2026-05-16 09:54:51+00:00| published-proof-of-concept| https://github.com/boxlite-ai/boxlite/security/advisories/GHSA-g6ww-w5j2-r7x3...

CVE-2026-46625

creationtimestamp| type| source ---|---|--- 2026-05-16 05:48:24+00:00| published-proof-of-concept| https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j...

CVE-2026-46679

creationtimestamp| type| source ---|---|--- 2026-05-16 03:00:35+00:00| published-proof-of-concept| https://github.com/libp2p/js-libp2p/security/advisories/GHSA-4f8r-922h-2vgv...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via improper path resolution during extraction of OCI image layer tarballs. An attacker can write arbitrary files to locations outside the intended extraction root by crafting a layer with a symlink pointing to an absolut...

CVE-2026-46673

creationtimestamp| type| source ---|---|--- 2026-05-15 21:19:23+00:00| published-proof-of-concept| https://github.com/Eugeny/russh/security/advisories/GHSA-g9f8-wqj9-fjw5...

CVE-2026-46432

creationtimestamp| type| source ---|---|--- 2026-05-15 09:23:28+00:00| published-proof-of-concept| https://github.com/InternLM/lmdeploy/security/advisories/GHSA-m549-qq94-fvhg...

CVE-2026-45306

creationtimestamp| type| source ---|---|--- 2026-05-14 20:17:27+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-w727-595x-pc3r...

GHSA-8297-V2RF-2P32 vulnerabilities

Vulnerabilities for packages: jenkins...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the chromium/convert/url endpoint due to insufficient validation of redirect destinations against the deny-list. An attacker can access internal network resources and sensitive endpoints by supplying ...