CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2 days ago•4 views

EUVD-2026-33777

NVD•added 3 days ago•4 views

CVE-2026-0061

In multiple functions of WindowState.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9CVSS0.00005EPSS

NVD•added 3 days ago•5 views

CVE-2026-0046

6.2CVSS0.00005EPSS

Cvelist•added 3 days ago•23 views

CVE-2026-0061

0.00005EPSS

CVE•added 3 days ago•11 views

CVE-2026-0061

CVE-2026-0061 involves multiple functions of WindowState.java where a tapjacking/overlay condition could trick a user into accepting a permission. The issue allows local privilege escalation with no additional execution privileges and does not require user interaction for exploitation, per the pr...

5.9CVSS5.9AI score0.00005EPSS

Exploits0References1Affected Software1

CVE•added 3 days ago•4 views

CVE-2026-0046

Technical details are not publicly available in the provided connected documents beyond the general CVE-2026-0046 description (InputInterceptor/Letterbox.java, tapjacking/overlay scenario). Monitor for updates.

6.2CVSS5.9AI score0.00005EPSS

Exploits0References1Affected Software1

Cvelist•added 3 days ago•23 views

CVE-2026-0048

In hide of WindowState.java, there is a possible way to trick the user into approving permissions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00006EPSS

ATTACKERKB•added 3 days ago•5 views

CVE-2026-0046

Exploits0References2Affected Software1

RedhatCVE•added 3 days ago•7 views

CVE-2026-23558

A flaw was found in Xen. A race condition exists when a Hardware Virtual Machine HVM or Para-Virtualization Hybrid PVH guest changes its grant table version from v2 to v1 while simultaneously mapping status pages. This can lead to some status pages being freed while still mapped in the guest's...

7.8CVSS5.8AI score0.00012EPSS

Positive Technologies•added 3 days ago•7 views

PT-2026-45571

Positive Technologies•added 3 days ago•7 views

PT-2026-45580

CNNVD•added 3 days ago•3 views

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from the InputInterceptor method in Letterbox.java. This method allows for click hijacking/coverage attacks, potentially leading users to...

6.2CVSS5.8AI score0.00005EPSS

CNNVD•added 6 days ago•3 views

shopper 授权问题漏洞

Shopper is an open-source e-commerce management backend developed by Shopper Labs. Versions of Shopper prior to 2.8.0 had authorization-related vulnerabilities. These vulnerabilities stemmed from two authorization flaws in the team settings system: the mount method in Settings/Team/Index was not...

9.9CVSS5.9AI score0.00032EPSS

Tenable Nessus•added 6 days ago•5 views

SUSE SLES12 Security Update : xen (SUSE-SU-2026:2066-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2066-1 advisory. This update for xen fixes the following issues - CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. -...

7.8CVSS5.9AI score0.00014EPSS

Exploits0References13

Tenable Nessus•added 6 days ago•5 views

SUSE SLES15 Security Update : xen (SUSE-SU-2026:2102-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2102-1 advisory. This update for xen fixes the following issues - CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053...

7.8CVSS5.9AI score0.00014EPSS

Exploits0References13

SUSE Linux•added last week•3 views

Security update for xen

This update for xen fixes the following issues CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. CVE-2026-23558: grant tabl...

7.8CVSS5.8AI score0.00014EPSS

Exploits0References16

OSV•added last week•2 views

SUSE-SU-2026:2102-1 Security update for xen

This update for xen fixes the following issues - CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD-SN-7053 bsc1262428. - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264066. - CVE-2026-23557: Xenstored DoS via XSRESETWATCHES command bsc1262178. - CVE-2026-23558:...

7.8CVSS5.8AI score0.00014EPSS

Exploits0References9

EUVD•added 2026/05/28 3:44 a.m.•5 views

EUVD-2026-32708

A flaw was found in Keycloak's Client Policies, specifically within the org.keycloak.protocol.oidc component. When certain condition providers client-type, client-roles, client-attributes, client-scopes are used to enforce security restrictions, the reject-ropc-grant executor is silently bypassed...

6.5CVSS5.8AI score0.00033EPSS