CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 3 days ago•10 views

CVE-2026-12813

Affected software: activepieces (

6.5CVSS6.2AI score0.00201EPSS

AstraLinux•added 5 days ago•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fat: Fixed an uninitialized field in the nostale filehandles. When the fatencodefhnostale function encodes a file handle without a parent handle, it only stores the first 10 bytes of the file handle. However, the length of the fi...

5.5CVSS6AI score0.00257EPSS

AstraLinux•added 5 days ago•8 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: smb/server: Fixed a potential null-ptr-deref of leasectxinfo in smb2open. null-ptr-deref will occur when reqoplevel == SMB2OPLOCKLEVELLEASE and parseleasestate returns NULL. The issue was fixed by checking whether leasectxinfo is...

5.5CVSS6.2AI score0.00236EPSS

AstraLinux•added 5 days ago•4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: In libceph, the error from monhandleauthdone should be returned. Currently, any error from cephauthhandlereplydone is propagated via finishauth, but it is not returned from monhandleauthdone. This results in higher layers...

7.5CVSS5.6AI score0.00268EPSS

AstraLinux•added 5 days ago•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ds90ub9x3: Fix extra fwnodehandleput The ub913 and ub953 drivers call fwnodehandlePUTpriv-sd.fwnode as part of their removal process. If the driver is removed multiple times, it may lead to a “put overflow”, potential...

7.8CVSS6.2AI score0.00187EPSS

AstraLinux•added 5 days ago•3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Added a bounds check for the durable handle context. A missing bounds check was added for the durable handle context...

5.5CVSS6.1AI score0.00165EPSS

AstraLinux•added 5 days ago•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: smb/server: Fixed the refcount leak in parsedurablehandlecontext. When the command is a replay operation and -ENOEXEC is returned, the refcount of ksmbdfile must be released...

5.5CVSS5.2AI score0.00122EPSS

AstraLinux•added 5 days ago•3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs: Relaxing the assertions when encoding file handles fails Encoding file handles is typically performed by a filesystem method called encodefh, which may fail for various reasons. Legacy users of exportfsencodefh—specifically,...

5.5CVSS6AI score0.00201EPSS

NVD•added 5 days ago•10 views

CVE-2026-11576

The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fxfileclose even when the file was never successfully opened. Multiple error branches jump to t...

7.5CVSS0.00263EPSS

Cvelist•added 5 days ago•26 views

CVE-2026-11576

7.5CVSS0.00263EPSS

RedHat Linux•added 2026/06/17 12:5 p.m.•8 views

kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done()

9.8CVSS5.5AI score0.00351EPSS

Github Security Blog•added 2026/06/15 8:37 p.m.•9 views

Tornado: CurlAsyncHTTPClient leaks per-request credentials on handle reuse

CurlAsyncHTTPClient leaks per-request credentials on handle reuse Summary CurlAsyncHTTPClient pools and reuses pycurl handles across requests but does not reset them between requests, and several per-request options are applied with no clearing branch. As a result, sensitive state set by one...

5.4AI score

Exploits0References2Affected Software1

OSV•added 2026/06/15 8:37 p.m.•6 views

GHSA-PW6J-QG29-8W7F Tornado: CurlAsyncHTTPClient leaks per-request credentials on handle reuse

5.9CVSS5.4AI score

Debian CVE•added 2026/06/14 11:40 a.m.•9 views

CVE-2026-11527

Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open of the -file argument in makefilehandle. Config::IniFiles::makefilehandle opens a filename argument with Perl's 2-arg open, so a filename that begins or ends with a pipe "| cmd", "cmd...

8.6CVSS5.5AI score0.00618EPSS

Exploits0

Rockylinux•added 2026/06/12 6:1 p.m.•13 views

kernel-rt security update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

9.8CVSS6.5AI score0.00542EPSS

Exploits0

RedHat Linux•added 2026/06/11 11:46 a.m.•6 views

kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done()

9.8CVSS5.4AI score0.00351EPSS