CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/06/14 7:30 a.m.•9 views

MAL-2026-5761 Malicious code in npm-sandbox-research-d7e8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ff31cbf7e2e36cef422933472638912cd6ee6652ece9b03d11faa98b70d13e9 Package declares a postinstall lifecycle hook "postinstall": "node run.js" that auto-executes on install. The package ships beacon scripts beacon12.j...

5.4AI score

OSV•added 2026/05/26 1:0 a.m.•10 views

MAL-2026-4714 Malicious code in wdb-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05323f987b64131618be124040867a2acb216aef96952a6a3dfc11c615501500 package.json declares "preinstall": "./dist/runtime.node", causing npm to spawn the shipped file as an executable on every install on Linux. Despite...

5.8AI score

Exploits0References3

GithubExploit•added 2026/04/24 9:26 p.m.•169 views

Exploit for Missing Authentication for Critical Function in Frangoteam Fuxa

CVE-2026-25895 — FUXA for code execution within 60 seconds...

9.8CVSS6.3AI score0.02675EPSS

Exploits3

RedhatCVE•added 2026/03/26 3:8 p.m.•4 views

CVE-2026-24097

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 EOL allows authenticated users to enumerate existing hosts by observing different HTTP response codes in agent-receiver/registerexisting endpoint, which could lead to information disclosure...

5.3CVSS5.8AI score0.00237EPSS

RedhatCVE•added 2026/03/26 3:8 p.m.•5 views

CVE-2026-2859

Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 EOL allows unauthenticated users to enumerate existing hosts by observing different HTTP response codes in deployagent endpoint, which could lead to information disclosure...

Tenable Nessus•added 2026/03/18 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-24097

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper permission enforcement in Checkmk versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 EOL allows authenticated users to enumerate existing...

5.3CVSS5.9AI score0.00237EPSS

EUVD•added 2026/03/13 9:31 p.m.•2 views

EUVD-2026-11782

5.3CVSS5.8AI score0.00237EPSS

EUVD•added 2026/03/13 9:31 p.m.•5 views

EUVD-2026-11784

OSV•added 2026/03/13 7:54 p.m.•1 views

CVE-2026-2859

4.3CVSS5.9AI score

NVD•added 2026/03/13 7:54 p.m.•8 views

CVE-2026-2859

6.3CVSS0.0019EPSS

OSV•added 2026/03/13 7:54 p.m.•4 views

CVE-2026-24097

4.3CVSS5.9AI score

NVD•added 2026/03/13 7:54 p.m.•4 views

CVE-2026-24097

5.3CVSS0.00237EPSS

UbuntuCve•added 2026/03/13 7:54 p.m.•2 views

CVE-2026-24097

5.3CVSS5.9AI score0.00237EPSS

UbuntuCve•added 2026/03/13 7:54 p.m.•5 views

CVE-2026-2859

6.3CVSS5.9AI score0.0019EPSS

OSV•added 2026/03/13 7:54 p.m.•2 views

UBUNTU-CVE-2026-24097

5.3CVSS5.8AI score0.00237EPSS

Exploits0References3

OSV•added 2026/03/13 7:54 p.m.•3 views

UBUNTU-CVE-2026-2859

ATTACKERKB•added 2026/03/13 9:40 a.m.•2 views

Exploits0References3

CVE-2026-2859

Exploits0References2Affected Software1

CVE•added 2026/03/13 9:40 a.m.•14 views

CVE-2026-2859

The CVE affects Checkmk deployments, specifically versions 2.4.0 before 2.4.0p23, 2.3.0 before 2.3.0p43, and 2.2.0 (EOL). A vulnerability in the deploy_agent endpoint arises from improper permission enforcement, allowing unauthenticated users to observe different HTTP response codes and enumerate...

Exploits0References1Affected Software1

Vulnrichment•added 2026/03/13 9:40 a.m.•4 views

CVE-2026-2859 Unauthenticated Host Enumeration via Observable Response Discrepancy on Deploy Agent Endpoint