CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/04/03 11:1 p.m.•3 views

CVE-2026-34119

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP parsing loop when appending segmented request bodies without continuous write‑boundary verification, due to insufficient boundary validation when handling externally supplied HTTP input. An...

7.1CVSS6.2AI score0.00228EPSS

Github Security Blog•added 2026/04/03 9:51 p.m.•6 views

vLLM: Server-Side Request Forgery (SSRF) in `download_bytes_from_url `

Summary A Server Side Request Forgery SSRF vulnerability in downloadbytesfromurl allows any actor who can control batch input JSON to make the vLLM batch runner issue arbitrary HTTP/HTTPS requests from the server, without any URL validation or domain restrictions. This can be used to target...

5.4CVSS6.1AI score0.00246EPSS

Exploits1References5Affected Software1

OSV•added 2026/04/03 9:51 p.m.•4 views

GHSA-PF3H-QJGV-VCPR vLLM: Server-Side Request Forgery (SSRF) in `download_bytes_from_url `

5.4CVSS6.1AI score0.00246EPSS

Exploits1References5

RedhatCVE•added 2026/04/03 5:8 a.m.•7 views

CVE-2025-66485

IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking...

5.4CVSS5.9AI score0.002EPSS

Positive Technologies•added 2026/04/03 12:0 a.m.•11 views

PT-2026-30014

Name of the Vulnerable Software and Affected Versions Ech0 versions prior to 4.2.8 Description Ech0, a self-hosted publishing platform, has an unsafe link preview feature. The GET /api/website/title endpoint is unauthenticated and accepts attacker-controlled URLs. It performs a server-side GET...

7.5CVSS5.9AI score0.00327EPSS

Exploits1References6

OPENSUSE Linux•added 2026/04/03 12:0 a.m.•3 views

Security update for osslsigncode (critical)

openSUSE Security Update: Security update for osslsigncode Announcement ID: openSUSE-SU-2026:0116-1 Rating: critical References: 1260680 Cross-References: CVE-2025-70888 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available. Description: This...

9.8CVSS6.1AI score0.00482EPSS

SUSE CVE•added 2026/04/02 11:26 p.m.•5 views

SUSE CVE-2026-34475

Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...

5.4CVSS5.8AI score0.00202EPSS

Exploits1References3

EUVD•added 2026/04/02 9:32 p.m.•4 views

EUVD-2024-55533

Hirschmann HiEOS devices contain an authentication bypass vulnerability in the HTTPS management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTPS requests. Attackers can exploit improper authentication handling to obtain elevated...

9.8CVSS6AI score0.00456EPSS

OSV•added 2026/04/02 8:36 p.m.•2 views

GHSA-Q2WW-5357-X388 Rack has Content-Length mismatch in Rack::Files error responses

Summary Rack::Filesfail sets the Content-Length response header using Stringsize instead of Stringbytesize. When the response body contains multibyte UTF-8 characters, the declared Content-Length is smaller than the number of bytes actually sent on the wire. Because Rack::Files reflects the...

4.8CVSS5.9AI score0.00147EPSS

Exploits0References4

NVD•added 2026/04/02 8:16 p.m.•3 views

CVE-2024-14034

Hirschmann HiEOS devices versions prior to 01.1.00 contain an authentication bypass vulnerability in the HTTPS management module that allows unauthenticated remote attackers to gain administrative access by sending specially crafted HTTPS requests. Attackers can exploit improper authentication...

9.8CVSS0.00456EPSS

CVE•added 2026/04/02 8:1 p.m.•9 views

CVE-2024-14034

CVE-2024-14034 affects Hirschmann HiEOS devices, featuring an authentication bypass in the HTTP(S) management module. The root cause is improper authentication handling that allows unauthenticated remote attackers to gain administrative access. Impact per sources includes the ability to perform u...

9.8CVSS6AI score0.00456EPSS

Vulnrichment•added 2026/04/02 8:1 p.m.•1 views

CVE-2024-14034 Hirschmann HiEOS Authentication Bypass via HTTP Management Module

9.8CVSS6AI score0.00456EPSS

Metasploit•added 2026/04/02 7:2 p.m.•210 views

HTTPS Fetch, Find Tag Ordinal Stager

Fetch and execute an x86 payload from an HTTPS server. Use an established connection Module Options msf use payload/cmd/windows/https/x86/vncinject/findtag msf payloadfindtag show actions ...actions... msf payloadfindtag set ACTION msf payloadfindtag show options ...show and set options... msf...

Metasploit•added 2026/04/02 7:2 p.m.•195 views

HTTPS Fetch, Bind TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an HTTPS server. Listen for a connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/https/x86/vncinject/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf payloadbindtcpuuid show...

Metasploit•added 2026/04/02 7:2 p.m.•248 views

HTTPS Fetch, Windows Reverse HTTP Stager (wininet)

Fetch and execute an x86 payload from an HTTPS server. Tunnel communication over HTTP Windows wininet Module Options msf use payload/cmd/windows/https/x86/vncinject/reversehttp msf payloadreversehttp show actions ...actions... msf payloadreversehttp set ACTION msf payloadreversehttp show options...

Metasploit•added 2026/04/02 7:2 p.m.•246 views

HTTPS Fetch, Windows Upload/Execute, Reverse UDP Stager with UUID Support

Fetch and execute an x86 payload from an HTTPS server. Uploads an executable and runs it staged. Connect back to the attacker with UUID Support Module Options msf use payload/cmd/windows/https/x86/upexec/reverseudp msf payloadreverseudp show actions ...actions... msf payloadreverseudp set ACTION...