CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1054 matches found

CVE-2026-54236 vLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via Anthropic router

vLLM is an inference and serving engine for large language models LLMs. Prior to 0.23.1rc0, the fix for CVE-2026-22778, which introduced a sanitizemessage helper that strips object-repr memory addresses from error messages before they reach the client, is incomplete: several response paths echo...

5.3CVSS0.00824EPSS

Exploits1References3

AstraLinux•added 6 days ago•6 views

Astra Linux – Vulnerability in dcmtk

It was discovered that DCMTK v3.6.7 contains a memory leak through the TASCAssociation object...

7.5CVSS6.7AI score0.01568EPSS

Exploits2References2

AstraLinux•added 6 days ago•5 views

Astra Linux – Vulnerability in pillow

In versions 8.2.0 and earlier of Pillow, as well as versions 1.1.7 and earlier of PIL Python Imaging Library, an attacker can pass controlled parameters directly into the convert function, thereby triggering a buffer overflow in Convert.c...

9.8CVSS7.3AI score0.03162EPSS

Exploits0References2

NVD•added 2026/06/17 10:53 a.m.•7 views

CVE-2026-46780

Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise WebCenter Content:...

8.8CVSS0.00402EPSS

Exploits0References1

NVD•added 2026/06/17 10:53 a.m.•7 views

CVE-2026-46783

Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebCenter Content:...

9.8CVSS0.00483EPSS

Exploits0References1

NVD•added 2026/06/17 10:53 a.m.•6 views

CVE-2026-46784

Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebCenter Content:...

9.1CVSS0.00425EPSS

Exploits0References1

OSV•added 2026/06/17 10:8 a.m.•4 views

RHSA-2026:26297 Red Hat Security Advisory: hplip security update

Bulletin has no description...

9.8CVSS4.9AI score0.00739EPSS

Exploits0References12

RedHat Linux•added 2026/06/16 2:42 p.m.•6 views

HPLIP: HPLIP: Privilege escalation and arbitrary code execution via operating system command injection

A flaw was found in the HP Linux Imaging and Printing Software HPLIP. This vulnerability may allow a local attacker to achieve escalation of privileges and/or arbitrary code execution through operating system command injection. This could lead to an attacker gaining unauthorized control over the...

8.5CVSS6.1AI score0.00739EPSS

Exploits0References5

RedHat Linux•added 2026/06/16 2:42 p.m.•5 views

HPLIP: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups

A flaw was found in HP Linux Imaging and Printing Software HPLIP. This vulnerability, caused by an integer overflow in the hpcups processing path, occurs when the software handles specially crafted print data. A successful exploit could lead to arbitrary code execution or escalation of privileges...

9.8CVSS6.1AI score0.00672EPSS

Exploits0References5

RedHat Linux•added 2026/06/16 1:36 p.m.•4 views

HPLIP: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups

9.8CVSS6.1AI score0.00672EPSS

Exploits0References5

RedHat Linux•added 2026/06/16 10:57 a.m.•6 views

HPLIP: HPLIP: Arbitrary code execution and privilege escalation via integer overflow in hpcups

9.8CVSS6.1AI score0.00672EPSS

Exploits0References5

Positive Technologies•added 2026/06/16 12:0 a.m.•16 views

PT-2026-49916

Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware WebCenter Content: Imaging version 12.2.1.4.0 Oracle Fusion Middleware WebCenter Content: Imaging version 14.1.2.0.0 Description An issue in the Core component of WebCenter Content: Imaging allows an unauthenticated...

9.8CVSS5.8AI score0.00483EPSS

Exploits0References4

Positive Technologies•added 2026/06/16 12:0 a.m.•12 views

PT-2026-49917

Name of the Vulnerable Software and Affected Versions WebCenter Content: Imaging version 12.2.1.4.0 WebCenter Content: Imaging version 14.1.2.0.0 Description An issue in the Core component of Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTP to compromise th...

9.1CVSS5.9AI score0.00425EPSS

Exploits0References3

Positive Technologies•added 2026/06/16 12:0 a.m.•8 views

PT-2026-49913

8.8CVSS5.8AI score0.00402EPSS

Exploits0References4

SUSE CVE•added 2026/06/09 2:20 a.m.•9 views

SUSE CVE-2026-48103

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...

7.1CVSS5.4AI score0.00225EPSS

Exploits1References3

RedhatCVE•added 2026/06/08 1:35 p.m.•8 views

CVE-2026-48103

7.1CVSS5.4AI score0.00225EPSS

Exploits1References2

RedhatCVE•added 2026/06/05 7:17 p.m.•7 views

CVE-2026-33350

LORIS Longitudinal Online Research and Imaging System is a self-hosted web application that provides data- and project-management for neuroimaging research. Prior to 27.0.3 and 28.0.1, a SQL injection has been identified in some code sections for the MRI feedback popup window of the imaging...

7.5CVSS5.6AI score0.00246EPSS

Exploits0References1

NVD•added 2026/06/05 5:16 p.m.•15 views

CVE-2026-48103

7.1CVSS0.00225EPSS

Exploits1References1