CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

PT-2026-46360

That number got my attention. I've cleaned up enough incidents to know what usually happens when a vulnerability becomes public. Attackers don't wait. Right now there are 145 WordPress plugins/themes with publicly disclosed vulnerabilities that still have no available fix. If you're running any o...

Positive Technologies•added 2 days ago•7 views

PT-2026-46331

Positive Technologies•added 2 days ago•7 views

PT-2026-46333

Positive Technologies•added 2 days ago•9 views

PT-2026-46320

PT-2026-46369

PT-2026-46349

PT-2026-46365

Positive Technologies•added 2 days ago•7 views

PT-2026-46351

PT-2026-46339

Positive Technologies•added 2 days ago•8 views

PT-2026-46353

EUVD•added 2026/05/27 3:33 p.m.•12 views

EUVD-2026-32251

In the Linux kernel, the following vulnerability has been resolved: bpf: Return proper address for non-zero offsets in insn array The mapdirectvalueaddr function of the instruction array map incorrectly adds offset to the resulting address. This is a bug, because later the resolvepseudoldimm64...

5.8AI score0.00024EPSS

The Hacker News•added 2026/05/27 11:45 a.m.•12 views

3 SOC Steps that Shut Down Incident Risks Early

Most organizations still picture cyber defense as a fortress problem: build stronger walls, add more guards, buy another detection engine. But modern incidents rarely crash through the front gate. They drift in disguised as routine activity, hide inside legitimate processes, and quietly accumulat...

6AI score

Exploits0

Github Security Blog•added 2026/05/21 8:39 p.m.•10 views

NocoDB: Stale Auth Cache After API Token Deletion

Summary Deleted API tokens continued to authenticate requests until their cache entry expired, because the auth cache was not invalidated by token value at deletion time. Details The API token deletion path removed the database row but did not evict the token-value keyed entry from the auth cache...

5.7AI score

Exploits0References2Affected Software1

OSV•added 2026/05/21 8:39 p.m.•3 views

GHSA-F76X-F9VJ-92JV NocoDB: Stale Auth Cache After API Token Deletion

2.3CVSS5.7AI score

Exploits0References2

Positive Technologies•added 2026/05/21 12:0 a.m.•6 views

PT-2026-42680

2.3CVSS5.7AI score

Positive Technologies•added 2026/05/21 12:0 a.m.•3 views

PT-2026-42622

2.3CVSS5.7AI score

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a combination of JIT blinding and pointers to bpf subprogs. The combination of JIT blinding and pointers to bpf subprogs causes the following issue: 36.989548 BUG: Unable to handle a page fault for address:...

5.5CVSS6.4AI score0.00112EPSS

Exploits0References2

OSV•added 2026/05/11 2:50 p.m.•0 views

GHSA-W94C-4VHP-22GX @vitejs/plugin-rsc has a Denial of Service Vulnerability in React Server Components

Impact @vitejs/plugin-rsc vendors react-server-dom-webpack, which contained a vulnerability in versions prior to 19.2.6. See details in React repository's advisory https://github.com/facebook/react/security/advisories/GHSA-rv78-f8rc-xrxh Patches Upgrade immediately to @vitejs/[email protected] or...

7.5CVSS5.8AI score0.00338EPSS

Exploits1References4

SUSE CVE•added 2026/05/05 1:45 a.m.•5 views

SUSE CVE-2026-43024

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject immediate NFQUEUE verdict nftqueue is always used from userspace nftables to deliver the NFQUEUE verdict. Immediately emitting an NFQUEUE verdict is never used by the userspace nft tools, so reject...

5.5CVSS5.7AI score0.00015EPSS