CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/03 11:59 p.m.•6 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: cifs: Fixed a mid leak that occurred during reconnection after a timeout threshold. When the number of responses with the status STATUSIOTIMEOUT exceeds a specified threshold NUMSTATUSIOTIMEOUT, we reconnect the connection...

5.5CVSS5.2AI score0.00133EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•7 views

Astra Linux – Vulnerability in Firefox

Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight, and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 106. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execut...

8.8CVSS8.3AI score0.00568EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•6 views

Astra Linux – Vulnerability in pcre2

A out-of-bounds read was discovered in PCRE before version 10.34, where the pattern \X was JIT-compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, as it could allow an attacker to cause the...

7.5CVSS6.2AI score0.01522EPSS

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: netfilter: Bridge: Multicast packets must be confirmed before being passed up the stack. The conntrack/nfconfirm logic does not handle cloned skb objects that reference the same nfct entry. This issue occurs when dealing with...

4.7CVSS5.7AI score0.00169EPSS

GithubExploit•added 2026/05/03 6:21 p.m.•84 views

linux-copy-fail-exploit

CVE-2026-31431 Copy Fail - LPE Exploit PoC !Pythonhttps:...

7.8CVSS6AI score0.94016EPSS

GithubExploit•added 2026/05/02 2:31 p.m.•100 views

linux-copy-fail-exploit

CVE-2026-31431 Copy Fail - LPE Exploit PoC !Pythonhttps:...

7.8CVSS6.3AI score0.94016EPSS

GithubExploit•added 2026/05/02 8:10 a.m.•75 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 "Copy Fail" Proof-of-concept exploit and analy...

7.8CVSS6.1AI score0.94016EPSS

OSV•added 2026/05/02 1:15 a.m.•4 views

CLSA-2026-1777454193 pcre2: Fix of 2 CVEs

CVE-2022-1586: fix out-of-bounds read in JIT compilexclassmatchingpath - CVE-2022-41409: diagnose negative repeat value in pcre2test...

9.1CVSS6.8AI score0.02993EPSS

Exploits1References1

CNNVD•added 2026/05/02 12:0 a.m.•8 views

WordPress plugin Geo Mashup SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.5CVSS6AI score0.00311EPSS

Tenable Nessus•added 2026/05/02 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2026-31773

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smprandom currently labels the stored STK as authenticat...

8.8CVSS5.8AI score0.00282EPSS

Exploits0References3

OSV•added 2026/05/01 9:3 p.m.•5 views

MAL-2026-3220 Malicious code in py-clob-clients (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7136140b365c314a42f5efe300779f093c40a41fb5c2258c7f5ff05c88eba2f8 Package exfiltrates env variables from .env files. It's a typosquatting of a legitimate package and is used in a malicious GitHub repository --- Category:...

5.9AI score

RedhatCVE•added 2026/05/01 8:39 p.m.•2 views

CVE-2026-31718

A flaw was found in ksmbd, the in-kernel SMB3 server for Linux. This vulnerability arises from an asymmetric cleanup process when a durable file handle survives a session disconnect. Specifically, byte-range locks are not properly cleared, leading to a 'use-after-free' error when the durable...

9.8CVSS6AI score0.00356EPSS

Exploits0References4

OSV•added 2026/05/01 6:27 p.m.•4 views

ECHO-0CD6-AF83-18F8

Bulletin has no description...

5.5CVSS5.7AI score0.00114EPSS

OSV•added 2026/05/01 6:23 p.m.•3 views

ECHO-D789-EF1C-1FDD

Bulletin has no description...

7.8CVSS5.7AI score0.00096EPSS

GithubExploit•added 2026/05/01 5:13 p.m.•63 views

Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel

CVE-2026-31431 — Copy Fail Linux Privilege Escalation Ov...

7.8CVSS6.2AI score0.94016EPSS