CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/01/22 12:0 a.m.•3 views

PT-2026-4155

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Muji muji allows PHP Local File Inclusion.This issue affects Muji: from n/a through = 1.2.0...

5.5AI score0.00066EPSS

Positive Technologies•added 2026/01/22 12:0 a.m.•5 views

PT-2026-4129

Name of the Vulnerable Software and Affected Versions goalthemes Dekoro versions through 1.0.7 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local...

5.3AI score0.00066EPSS

Positive Technologies•added 2026/01/22 12:0 a.m.•2 views

PT-2026-4160

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Pearson Specter pearsonspecter allows PHP Local File Inclusion.This issue affects Pearson Specter: from n/a through = 1.11.3...

5.5AI score0.00066EPSS

Positive Technologies•added 2026/01/22 12:0 a.m.•3 views

PT-2026-4137

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Töbel tobel allows PHP Local File Inclusion.This issue affects Töbel: from n/a through = 1.6...

5.5AI score0.00222EPSS

Positive Technologies•added 2026/01/22 12:0 a.m.•3 views

PT-2026-3988

Name of the Vulnerable Software and Affected Versions Mikado-Themes Depot versions prior to 1.17 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local File Inclusio...

5.3AI score0.00222EPSS

Tenable Nessus•added 2026/01/22 12:0 a.m.•3 views

Azure Linux 3.0 Security Update: ansible (CVE-2024-8775)

The version of ansible installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8775 advisory. - A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in...

5.5CVSS5.7AI score0.00037EPSS

Tenable Nessus•added 2026/01/20 12:0 a.m.•5 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Apache HTTP Server vulnerabilities (USN-7968-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7968-1 advisory. It was discovered that the Apache HTTP Server incorrectly handled failed ACME certificate renewals. This could result in renewal...

8.3CVSS7.8AI score0.00145EPSS

Exploits0References5

OSV•added 2026/01/15 3:15 p.m.•1 views

AZL-74775 CVE-2026-0989 affecting package libxml2 2.10.4-11

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

3.7CVSS5.7AI score0.00024EPSS

OSV•added 2026/01/15 3:15 p.m.•2 views

AZL-74786 CVE-2026-0989 affecting package libxml2 2.11.5-9

3.7CVSS5.8AI score0.00024EPSS

UbuntuCve•added 2026/01/15 3:15 p.m.•1 views

CVE-2026-0989

3.7CVSS5.9AI score0.00024EPSS

Vulnrichment•added 2026/01/15 2:20 p.m.•4 views

CVE-2026-0989 Libxml2: unbounded relaxng include recursion leading to stack overflow

3.7CVSS6.2AI score0.00024EPSS

CVE•added 2026/01/15 2:20 p.m.•28 views

CVE-2026-0989

CVE-2026-0989 concerns a flaw in the RelaxNG parser in libxml2 where external schema inclusions can cause unbounded recursion, leading to stack exhaustion and denial-of-service crashes. The connected documents confirm this issue across multiple distributions (e.g., Amazon Linux 2/ALAS advisories,...

3.7CVSS6.2AI score0.00024EPSS

Cvelist•added 2026/01/15 2:20 p.m.•15 views

CVE-2026-0989 Libxml2: unbounded relaxng include recursion leading to stack overflow

3.7CVSS0.00024EPSS

RedhatCVE•added 2026/01/15 2:20 p.m.•1 views

CVE-2026-0989

3.7CVSS6.6AI score0.00024EPSS

Tenable Nessus•added 2026/01/15 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-0989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion...

3.7CVSS6AI score0.00024EPSS

Tenable Nessus•added 2026/01/13 12:0 a.m.•1 views

MiracleLinux 9 : libxml2-2.9.13-6.el9_5.1 (AXSA:2025-9658:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9658:01 advisory. libxml: use-after-free in xmlXIncludeAddNode CVE-2022-49043 Tenable has extracted the preceding description block directly from the MiracleLinux security...

8.1CVSS7AI score0.00222EPSS

RedhatCVE•added 2026/01/10 5:41 a.m.•0 views

CVE-2025-12550

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jwsthemes OchaHouse ochahouse allows PHP Local File Inclusion.This issue affects OchaHouse: from n/a through = 2.2.8...

8.1CVSS5.9AI score0.00037EPSS

RedhatCVE•added 2026/01/10 5:41 a.m.•1 views

CVE-2025-12549

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magentech Rozy - Flower Shop rozy allows PHP Local File Inclusion.This issue affects Rozy - Flower Shop: from n/a through = 1.2.25...

8.1CVSS5.9AI score0.00037EPSS

RedhatCVE•added 2026/01/10 5:41 a.m.•1 views

CVE-2025-14431

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in THEMELOGI Navian navian allows PHP Local File Inclusion.This issue affects Navian: from n/a through = 1.5.4...

8.1CVSS5.9AI score0.00124EPSS