CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/01/22 12:0 a.m.•4 views

PT-2026-3988

Name of the Vulnerable Software and Affected Versions Mikado-Themes Depot versions prior to 1.17 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local File Inclusio...

5.3AI score0.00504EPSS

Tenable Nessus•added 2026/01/22 12:0 a.m.•7 views

Azure Linux 3.0 Security Update: ansible (CVE-2024-8775)

The version of ansible installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-8775 advisory. - A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in...

5.5CVSS5.7AI score0.00269EPSS

Positive Technologies•added 2026/01/22 12:0 a.m.•6 views

PT-2026-4125

Name of the Vulnerable Software and Affected Versions Pippo versions through 1.2.3 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local files...

5.3AI score0.00403EPSS

Positive Technologies•added 2026/01/22 12:0 a.m.•4 views

PT-2026-4159

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Piqes piqes allows PHP Local File Inclusion.This issue affects Piqes: from n/a through = 1.0.11...

5.5AI score0.00512EPSS

Positive Technologies•added 2026/01/22 12:0 a.m.•5 views

PT-2026-4248

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This issue affects Gyan Elements: from n/a through = 2.2.1...

5.5AI score0.00384EPSS

Positive Technologies•added 2026/01/22 12:0 a.m.•3 views

PT-2026-4138

Name of the Vulnerable Software and Affected Versions Edge-Themes Overworld versions through 1.3 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Remote File Inclusion issue. This allows for PHP Local File...

5.3AI score0.00403EPSS

Positive Technologies•added 2026/01/22 12:0 a.m.•5 views

PT-2026-4153

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Indoor Plants indoor-plants allows PHP Local File Inclusion.This issue affects Indoor Plants: from n/a through = 1.2.7...

5.5AI score0.00512EPSS

Positive Technologies•added 2026/01/22 12:0 a.m.•8 views

PT-2026-4131

Name of the Vulnerable Software and Affected Versions goalthemes Rashy versions through 1.1.3 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local file...

5.3AI score0.00403EPSS

Tenable Nessus•added 2026/01/20 12:0 a.m.•7 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : Apache HTTP Server vulnerabilities (USN-7968-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7968-1 advisory. It was discovered that the Apache HTTP Server incorrectly handled failed ACME certificate renewals. This could result in renewal...

8.3CVSS7.8AI score0.015EPSS

Exploits0References5

OSV•added 2026/01/15 3:15 p.m.•4 views

AZL-74786 CVE-2026-0989 affecting package libxml2 2.11.5-9

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

3.7CVSS5.8AI score0.0039EPSS

Exploits0References1

OSV•added 2026/01/15 3:15 p.m.•3 views

AZL-74775 CVE-2026-0989 affecting package libxml2 2.10.4-11

3.7CVSS5.7AI score0.0039EPSS

Exploits0References1

UbuntuCve•added 2026/01/15 3:15 p.m.•1 views

CVE-2026-0989

3.7CVSS5.9AI score0.0039EPSS

Cvelist•added 2026/01/15 2:20 p.m.•18 views

CVE-2026-0989 Libxml2: unbounded relaxng include recursion leading to stack overflow

3.7CVSS0.0039EPSS

CVE•added 2026/01/15 2:20 p.m.•45 views

CVE-2026-0989

CVE-2026-0989 concerns a flaw in the RelaxNG parser in libxml2 where external schema inclusions can cause unbounded recursion, leading to stack exhaustion and denial-of-service crashes. The connected documents confirm this issue across multiple distributions (e.g., Amazon Linux 2/ALAS advisories,...

3.7CVSS6.2AI score0.0039EPSS

Vulnrichment•added 2026/01/15 2:20 p.m.•5 views

CVE-2026-0989 Libxml2: unbounded relaxng include recursion leading to stack overflow

3.7CVSS6.2AI score0.0039EPSS

RedhatCVE•added 2026/01/15 2:20 p.m.•4 views

CVE-2026-0989

3.7CVSS6.6AI score0.0039EPSS

Tenable Nessus•added 2026/01/15 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-0989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion...

3.7CVSS5.4AI score0.0039EPSS

Tenable Nessus•added 2026/01/13 12:0 a.m.•2 views

MiracleLinux 9 : libxml2-2.9.13-6.el9_5.1 (AXSA:2025-9658:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9658:01 advisory. libxml: use-after-free in xmlXIncludeAddNode CVE-2022-49043 Tenable has extracted the preceding description block directly from the MiracleLinux security...

8.1CVSS7AI score0.00257EPSS