CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Wolfi•added 2026/05/06 1:48 p.m.•5 views

CVE-2026-41898 vulnerabilities

Vulnerabilities for packages: sqlx, sdp-k8s-injector, vector, deno, rpm-sequoia, rustup, sccache...

9.8CVSS5.4AI score0.00063EPSS

Chainguard•added 2026/04/23 7:27 p.m.•4 views

CVE-2026-41678 vulnerabilities

9.8CVSS5.4AI score0.00065EPSS

GHSA-PQF5-4PQQ-29F5 vulnerabilities

GHSA-XMGF-HQ76-4VX2 vulnerabilities

Chainguard•added 2026/04/23 7:27 p.m.•4 views

CVE-2026-41681 vulnerabilities

9.8CVSS5.4AI score0.00062EPSS

Chainguard•added 2026/04/23 7:27 p.m.•2 views

GHSA-8C75-8MHR-P7R9 vulnerabilities

GHSA-HPPC-G8H3-XHP3 vulnerabilities

Chainguard•added 2026/04/23 7:27 p.m.•4 views

CVE-2026-41677 vulnerabilities

9.1CVSS5.4AI score0.00158EPSS

Chainguard•added 2026/04/23 7:27 p.m.•2 views

CVE-2026-41676 vulnerabilities

9.8CVSS5.4AI score0.00066EPSS

GHSA-GHM9-CR32-G9QJ vulnerabilities

Github Security Blog•added 2026/04/17 10:21 p.m.•4 views

OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR

Summary A flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and OBI is running with elevated privileges. The injector trusted TMPDIR from the target process and used unsafe file creation...

8.4CVSS5.9AI score0.00021EPSS

Exploits1References4Affected Software1

Rapid7 Blog•added 2026/03/27 8:48 p.m.•5 views

Metasploit Wrap-Up 03/27/2026

Better NTLM Relaying Functionality This week’s release brings an improvement to the SMB NTLM relay server. In the past, it’s support has been expanded with modules for relaying to HTTP ESC8, MSSQL and LDAP while still receiving connections over the humble SMB service. Prior to this release, clien...

9.8CVSS7.3AI score0.0007EPSS

NVD•added 2026/03/17 9:16 p.m.•2 views

CVE-2026-2809

Netskope was notified about a potential gap in its Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow a privileged user to trigger an integer overflow within the DLL Injector, leading to a Blue-Screen-of-Death BSOD. Successful...

6.7CVSS0.0002EPSS

Vulnrichment•added 2026/03/17 8:20 p.m.•2 views

CVE-2026-2809 Endpoint DLP Driver DLL

Cvelist•added 2026/03/17 8:20 p.m.•19 views

CVE-2026-2809 Endpoint DLP Driver DLL

6.7CVSS0.0002EPSS

CVE•added 2026/03/17 8:20 p.m.•9 views

CVE-2026-2809

CVE-2026-2809 is reported as a memory-safety bug in the JavaScript: WebAssembly component, per the FreeBSD VUXML entry for Mozilla—Multiple vulnerabilities. The connected document confirms the issue title but provides no product/version specifics or patch details. No exploitation details are prov...

Positive Technologies•added 2026/03/17 12:0 a.m.•2 views

PT-2026-25943

CNNVD•added 2026/03/17 12:0 a.m.•2 views

Exploits0References3

Netskope Endpoint DLP Module 安全漏洞

The Netskope Endpoint DLP Module is a data loss protection module developed by the American company Netskope for endpoint devices. The Netskope Endpoint DLP Module has a security vulnerability, which stems from integer overflow in the DLL injector. This vulnerability could allow privileged users ...