CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/05/06 4:15 p.m.•6 views

CVE-2026-20035 Cisco Unity Connection Server-Side Request Forgery Vulnerability

A vulnerability in the web UI of Cisco Unity Connection Web Inbox could allow an unauthenticated, remote attacker to conduct SSRF attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by...

7.2CVSS6AI score0.00427EPSS

ATTACKERKB•added 2026/05/06 4:15 p.m.•6 views

CVE-2026-20169

A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to access files and execute commands on a remote router. This vulnerability is due to insufficient input validation of user-supplied data. An...

6.4CVSS5.9AI score0.00205EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/05/06 4:15 p.m.•29 views

CVE-2026-20172 Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability

A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email ECE could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Agent. This...

4.3CVSS0.00125EPSS

EUVD•added 2026/05/06 12:30 p.m.•5 views

EUVD-2026-27754

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate user queue size constraints Add validation to ensure user queue sizes meet hardware requirements: - Size must be a power of two for efficient ring buffer wrapping - Size must be at least AMDGPUGPUPAGESIZE to...

5.8AI score0.00126EPSS

Exploits0References4

SUSE Linux•added 2026/05/06 12:10 p.m.•8 views

Security update for python3

This update for python3 fixes the following issues: CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined can lead to misinterpretation of tar archives bsc1259611. CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF bsc1261969...

9.1CVSS6.7AI score0.00621EPSS

Exploits1References40

Snyk•added 2026/05/06 6:4 a.m.•8 views

Improper Validation of Specified Quantity in Input

Overview exifreader is a Library that parses Exif metadata in images. Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input. A crafted image containing an ICC mluc tag can set an attacker-controlled record count together with a zero record size...

8.7CVSS5.8AI score0.00528EPSS

Exploits0References2

NVD•added 2026/05/06 2:16 a.m.•21 views

CVE-2025-71256

In nr modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

NVD•added 2026/05/06 2:16 a.m.•14 views

CVE-2025-71255

In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

7.5CVSS0.00312EPSS

NVD•added 2026/05/06 2:16 a.m.•11 views

CVE-2025-71252

In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

7.5CVSS0.00312EPSS

NVD•added 2026/05/06 2:16 a.m.•10 views

CVE-2025-71253

In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

NVD•added 2026/05/06 2:16 a.m.•10 views

CVE-2025-71254

In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

NVD•added 2026/05/06 2:16 a.m.•12 views

CVE-2025-71251

In IMS, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

ATTACKERKB•added 2026/05/06 1:43 a.m.•6 views

CVE-2025-71256

In nr modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

Cvelist•added 2026/05/06 1:43 a.m.•42 views

Exploits0References2

CVE-2025-71256

In nr modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

EUVD•added 2026/05/06 1:43 a.m.•8 views

EUVD-2025-209657

In nr modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

CVE•added 2026/05/06 1:43 a.m.•10 views

CVE-2025-71256

CVE-2025-71256 affects the nr modem component. The issue is improper input validation that can allow remote denial of service without additional privileges. Attack vector is network with no user interaction; impact is availability degradation (CVE scored with CVSS v3.1 base 7.5, HIGH). Root cause...

Exploits0References1Affected Software1

Vulnrichment•added 2026/05/06 1:43 a.m.•11 views

CVE-2025-71256

In nr modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

CVE•added 2026/05/06 1:43 a.m.•12 views

CVE-2025-71255

Technical details are not publicly available in the provided documents. Monitor for updates from the vendor and CVE databases to confirm affected products, root cause specifics, and remediation.

7.5CVSS6AI score0.00312EPSS

Exploits0References1Affected Software1

EUVD•added 2026/05/06 1:43 a.m.•8 views

EUVD-2025-209655

In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed...

7.5CVSS6AI score0.00312EPSS