CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1607 matches found

DEBIAN-CVE-2026-53538

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, QuerystringParser treated ; as a field separator in application/x-www-form-urlencoded bodies, in addition to &. The WHATWG URL standard, modern browsers, and Python's urllib.parse since the CVE-2021-23336 fix treat only...

3.7CVSS5.9AI score0.00176EPSS

Exploits0References1

NVD•added 4 days ago•13 views

CVE-2026-53538

3.7CVSS0.00176EPSS

Exploits0References1

Debian CVE•added 4 days ago•5 views

CVE-2026-53537

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parseoptionsheader parsed Content-Disposition and Content-Type headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax filename=charset'lang'value, name=...,...

3.7CVSS5.9AI score0.00176EPSS

Exploits0

Cvelist•added 4 days ago•32 views

CVE-2026-53538 Python-Multipart: Semicolon treated as querystring field separator enables parameter smuggling

3.7CVSS0.00176EPSS

Exploits0References1

AstraLinux•added last week•7 views

Astra Linux – Vulnerability in Git

Git is a revision control system. Before versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, feeding specially crafted input to git apply --reject could cause a path outside the working tree to be overwritten with partially controlled contents...

7.5CVSS7.3AI score0.52164EPSS

Exploits0References2

NVD•added 2026/06/18 6:16 p.m.•11 views

CVE-2026-48984

pamusb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, the xfree memory release helper in calls free without first zeroing the buffer contents, releasing heap-allocated buffers containing sensitive data — including one-time pad bytes read fr...

4.7CVSS0.00109EPSS

Exploits0References2

Positive Technologies•added 2026/06/18 12:0 a.m.•23 views

PT-2026-50769

Name of the Vulnerable Software and Affected Versions pam usb versions 0.9.1 and earlier Description The xfree memory release helper calls free without zeroing buffer contents first. This results in heap-allocated buffers containing sensitive data, such as one-time pad bytes read from disk, being...

4.7CVSS6AI score0.00109EPSS

Exploits0References7

IBM Security Bulletins•added 2026/06/15 10:3 a.m.•9 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pillow-11.3.0 which is vulnerable to CVE-2026-40192

Summary IBM Maximo Application Suite - Visual Inspection component uses pillow-11.3.0 which is vulnerable to CVE-2026-40192, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-40192 DESCRIPTION: Pillow is a Python imaging...

8.7CVSS7.3AI score0.00485EPSS

Exploits0Affected Software1

RedhatCVE•added 2026/06/05 7:47 p.m.•6 views

CVE-2026-27316

A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection...

2.7CVSS5.5AI score0.00305EPSS

Exploits0References1

RedhatCVE•added 2026/06/05 7:16 p.m.•8 views

CVE-2026-42607

Grav is a file-based Web platform. Prior to 2.0.0-beta.2, an authenticated user with administrative privileges can achieve Remote Code Execution RCE by uploading a specially crafted ZIP file through the "Direct Install" tool. While the system attempts to block direct .php file uploads, it fails t...

9.1CVSS6.1AI score0.03934EPSS

Exploits4References1

Fedora•added 2026/06/05 4:9 a.m.•19 views

[SECURITY] Fedora 43 Update: cockpit-362-1.fc43

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

8CVSS5.8AI score0.01016EPSS

Exploits0

Mageia•added 2026/06/02 5:23 a.m.•12 views

Updated tar packages fix security vulnerability

A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files...

5.5CVSS5.7AI score0.0043EPSS

Exploits1References4

OSV•added 2026/06/02 5:23 a.m.•6 views

MGASA-2026-0168 Updated tar packages fix security vulnerability

5.5CVSS5.8AI score0.0043EPSS

Exploits1References5

IBM Security Bulletins•added 2026/06/01 11:47 a.m.•12 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539

Summary IBM Maximo Application Suite - Visual Inspection component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-4539 DESCRIPTION: A security fla...

4.8CVSS5.4AI score0.00156EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/06/01 11:47 a.m.•13 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907

Summary IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before...

9.3CVSS5.8AI score0.00337EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/06/01 10:47 a.m.•11 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses follow-redirects-1.15.11.tgz which is vulnerable to CVE-2026-40895

Summary IBM Maximo Application Suite - Visual Inspection component uses follow-redirects-1.15.11.tgz which is vulnerable to CVE-2026-40895, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects ...

7.5CVSS5.8AI score0.00296EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/06/01 8:30 a.m.•6 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses brace-expansion-1.1.12.tgz, brace-expansion-5.0.4.tgz which is vulnerable to CVE-2026-33750

Summary IBM Maximo Application Suite - Visual Inspection component uses brace-expansion-1.1.12.tgz, brace-expansion-5.0.4.tgz which is vulnerable to CVE-2026-33750, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-33750...

7.5CVSS5.9AI score0.0043EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/06/01 8:15 a.m.•9 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907

9.3CVSS5.8AI score0.00337EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/06/01 8:14 a.m.•7 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses dompurify-3.3.2.tgz which is vulnerable to CVE-2026-41238, CVE-2026-41239, CVE-2026-41240

Summary IBM Maximo Application Suite - Visual Inspection component uses dompurify-3.3.2.tgz which is vulnerable to CVE-2026-41238, CVE-2026-41239, CVE-2026-41240 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-41238...

6.9CVSS5.8AI score0.00263EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/06/01 8:8 a.m.•8 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses postcss-8.4.49.tgz which is vulnerable to CVE-2026-41305

Summary IBM Maximo Application Suite - Visual Inspection component uses postcss-8.4.49.tgz which is vulnerable to CVE-2026-41305, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-41305 DESCRIPTION: PostCSS takes a CSS file an...

6.1CVSS5.8AI score0.00205EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by