CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1587 matches found

[SECURITY] Fedora 43 Update: cockpit-362-1.fc43

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

8CVSS5.8AI score0.00275EPSS

Exploits0

Mageia•added 3 days ago•8 views

Updated tar packages fix security vulnerability

A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files...

5.5CVSS5.7AI score0.00028EPSS

Exploits1References4

OSV•added 3 days ago•4 views

MGASA-2026-0168 Updated tar packages fix security vulnerability

5.5CVSS5.8AI score0.00028EPSS

Exploits1References5

IBM Security Bulletins•added 4 days ago•10 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539

Summary IBM Maximo Application Suite - Visual Inspection component uses pygments-2.19.2-py3-none-any.whl which is vulnerable to CVE-2026-4539 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-4539 DESCRIPTION: A security fla...

4.8CVSS5.4AI score0.00007EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 4 days ago•9 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907

Summary IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before...

9.3CVSS5.8AI score0.00018EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 4 days ago•8 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses follow-redirects-1.15.11.tgz which is vulnerable to CVE-2026-40895

Summary IBM Maximo Application Suite - Visual Inspection component uses follow-redirects-1.15.11.tgz which is vulnerable to CVE-2026-40895, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects ...

7.5CVSS5.8AI score0.00058EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 4 days ago•5 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses brace-expansion-1.1.12.tgz, brace-expansion-5.0.4.tgz which is vulnerable to CVE-2026-33750

Summary IBM Maximo Application Suite - Visual Inspection component uses brace-expansion-1.1.12.tgz, brace-expansion-5.0.4.tgz which is vulnerable to CVE-2026-33750, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-33750...

7.5CVSS5.9AI score0.00028EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 4 days ago•6 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses uuid-9.0.1.tgz which is vulnerable to CVE-2026-41988, CVE-2026-41907

9.3CVSS5.8AI score0.00018EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 4 days ago•6 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses dompurify-3.3.2.tgz which is vulnerable to CVE-2026-41238, CVE-2026-41239, CVE-2026-41240

Summary IBM Maximo Application Suite - Visual Inspection component uses dompurify-3.3.2.tgz which is vulnerable to CVE-2026-41238, CVE-2026-41239, CVE-2026-41240 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-41238...

6.9CVSS5.8AI score0.00059EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 4 days ago•7 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses postcss-8.4.49.tgz which is vulnerable to CVE-2026-41305

Summary IBM Maximo Application Suite - Visual Inspection component uses postcss-8.4.49.tgz which is vulnerable to CVE-2026-41305, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-41305 DESCRIPTION: PostCSS takes a CSS file an...

6.1CVSS5.8AI score0.00011EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 4 days ago•6 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses lxml-6.0.0-cp311-cp311-manylinux_2_27_x86_64.manylinux_2_28_x86_64.whl which is vulnerable to CVE-2026-41066

Summary IBM Maximo Application Suite - Visual Inspection component uses lxml-6.0.0-cp311-cp311-manylinux227x8664.manylinux228x8664.whl which is vulnerable to CVE-2026-41066, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details...

7.5CVSS5.8AI score0.00044EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 4 days ago•7 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses axios-1.15.0.tgz which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite - Visual Inspection component uses axios-1.15.0.tgz which is vulnerable to multiple CVEs CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042,...

10CVSS5.9AI score0.00148EPSS

Exploits12Affected Software1

Positive Technologies•added 2026/05/28 12:0 a.m.•4 views

PT-2026-44380

CVE-2026-9016 Debug Log Manager - Conveniently Monitor and Inspect Errors Contributors https://t.co/uYSze22kZu...

5.8AI score

Exploits0References1

Github Security Blog•added 2026/05/27 7:58 p.m.•7 views

CrowdSec AppSec silently drops request body for chunked / HTTP-2 requests

Summary The CrowdSec AppSec component fails to read the HTTP request body for any request whose Content-Length is not positive — most notably HTTP/1.1 requests using Transfer-Encoding: chunked and HTTP/2 requests sent without a content-length header. Coraza is then evaluated against an empty body...

5.9AI score

Exploits0References2Affected Software1

IBM Security Bulletins•added 2026/05/27 3:2 p.m.•9 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses picomatch-2.3.1.tgz, picomatch-4.0.3.tgz which is vulnerable to CVE-2026-33671, CVE-2026-33672

Summary IBM Maximo Application Suite - Visual Inspection component uses picomatch-2.3.1.tgz, picomatch-4.0.3.tgz which is vulnerable to CVE-2026-33671, CVE-2026-33672 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-33671...

7.5CVSS6.1AI score0.00059EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2026/05/27 3:1 p.m.•8 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pillow-11.3.0 which is vulnerable to CVE-2026-25990

Summary IBM Maximo Application Suite - Visual Inspection component uses pillow-11.3.0 which is vulnerable to CVE-2026-25990, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-25990 DESCRIPTION: Pillow is a Python imaging...

8.6CVSS6.7AI score0.00014EPSS

Exploits1Affected Software1

Positive Technologies•added 2026/05/27 12:0 a.m.•8 views

PT-2026-44131

7.2CVSS5.9AI score

Exploits0References3

EUVD•added 2026/05/26 8:1 p.m.•7 views

EUVD-2026-31981

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the Spindle extension build pipeline calls bun install without the --ignore-scripts flag before running the static backend safety scan assertSafeBackendBundle. A malicious extension that ships a package.json with a preinstall,...

9.1CVSS6.2AI score0.00095EPSS

Exploits0References1

Fedora•added 2026/05/21 11:21 p.m.•9 views

[SECURITY] Fedora 44 Update: cockpit-362-1.fc44

8CVSS7AI score0.00275EPSS

Exploits0

ATTACKERKB•added 2026/05/21 12:38 a.m.•7 views

CVE-2026-48172

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation possibly to root, as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpaneljsonapifunc=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2/dev/null in Bash. If you get no output,...

10CVSS5.8AI score0.07956EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by