CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

79 matches found

IBM Security Bulletins•added 2026/06/02 3:38 p.m.•5 views

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2026-44664 DESCRIPTION: fast-xml-builder builds XML from JSON. In 1.1.5, the fix for CVE-2026-41650 in fast-xml-parser sanitizes -- sequences in XML comment content using...

6.1CVSS5.9AI score0.00238EPSS

Exploits1Affected Software1

RedHat Linux•added 2026/05/20 3:6 a.m.•10 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

9.8CVSS6AI score0.04938EPSS

Exploits1References26

IBM Security Bulletins•added 2026/04/28 1:6 p.m.•11 views

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Java, JavaScript and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Java, JavaScript and IBM WebSphere Application Server Liberty used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2026-33151 DESCRIPTION: Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. Prio...

9.8CVSS7.4AI score0.00611EPSS

Exploits2Affected Software1

IBM Security Bulletins•added 2026/04/28 1:3 p.m.•1 views

Security Bulletin: IBM Application Modernization Accelerator is affected by multiple vulnerabilities found in Java, JavaScript and IBM WebSphere Application Server Liberty

Summary There are multiple vulnerabilities in Java, JavaScript and IBM WebSphere Application Server Liberty used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2026-33671 DESCRIPTION: Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, an...

9.8CVSS8.9AI score0.00611EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2026/04/20 12:5 p.m.•7 views

Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to multiple vulnerabilities in Node.js

Summary Automation Assets in IBM Cloud Pak for Integration is vulnerable to multiple vulnerabilities in Node.js and LangChain. CVE-2026-2359, CVE-2026-3304, CVE-2026-3520, CVE-2026-29063, CVE-2026-24001, CVE-2025-69873, CVE-2026-31808. The vulnerabilities have been addressed. Vulnerability Detail...

9.8CVSS5.9AI score0.00611EPSS

Exploits3Affected Software1

Circl•added 2026/04/08 4:0 a.m.•3 views

CVE-2026-39987

creationtimestamp| type| source ---|---|--- 2026-04-08 04:00:00+00:00| published-proof-of-concept| https://github.com/marimo-team/marimo/security/advisories/GHSA-2679-6mx9-h9xc 2026-04-09 04:00:00+00:00| exploited|...

9.8CVSS7.3AI score0.95645EPSS

Exploits11References127

CNNVD•added 2026/04/01 12:0 a.m.•1 views

Foxit PDF Reader和Foxit PDF Editor 安全漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have security vulnerabilities. These vulnerabilities stem from JavaScript, which fails to...

7.8CVSS6.1AI score0.00119EPSS

Exploits0References1

Circl•added 2026/03/25 3:0 a.m.•2 views

CVE-2026-21712

creationtimestamp| type| source ---|---|--- 2026-03-25 03:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/node-js-multiple-vulnerabilities20260325 2026-04-09 12:45:08+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mj2tlhrxnc2b...

5.7CVSS6.5AI score0.00325EPSS

Exploits0References2

Mageia•added 2026/03/09 7:19 p.m.•12 views

Updated thunderbird packages fix security vulnerabilities

Incorrect boundary conditions in the WebRTC: Audio/Video component. CVE-2026-2757 Use-after-free in the JavaScript: GC component. CVE-2026-2758 Incorrect boundary conditions in the Graphics: ImageLib component. CVE-2026-2759 Sandbox escape due to incorrect boundary conditions in the Graphics:...

10CVSS5.8AI score0.00622EPSS

Exploits0References3

Tenable Nessus•added 2026/01/20 12:0 a.m.•2 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2026:0153-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0153-1 advisory. MFSA 2026-05 bsc1256340: - CVE-2026-0877: Mitigation bypass in the DOM in Security component -...

9.8CVSS5.8AI score0.0055EPSS

Exploits0References28

Packet Storm News•added 2025/11/30 12:0 a.m.•12 views

Large Language Models Cannot Reliably Detect Vulnerabilities in JavaScript: The First Systematic Benchmark and Evaluation

Researchers have proposed numerous methods to detect vulnerabilities in JavaScript, especially those assisted by Large Language Models LLMs. However, the actual capability of LLMs in JavaScript vulnerability detection remains questionable, necessitating systematic evaluation and comprehensive...

6.8AI score

Exploits0

Tenable Nessus•added 2025/11/20 12:0 a.m.•10 views

TencentOS Server 3: nodejs:20 (TSSA-2024:0765)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0765 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

6.5CVSS6.8AI score0.01104EPSS

Exploits1References5