CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17801 matches found

RedHat Linux•added 2026/03/02 5:44 a.m.•2 views

firefox: thunderbird: Use-after-free in the JavaScript: GC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript: GC component...

9.8CVSS5.7AI score0.00069EPSS

Exploits0References6

CNVD•added 2026/03/02 12:0 a.m.•1 views

OpenClaw Cross-Site Scripting Vulnerability

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. A cross-site scripting vulnerability exists in OpenClaw. The vulnerability stems from improper escaping of assistant identity information when rendered by Control UI and can be exploited by an attacker to compromise...

5.8CVSS5.6AI score0.00011EPSS

Exploits1References1

EUVD•added 2026/03/01 12:30 a.m.•1 views

EUVD-2026-9107

wpForo Forum 2.4.14 contains a stored cross-site scripting vulnerability that allows authenticated subscribers to upload SVG files as profile avatars through the avatar upload functionality. Attackers upload a crafted SVG containing CSS injection or JavaScript event handlers that execute in the...

6.4CVSS5.8AI score0.00038EPSS

Exploits0References4

OSV•added 2026/02/28 12:47 p.m.•6 views

OESA-2026-1474 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

10CVSS6.2AI score0.00145EPSS

Exploits0References38

OSV•added 2026/02/28 12:46 p.m.•6 views

OESA-2026-1473 firefox security update

10CVSS6.2AI score0.00145EPSS

Exploits0References38

EUVD•added 2026/02/25 4:6 p.m.•2 views

EUVD-2026-8597

Bugsink is vulnerable to Stored XSS via Pygments fallback in stacktrace rendering...

9.3CVSS5.2AI score0.00099EPSS

Exploits1References4

RedHat Linux•added 2026/02/25 3:25 p.m.•1 views

firefox: thunderbird: Use-after-free in the JavaScript: GC component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript: GC component...

9.8CVSS5.7AI score0.00069EPSS

Exploits0References6

RedHat Linux•added 2026/02/25 3:25 p.m.•1 views

firefox: thunderbird: Use-after-free in the JavaScript: WebAssembly component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript: WebAssembly component...

9.8CVSS5.7AI score0.00056EPSS

Exploits0References6

SUSE CVE•added 2026/02/25 12:26 a.m.•1 views

SUSE CVE-2026-2804

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

6.3CVSS5.8AI score0.00013EPSS

Exploits0References3

Tenable Nessus•added 2026/02/25 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-2786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.0002EPSS

Exploits0References2

Packet Storm•added 2026/02/25 12:0 a.m.•97 views

📄 PDF Object Injection Generator

PDF object injection is a vulnerability in applications that dynamically generate PDFs from user input without proper validation or escaping. This proof of concept generates a malicious pdf for testing software such as jsPDF...

5.5AI score

Exploits0

NVD•added 2026/02/24 2:16 p.m.•4 views

CVE-2026-2802

Race condition in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

4.2CVSS0.0003EPSS

Exploits0References3

NVD•added 2026/02/24 2:16 p.m.•2 views

CVE-2026-2804

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

5.4CVSS0.00013EPSS

Exploits0References3

NVD•added 2026/02/24 2:16 p.m.•4 views

CVE-2026-2767

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS0.00056EPSS

Exploits0References5

UbuntuCve•added 2026/02/24 2:16 p.m.•2 views

CVE-2026-2796

JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

9.8CVSS7.5AI score0.00032EPSS

Exploits2References5

UbuntuCve•added 2026/02/24 2:16 p.m.•2 views

CVE-2026-2795

Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

9.8CVSS5.8AI score0.00053EPSS

Exploits0References5

OSV•added 2026/02/24 2:16 p.m.•3 views

UBUNTU-CVE-2026-2767

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00056EPSS

Exploits0References9