CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

944 matches found

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-39832)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-39832 advisory. - When adding a key to a remote agent constraint extensions such as...

9.1CVSS5.8AI score0.00068EPSS

Exploits0References1

NVD•added 2026/05/27 8:16 p.m.•5 views

CVE-2026-47274

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, multiple pamusb helper tools resolved external binaries through the PATH environment variable rather than using absolute paths. An attacker who can influence the process environment during PAM...

6.3CVSS0.0002EPSS

Exploits0References4

ATTACKERKB•added 2026/05/27 8:2 p.m.•4 views

CVE-2026-47274

6.3CVSS5.9AI score0.0002EPSS

Exploits0References5Affected Software1

CVE•added 2026/05/27 8:2 p.m.•7 views

CVE-2026-47274

CVE-2026-47274 affects pam_usb on Linux prior to 0.9.0. The issue stems from several pam_usb helper tools resolving external binaries via PATH instead of absolute paths, enabling a local attacker to substitute malicious binaries when they can influence the process environment during PAM authentic...

6.3CVSS5.9AI score0.0002EPSS

Exploits0References4

EUVD•added 2026/05/27 8:2 p.m.•2 views

EUVD-2026-32651

6.3CVSS5.9AI score0.0002EPSS

Exploits0References4

Vulnrichment•added 2026/05/27 8:2 p.m.•4 views

CVE-2026-47274 pam_usb: Uncontrolled search path in pam_usb tools allows privilege escalation via PATH manipulation

6.3CVSS5.9AI score0.0002EPSS

Exploits0References4

Cvelist•added 2026/05/27 8:2 p.m.•35 views

CVE-2026-47274 pam_usb: Uncontrolled search path in pam_usb tools allows privilege escalation via PATH manipulation

6.3CVSS0.0002EPSS

Exploits0References4

Positive Technologies•added 2026/05/27 12:0 a.m.•2 views

PT-2026-44087

pam usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, multiple pam usb helper tools resolved external binaries through the PATH environment variable rather than using absolute paths. An attacker who can influence the process environment during PAM...

6.3CVSS5.9AI score0.0002EPSS

Exploits0References5

Tenable Nessus•added 2026/05/25 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-39833

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The in-memory keyring returned by NewKeyring silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any...

9.1CVSS5.8AI score0.00042EPSS

Exploits0References3

SUSE CVE•added 2026/05/23 1:29 a.m.•10 views

SUSE CVE-2026-39832

When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...

8.4CVSS5.8AI score0.00068EPSS

Exploits0References3

SUSE CVE•added 2026/05/23 1:29 a.m.•7 views

SUSE CVE-2026-39833

The in-memory keyring returned by NewKeyring silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring now returns an error when...

7.7CVSS5.8AI score0.00042EPSS

Exploits0References3

NVD•added 2026/05/22 4:16 a.m.•7 views

CVE-2026-39832

9.1CVSS0.00068EPSS

Exploits0References4

NVD•added 2026/05/22 4:16 a.m.•7 views

CVE-2026-39833

9.1CVSS0.00042EPSS

Exploits0References5