Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

537 matches found

OSV
OSVadded 3 days ago3 views

MAL-2026-5140 Malicious code in @redhat-cloud-services/hcc-pf-mcp (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

5.9AI score
Exploits0References1
Debian
Debianadded 2026/05/28 4:3 p.m.9 views

[SECURITY] [DSA 6307-1] kitty security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6307-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso May 28, 2026 https://www.debian.org/security/faq -...

9.9CVSS6.2AI score0.00062EPSS
Exploits2
Tenable Nessus
Tenable Nessusadded 2026/05/28 12:0 a.m.4 views

Debian dsa-6307 : kitty - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6307 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6307-1 [email protected] https://www.debian.org/securit...

9.9CVSS6.2AI score0.00062EPSS
Exploits2References6
Tenable Nessus
Tenable Nessusadded 2026/05/22 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-33633

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kitty is a cross-platform GPU based terminal. Versions 0.46.2 and below contain a heap buffer overflow in loadimagedata that allows any process which can write ...

8.8CVSS6AI score0.00043EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2026/05/22 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-33642

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on...

9.9CVSS5.8AI score0.00062EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2026/05/19 9:11 p.m.5 views

CVE-2026-33642

A flaw was found in Kitty, a cross-platform GPU-based terminal. A remote attacker, by sending specially crafted escape sequences to a Kitty terminal, can exploit an integer wrapping vulnerability in the handlecomposecommand function. This vulnerability allows for out-of-bounds memory access, whic...

9.9CVSS6.2AI score0.00062EPSS
Exploits1References2
NVD
NVDadded 2026/05/19 7:16 p.m.7 views

CVE-2026-33642

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.9CVSS0.00062EPSS
Exploits1References2
OSV
OSVadded 2026/05/19 7:16 p.m.4 views

DEBIAN-CVE-2026-33642

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.8CVSS5.7AI score0.00062EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2026/05/19 7:16 p.m.4 views

CVE-2026-33642

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.9CVSS5.7AI score0.00062EPSS
Exploits1References3
OSV
OSVadded 2026/05/19 7:16 p.m.3 views

UBUNTU-CVE-2026-33642

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.9CVSS5.7AI score0.00062EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2026/05/19 7:10 p.m.3 views

CVE-2026-33633

A flaw was found in Kitty, a cross-platform GPU based terminal. A remote attacker, by sending a specially crafted APC graphics protocol command with a large PNG payload to the terminal's standard input stdin, could trigger a heap buffer overflow in the loadimagedata function. This vulnerability...

8.8CVSS6.3AI score0.00043EPSS
Exploits1References2
NVD
NVDadded 2026/05/19 6:16 p.m.7 views

CVE-2026-33633

Kitty is a cross-platform GPU based terminal. Versions 0.46.2 and below contain a heap buffer overflow in loadimagedata that allows any process which can write to the terminal's stdin to crash kitty immediately. The vulnerability is triggered by a single APC graphics protocol command with a PNG...

8.8CVSS0.00043EPSS
Exploits1References2
OSV
OSVadded 2026/05/19 6:16 p.m.5 views

DEBIAN-CVE-2026-33633

Kitty is a cross-platform GPU based terminal. Versions 0.46.2 and below contain a heap buffer overflow in loadimagedata that allows any process which can write to the terminal's stdin to crash kitty immediately. The vulnerability is triggered by a single APC graphics protocol command with a PNG...

8.8CVSS5.9AI score0.00043EPSS
Exploits1References1
OSV
OSVadded 2026/05/19 6:16 p.m.2 views

UBUNTU-CVE-2026-33633

Kitty is a cross-platform GPU based terminal. Versions 0.46.2 and below contain a heap buffer overflow in loadimagedata that allows any process which can write to the terminal's stdin to crash kitty immediately. The vulnerability is triggered by a single APC graphics protocol command with a PNG...

8.8CVSS5.9AI score0.00043EPSS
Exploits1References4
UbuntuCve
UbuntuCveadded 2026/05/19 6:16 p.m.3 views

CVE-2026-33633

Kitty is a cross-platform GPU based terminal. Versions 0.46.2 and below contain a heap buffer overflow in loadimagedata that allows any process which can write to the terminal's stdin to crash kitty immediately. The vulnerability is triggered by a single APC graphics protocol command with a PNG...

8.8CVSS6AI score0.00043EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2026/05/19 6:4 p.m.8 views

CVE-2026-33642 Kitty has a Heap Buffer Over-Read/Write via Integer Overflow in compose_rectangles Bounds Check

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.9CVSS5.8AI score0.00062EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/05/19 6:4 p.m.28 views

CVE-2026-33642 Kitty has a Heap Buffer Over-Read/Write via Integer Overflow in compose_rectangles Bounds Check

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.9CVSS0.00062EPSS
Exploits1References2
Debian CVE
Debian CVEadded 2026/05/19 6:4 p.m.8 views

CVE-2026-33642

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.9CVSS5.7AI score0.00062EPSS
Exploits1
EUVD
EUVDadded 2026/05/19 6:4 p.m.6 views

EUVD-2026-30968

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.9CVSS5.8AI score0.00062EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/05/19 6:4 p.m.4 views

CVE-2026-33642

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

9.9CVSS5.8AI score0.00062EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder