Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

129 matches found

AstraLinux
AstraLinuxadded 6 days ago3 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: Kyber: An out-of-bounds access occurred when the thread was preempted. The function blkmqschedbiomerge retrieves the ctx and hctx for the current CPU and passes the hctx to -biomerge. The function kyberbiomerge then retrieves the...

7.8CVSS6.2AI score0.00256EPSS
Exploits0References2
vulnersOsv
vulnersOsvadded 2026/06/04 12:0 p.m.5 views

ate (>=0.1.0 <=0.8.0), ate-auth (>=1.1.0 <=1.6.0) +19 more potentially affected by unknown CVE via pqcrypto-falcon (>=0.2.10 <=0.4.1)

pqcrypto-falcon CARGO version =0.2.10, =0.1.0, =1.1.0, =1.0.0, =1.1.0, =0.1.4, =0.1.1, =0.1.0, =0.1.1, =0.1.0, =0.12.2, =0.1.0, =0.1.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0165...

5.5AI score
Exploits0
vulnersOsv
vulnersOsvadded 2026/06/04 12:0 p.m.4 views

ate (>=0.1.0 <=0.8.0), ate-auth (>=1.1.0 <=1.6.0) +73 more potentially affected by unknown CVE via pqcrypto-traits (>=0.1.1 <=0.3.5)

pqcrypto-traits CARGO version =0.1.1, =0.1.0, =1.1.0, =1.0.0, =1.1.0, =2.0.0, =0.1.2-alpha, =0.1.4, =0.1.1, =0.1.0, =0.1.1, =0.1.0, =0.1.2 - envencryptiontool =0.9.17 - ever-crypto =0.1.0 - hanzo-agentic =1.1.21 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0162...

5.5AI score
Exploits0
OSV
OSVadded 2026/05/19 5:23 p.m.8 views

SUSE-SU-2026:21824-1 Security update for leancrypto

This update for leancrypto fixes the following issues Security issue: - CVE-2026-34610: The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when stori...

5.9CVSS5.9AI score0.00162EPSS
Exploits0References6
OSV
OSVadded 2026/05/19 5:23 p.m.5 views

SUSE-SU-2026:21754-1 Security update for leancrypto

This update for leancrypto fixes the following issues Security issue: - CVE-2026-34610: The leancrypto library is a cryptographic library that exclusively contains only PQC-resistant cryptographic algorithms. Prior to version 1.7.1, lcx509extractnamesegment casts sizet vlen to uint8t when stori...

5.9CVSS5.9AI score0.00162EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2026/05/19 1:24 p.m.9 views

p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters

A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...

7.5CVSS5.8AI score0.01129EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/05/19 9:6 a.m.9 views

p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters

A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...

7.5CVSS5.8AI score0.01129EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2026/04/22 12:0 a.m.4 views

openSUSE 16 : Feature update for libgcrypt, libgpg-error (SUSE-SU-openSUSE-FU-2026:20562-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU- openSUSE-FU-2026:20562-1 advisory. Update libgcrypt to 1.12.1 jscPED-15059: New and extended interfaces: - Allow access to the FIPS service indicator via the new...

5.9CVSS6.7AI score0.01114EPSS
Exploits0References2
Rapid7 Blog
Rapid7 Blogadded 2026/04/21 2:38 p.m.11 views

Kyber Ransomware Double Trouble: Windows and ESXi Attacks Explained

Overview For executive leadership, the emergence of Kyber ransomware represents a significant and immediate threat due to its specialized, dual-platform deployment capability targeting mission-critical virtualization infrastructure VMware ESXi and core Windows file systems. This cross-platform...

6.1AI score
Exploits0
NVD
NVDadded 2026/04/10 12:16 a.m.9 views

CVE-2026-5460

A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography PQC hybrid KeyShare processing. In the error handling path of TLSXKeyShareProcessPqcHybridClient in src/tls.c, the inner function TLSXKeyShareProcessPqcClientex frees a KyberKey object upon encountering an error. The call...

6.5CVSS0.00275EPSS
Exploits0References1
OSV
OSVadded 2026/04/10 12:16 a.m.2 views

DEBIAN-CVE-2026-5460

A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography PQC hybrid KeyShare processing. In the error handling path of TLSXKeyShareProcessPqcHybridClient in src/tls.c, the inner function TLSXKeyShareProcessPqcClientex frees a KyberKey object upon encountering an error. The call...

6.5CVSS5.4AI score0.00275EPSS
Exploits0References1
UbuntuCve
UbuntuCveadded 2026/04/10 12:0 a.m.1 views

CVE-2026-5460

A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography PQC hybrid KeyShare processing. In the error handling path of TLSXKeyShareProcessPqcHybridClient in src/tls.c, the inner function TLSXKeyShareProcessPqcClientex frees a KyberKey object upon encountering an error. The call...

6.5CVSS5.8AI score0.00275EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/04/10 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-5460

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography PQC hybrid KeyShare processing. In the error handling path of...

6.5CVSS5.5AI score0.00275EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/04/09 11:29 p.m.2 views

CVE-2026-5460 Heap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.3

A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography PQC hybrid KeyShare processing. In the error handling path of TLSXKeyShareProcessPqcHybridClient in src/tls.c, the inner function TLSXKeyShareProcessPqcClientex frees a KyberKey object upon encountering an error. The call...

6.3CVSS5.8AI score0.00275EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2026/04/09 11:29 p.m.2 views

CVE-2026-5460

A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography PQC hybrid KeyShare processing. In the error handling path of TLSXKeyShareProcessPqcHybridClient in src/tls.c, the inner function TLSXKeyShareProcessPqcClientex frees a KyberKey object upon encountering an error. The call...

6.5CVSS5.4AI score0.00275EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/04/09 11:29 p.m.4 views

CVE-2026-5460

A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography PQC hybrid KeyShare processing. In the error handling path of TLSXKeyShareProcessPqcHybridClient in src/tls.c, the inner function TLSXKeyShareProcessPqcClientex frees a KyberKey object upon encountering an error. The call...

6.3CVSS5.9AI score0.00275EPSS
Exploits0References2
AlpineLinux
AlpineLinuxadded 2026/04/09 11:29 p.m.8 views

CVE-2026-5460

A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography PQC hybrid KeyShare processing. In the error handling path of TLSXKeyShareProcessPqcHybridClient in src/tls.c, the inner function TLSXKeyShareProcessPqcClientex frees a KyberKey object upon encountering an error. The call...

6.5CVSS5.4AI score0.00275EPSS
Exploits0
CVE
CVEadded 2026/04/09 11:29 p.m.21 views

CVE-2026-5460

Vulnerability summary (CVE-2026-5460) : A heap use-after-free exists in wolfSSL’s TLS 1.3 post-quantum cryptography (PQC) hybrid KeyShare processing. In the error path of TLSX_KeyShare_ProcessPqcHybridClient() (src/tls.c), TLSX_KeyShare_ProcessPqcClient_ex() frees a KyberKey object on error. The ...

6.5CVSS5.9AI score0.00275EPSS
Exploits0References1Affected Software1
EUVD
EUVDadded 2026/03/26 9:31 p.m.6 views

EUVD-2026-16336

A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...

5.3CVSS5.8AI score0.01129EPSS
Exploits0References3
NVD
NVDadded 2026/03/26 9:17 p.m.2 views

CVE-2026-2100

A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...

7.5CVSS0.01129EPSS
Exploits0References9
Rows per page
Query Builder