CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

Positive Technologies•added 2026/06/10 12:0 a.m.•11 views

PT-2026-48523

Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description A privilege escalation flaw exists in the Linuxulator, a compatibility layer that allows Linux binaries to run on FreeBSD. A logic bug related to AT SECURE occurs during setuid execution...

5.5AI score

Exploits1References2

FreeBSD Advisory•added 2026/06/09 12:0 a.m.•6 views

FreeBSD-SA-26:30.linux

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:30.linux Security Advisory The FreeBSD Project Topic: Flaw in Linuxulator execution of setugid binaries Category: core Module: linux Announced: 2026-06-09...

6AI score

Exploits1

Positive Technologies•added 2026/06/05 12:0 a.m.•13 views

PT-2026-47061

Excited to share my research was accepted at @BlackHatEvents USA 2026! 🎩 I'll present how I achieved interactive access to users' AI assistants by chaining: 🔓 Prompt injection 🔓 Privilege escalation 🔓 Path traversal 🔓 .toml injection 🔓 and finally an LD PRELOAD exploit The impact: 🚨 CVE-2026-3219...

8.8CVSS5.6AI score0.00293EPSS

Exploits0References3

GithubExploit•added 2026/06/02 11:17 p.m.•76 views

Linux-privesc-PoC

Linux Privilege Escalation PoC Lab Educational disclaimer...

5.8AI score

Exploits0

GithubExploit•added 2026/04/30 2:33 p.m.•103 views

Exploit for CVE-2026-31431

Copy Fail - Defense-in-Depth Primitives for CVE-2026-31431 Ke...

7.8CVSS6.2AI score0.94016EPSS

Exploits227

Positive Technologies•added 2026/04/22 12:0 a.m.•3 views

PT-2026-34502

The printenv utility in uutils coreutils fails to display environment variables containing invalid UTF-8 byte sequences. While POSIX permits arbitrary bytes in environment strings, the uutils implementation silently skips these entries rather than printing the raw bytes. This vulnerability allows...

4.4CVSS5.9AI score0.0017EPSS

Exploits1References4

RedhatCVE•added 2026/04/16 7:22 p.m.•4 views

CVE-2026-39420

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an incomplete sandbox protection mechanism allows an authenticated user with tool execution privileges to escape the LDPRELOAD-based sandbox. By env command the attacker can clear the environment variables and drop...

7.4CVSS6.3AI score0.00485EPSS

Exploits0References1

Vulnrichment•added 2026/04/14 12:17 a.m.•2 views

CVE-2026-39421 MaxKB: Sandbox escape via ctypes and unhooked SYS_pkey_mprotect

MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging Python's ctypes library to execute raw system calls, an authenticated attacker with workspace privileges can bypass the LDPRELOAD-based...

6.3CVSS6.5AI score0.00264EPSS

Exploits0References3

ATTACKERKB•added 2026/04/14 12:13 a.m.•0 views

CVE-2026-39420

6.3CVSS6.3AI score0.00485EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2026/04/14 12:13 a.m.•1 views

CVE-2026-39420 MaxKB: Sandbox escape via LD_PRELOAD bypass

6.3CVSS6.3AI score0.00485EPSS

Exploits0References3

Positive Technologies•added 2026/04/14 12:0 a.m.•3 views

PT-2026-32573

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto with the MSG FASTOPEN flag. This allows authenticated user with tool-editing permissions to reach internal services that are explicitly blocked by th...

5CVSS5.7AI score0.00198EPSS

Exploits0References4

Positive Technologies•added 2026/04/14 12:0 a.m.•2 views

PT-2026-32574

MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an incomplete sandbox protection mechanism allows an authenticated user with tool execution privileges to escape the LD PRELOAD-based sandbox. By env command the attacker can clear the environment variables and drop...

6.3CVSS6.3AI score0.00485EPSS

Exploits0References4

CVE•added 2025/09/19 6:51 p.m.•27 views

CVE-2025-34190

Vasion Print (PrinterLogic) PrinterInstallerClientService is affected by an authentication bypass through LD_PRELOAD hooking of geteuid, enabling local privilege escalation. Affected versions include Virtual Appliance Host prior to 25.1.102 and Application (macOS/Linux client deployments) prior t...

8.5CVSS7AI score0.00403EPSS

Exploits1References4Affected Software2

Snyk•added 2025/07/17 7:8 p.m.•1 views

Untrusted Search Path

Overview Affected versions of this package are vulnerable to Untrusted Search Path though incorrect handling of the OCI hook createContainer during container initialization when enable-cuda-compat is used. An attacker with low privileges in a container can run arbitrary code with higher privilege...

9CVSS7.4AI score0.01399EPSS

Exploits4References2

OSV•added 2024/11/26 12:15 p.m.•2 views

DEBIAN-CVE-2023-1521

On Linux the sccache client can execute arbitrary code with the privileges of a local sccache server, by preloading the code in a shared library passed to LDPRELOAD. If the server is run as root which is the default when installing the snap package https://snapcraft.io/sccache , this means a user...

7.8CVSS5.9AI score0.00359EPSS

Exploits2References1

BDU FSTEC•added 2024/09/17 12:0 a.m.•3 views

The vulnerability of Git servers in Soft Serve mode arises from the lack of measures to neutralize special elements used in the operating system’s command line. This allows attackers to execute arbitrary code.

The vulnerability of the Git server in Soft Serve relates to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially created malware file through t...

8.5CVSS6AI score0.00509EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2024/08/09 12:0 a.m.•3 views

PT-2024-29904 · Litestar · Litestar

Name of the Vulnerable Software and Affected Versions: Litestar versions 2.10.0 and prior Description: The issue is related to Environment Variable injection in Litestar's docs-preview.yml workflow, which may lead to secret exfiltration and repository manipulation. This grants a malicious actor...

8.3CVSS8.2AI score0.00614EPSS

Exploits0References13

Positive Technologies•added 2024/07/24 12:0 a.m.•4 views

PT-2024-6167 · Unknown +2 · Soft Serve +2

Name of the Vulnerable Software and Affected Versions: Soft Serve versions prior to 0.7.5 Description: The issue is related to Soft Serve passing all environment variables given by the client to git subprocesses, including variables that control program execution, such as LD PRELOAD. This can be...

8.6CVSS8.1AI score0.00509EPSS

Exploits0References12

Positive Technologies•added 2023/07/05 12:0 a.m.•6 views

PT-2023-21000 · Pax Technology · Pax Technology A930 Paydroid

Name of the Vulnerable Software and Affected Versions: PAX Technology A930 PayDroid version 7.1.1 Virgo V04.5.02 20220722 Description: The issue allows attackers to compile a malicious shared library and use LD PRELOAD to bypass authorization checks. This can be achieved by utilizing the LD PRELO...

6.7CVSS6.9AI score0.00212EPSS

Exploits0References7

Positive Technologies•added 2023/05/30 12:0 a.m.•8 views

PT-2023-17049 · Sccache +2 · Sccache +2

Name of the Vulnerable Software and Affected Versions: sccache versions prior to 0.4.0 Description: The sccache client can execute arbitrary code with the privileges of a local sccache server by preloading the code in a shared library passed to LD PRELOAD. If the server is run as root, which is t...

8.1CVSS8.5AI score0.1446EPSS

Exploits4References47

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by