CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/06/04 12:41 p.m.•9 views

CVE-2025-62338

Technical details are not publicly available in the provided documents. Monitor for updates.

3.3CVSS5.4AI score0.00016EPSS

Vulnrichment•added 2026/06/04 12:41 p.m.•7 views

CVE-2025-62338 HCL BigFix Cloud Lifecycle Management is affected by lack of input validation

HCL BigFix Cloud Lifecycle Management is affected by lack of input validation. This low-level flaw allows unauthorized access and may lead to information exposure...

3.3CVSS5.4AI score0.00016EPSS

Cvelist•added 2026/06/04 12:41 p.m.•34 views

CVE-2025-62338 HCL BigFix Cloud Lifecycle Management is affected by lack of input validation

HCL BigFix Cloud Lifecycle Management is affected by lack of input validation. This low-level flaw allows unauthorized access and may lead to information exposure...

3.3CVSS0.00016EPSS

Packet Storm News•added 2026/06/04 12:0 a.m.•13 views

WebMCP Tool Surface Poisoning: Runtime Manipulation Attacks on LLM Agents

WebMCP is a newly emerging protocol that enables websites to expose tools directly to AI agents, bypassing traditional user interfaces and introducing new security risks. The dynamic exposure of agent-accessible tools in WebMCP expands the attack surface of web sessions, especially when third-par...

5.6AI score

Exploits0

Positive Technologies•added 2026/06/04 12:0 a.m.•10 views

PT-2026-46218

Name of the Vulnerable Software and Affected Versions HCL BigFix Cloud Lifecycle Management affected versions not specified Description Lack of input validation in HCL BigFix Cloud Lifecycle Management may lead to information exposure. This flaw allows unauthorized access to sensitive data...

3.3CVSS5.4AI score0.00016EPSS

Exploits0References5

RedHat Linux•added 2026/06/03 12:10 p.m.•7 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.21 CNF vRAN extras topology aware lifecycle manager update

An update for topology-aware-lifecycle manager is available for Red Hat OpenShift Container Platform 4.21. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the...

9.1CVSS7.3AI score0.0002EPSS

Exploits1References2

Microsoft Secure•added 2026/06/02 5:15 p.m.•12 views

Microsoft Build 2026: Securing code, agents, and models across the development lifecycle

In this article 1. Secure your code 2. Secure your agents 3. Trust agents with your data 4. Secure your models 5. Trust starts with security Today, developers and security teams are caught in growing tension. AI is accelerating development and introducing new issues around insecure code, opaque...

5.9AI score

Exploits0

RedHat Linux•added 2026/06/02 4:12 p.m.•9 views

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

9.8CVSS5.9AI score0.00034EPSS

Exploits0References7

Positive Technologies•added 2026/06/02 12:0 a.m.•5 views

PT-2026-46679

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An object lifecycle issue in Dawn allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape occurs when a process breaks out of its...

9.6CVSS5.8AI score0.04819EPSS

Exploits0References434

Snyk•added 2026/06/01 9:0 p.m.•8 views

Malicious Package

Overview env-config-manager is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between those...

Snyk•added 2026/06/01 9:0 p.m.•4 views

Malicious Package

Overview opensearch-setup is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between those legitima...

Snyk•added 2026/06/01 9:0 p.m.•6 views

Malicious Package

Overview @vpmdhaj/devops-tools is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between those...

Snyk•added 2026/06/01 9:0 p.m.•6 views

Malicious Package

Overview search-cluster-setup is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between those...